I'm creating user with group in my busybox Linux machine
addgroup group1
adduser user1 -G group1
after creating 20 users I'm getting error like "adduser: unknown group group1",
cat /etc/group
group1:x:1002:user1,user2,user3,user4,user5,user6,user7,user8,user9,user10,user11,user12,user13,user14,user15,user16,user17,user18,user19,user20
So is there any limit of adding member list in /etc/group?
Which Linux distribution do you actually use ? adduser has a different syntax at least in Ubuntu/Debian by the way I've just made group with 200 user without problem
for i in `seq 1 100`; do echo adduser -G group1 "user$i"|| break ; done
So it seems to me problem is in another place.
Related
How can I check if the current user has all privileges to use useradd and groupadd for creation of users and groups?
I don't want to request root privileges (e.g. requireing to be root or calling sudo) for my bash script unnecessarily. Instead I just want to ensure that the privileges are there to just use those commands.
The commands:
$ ls -l $(which useradd) $(which groupadd)
-rwxr-xr-x 1 root root 93136 Mai 28 2020 /usr/sbin/groupadd
-rwxr-xr-x 1 root root 147160 Mai 28 2020 /usr/sbin/useradd
As useradd and groupadd commands need some extra priviledges to run, you can setup access to sudo for specific commands like useradd and groupadd like below :-
Please go through it once, it will make most of the things clear to you
Controlling Access To sudo
The /etc/sudoers file configures the programs that users can access using sudo, along with whether or not a password will be needed.
The system administrator adds users to this file using the /usr/sbin/visudo command. Each non-comment line in the file has two parts:
A username ("<USER_NAME>"), or a group name ("%<GROUP_NAME>").
A list of machine names where a program may be run, or the keyword ALL. Following an equal sign (=), a list of user identities the command may be run as, enclosed in round brackets (parenthesis); the wildcard ALL may also appear. Finally, a list of applications that may be run as the named users; the keyword ALL is a wildcard.
The following examples should help make this clear:
<USER_NAME> ALL=(ALL) ALL
# User <USER_NAME> can execute any command as any user, but must know the password to the <USER_NAME> account.
<USER_NAME> ALL=(root) shutdown
# User <USER_NAME> can execute only command shutdown, but must know the password to the <USER_NAME> account.
<USER_NAME> ALL=(root) NOPASSWD: /usr/bin/id
# User <USER_NAME> can execute only the application /usr/bin/id; no password will be needed.
<USER_NAME> ALL=() NOPASSWD: /usr/bin/id
# User <USER_NAME> can execute only the application /usr/bin/id; no password will be needed.
Once the system administrator has entered the necessary setup into the /etc/sudoers file, users can safely access privileged system resources and activities like this:
$ sudo useradd username
No awkward quoting on the command line, just prefix the command you want with the word sudo. If you want to run the command as a user other than root, just add the -u username switch:
$ sudo -u <USER_NAME> useradd username
There will be a log entry written to the /var/log/secure file to show who did the deed.
Of course, the sysadmin can configure sudo not to request a password. In this case, the command is immediately executed although the audit trail entry will still be written.
Reference :- Sudo Tutorial
Please reach in the comments section for any help
Will be glad to help !!!
Assuming that you need root or sudo to add new users (same for group), you can check if the user has sudo rights, by checking if he is in the corresponding groups.
getent group sudo // shows all users in groupd sudo
Dont know what system/distro you are on - but on arch for example sudoers are in group wheel...
On Linux debian-linux 5.10.0-6-amd64 #1 SMP Debian 5.10.28-1 (2021-04-09) x86_64 GNU/Linux,
you can try this way in your script.
groupadd 2>/dev/null ; if test $? -eq 2 ; then echo ok ; else echo bad ; fi
If you can access groupadd or useradd, the return value is 2 because there is missings arguments.
If you can't acess groupadd or useradd, the return value is 127.
I'm wondering why I get different results from id and group on one hand, and getent group on the other. Steps to reproduce:
$ sudo usermod -a -G libvirt eric
$ groups
eric adm cdrom sudo dip plugdev lpadmin sambashare
$ id
uid=1000(eric) gid=1000(eric) groups=1000(eric),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),119(lpadmin),128(sambashare)
$ getent group | grep libvirt
libvirt:x:136:eric
libvirt-qemu:x:64055:libvirt-qemu
libvirt-dnsmasq:x:137:
The user eric is clearly a member of libvirt. Why doesn't this show up with id and group? Thanks.
