Last Updated: 08 Jul 2023

   |   

Author: 65.108.103.96

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
server-tech:centos:adding-a-user [Feb 15, 2009 03:04 AM]
dordal 		server-tech:centos:adding-a-user [Jul 8, 2023 10:59 PM]
65.108.103.96 old revision restored (Jul 8, 2023 08:14 AM)
Line 1: Line 1:
 += Adding a User & Groups in CentOS =
  
 +If you're using command line CentOS, adding a user is a bit complicated. FreeBSD has a nice command line script (''adduser''), but in CentOS:
 +<code>
 + useradd -d /home/bobsmith -s /bin/bash -c "Bob Smith" bobsmith
 + passwd bobsmith
 +</code>
 + 
 +If you want the user account to be created, but not let the user login via the command line, set the shell to ''/bin/false''. If you want to prevent them from logging in at all (even via email, etc., set it to ''/sbin/nologin'')
 +== Adding Groups ==
 +
 +If you want to add a group, the easiest way is to manually modify the ''/etc/group'' file, and copy one of the existing entries. You comma-delimit usernames when adding users to a group; e.g.:
 +<code>
 +users:x:100:dordal,bsmith,bjones
 +</code>
 +== Common Groups ==
 +
 +By default on CentOS, every user is added to a group of their own name. In other words, the user **dordal** is added to the group **dordal**, as the default group. When a user creates files, its with a ''umask'' of ''002'', meaning read/write access for the user + group, and read access for the world. (See ''/etc/bashrc'' for where this is set.)
 +
 +This makes for fairly fine-grained permissions, effectively meaning that any file the user creates is writable by them and only them. That works, but in many cases you may want to have a whole bunch of people be able to write to the same set of files (e.g. everyone in the marketing department can write to a common data store). In this case, you want to put them all in the same group (e.g. 'marketing'), and then:
 +<code>chown -R :marketing myfiles</code>
 +Then you want to say:
 +<code>chmod -R g+s myfiles</code>
 +which  sets the permissions so that any //new// files are created with the same group as the parent folder (e.g. 'marketing'), rather than the group of the user (e.g. 'dordal').