System: Ubuntu Budgie 18.04 4.15.0-34-generic
If I remember correctly, you'd need to either log out and back in or run newgrp libvirt to make the new group ownership effective.
In my project i have to create a group on my centos server and add two users; i do:
sudo groupadd editorial
then i try to add my two users to group like this:
sudo usermod -a -G editorial nginx
sudo usermod -a -G editorial ec2-user
ok, no errors, but when i check my group:
sudo groups editorial
in output i get:
groups: editorial: no such user
why i cannot add my user to group?
Thanks in advance
Your form of the command is wrong. You separate the supplemental groups with commas not whitepsace, man usermod:
-G A list of supplementary groups which the user is also a member of. Each
group is separated from the next by a comma, with no intervening whitespace.
Example:
sudo usermod -a -G editorial,nginx nameofuser
And this questions is somewhat a close call, if you are writing a script to do this, then that is probably OK on StackOverflow, but if this is just a general "How do I use usermod", that should probably go to Super User or Unix & Linux
silly question.. but have you done "$sudo useradd nameofuser" before trying usermod?
I have a .sh file (lets say adduser.sh) that is executed via a cronjob that contains the commands to create an FTP user.
The adduser.sh file looks like so...
#!/bin/bash
mkdir /var/www/vhosts/domain/path;
useradd -d /var/www/vhosts/domain/path -ou <uid> -g <group> -s /bin/false <username>;
echo <password> | passwd <username> --stdin;
Now here is my problem. If I run it directly through SSH using...
sh adduser.sh
...no problems and it works as intended.
But if I let the cronjob run it the directory is created but the user is not added.
What gives?
As it stands, there is an alternative to useradd known as adduser. In Debian or Ubuntu, adduser is a perl script and performs sequential functions like create the user using adduser, assign it to a group, create home directory etc.
As per adduser man page-
adduser and addgroup are friendlier front ends to the low level tools
like useradd, groupadd and usermod programs, by default choosing
Debian policy conformant UID and GID values, creating a home directory
with skeletal configuration, running a custom script, and other
features.
In Fedora, RedHat, and CentOS, adduser is just a symbolic link to useradd.
[root#hobbit ~]# which /usr/sbin/adduser
lrwxrwxrwx 1 root root 7 2012-09-20 20:20 /usr/sbin/adduser -> useradd
If you are on any on the above OS then you can try adduser redirect 2> to a add_user.log file and check the file to see if something goes wrong.
I have resolved this simply adding /usr/bin/ to the useradd function.
#!/bin/bash
mkdir /var/www/vhosts/domain/path;
/usr/bin/useradd -d /var/www/vhosts/domain/path -ou <uid> -g <group> -s /bin/false <username>;
echo <password> | passwd <username> --stdin;
Thanks everyone for helping me get on the right track. Hope this helps someone out there.
R creates a group called staff and I want to be able to update packages without starting R as sudo. So I added myself to staff using:
sudo usermod -G adm,dialout,cdrom,plugdev,lpadmin,admin,sambashare,staff matt
(side question is there a way to add yourself to a group without listing every other group you're a member of?)
If i check /etc/groups i see
staff:x:50:matt
and the same for /etc/shadow
staff:*::matt
however if i run groups or id i'm not a member of staff. Also, I can't make changes to anything in /usr/local/lib/R.
Did you log the "matt" account out and back in after running the sudo usermod command? Changes to the groups a user is in under unix only take affect at login time.
https://superuser.com/questions/272061/reload-a-linux-users-group-assignments-without-logging-out
check that out ~
both
newgrp groupname
OR
su - username
will do the trick well ~
In answer to your side question, yes you can add a user to a group without listing them all. If you run a Debian based system, you can do it with
sudo adduser matt staff
The adduser utility is just a friendly wrapper around useradd/usermod etc.
If you don't have the adduser utility, you can still do it with usermod:
sudo usermod -a -G staff matt
The -a flag means append (as opposed to overwrite).
I know the original question is for Linux but OSX users can do the same with this command:
sudo dseditgroup -o edit -a newusertoadd -t user grouptobeaddedto
Explanation: The operation succeeded - that's why your name appears in the right linux files on /etc/passwd & /etc/group but as soon as you open a new terminal process the bash will be updated with this setting and you can perform id matt as well.
Clarification: You added yourself to additional group so you should have used append option -a (and not editing the all bunch of groups names to your user).
sudo usermod -aG staff matt