FreeBSD provides a variety of different commands to manage user accounts. The most common commands are summarized below, followed by more detailed examples of their usage.
Command | Summary |
---|---|
adduser(8) | The recommended command-line application for adding new users. |
rmuser(8) | The recommended command-line application for removing users. |
chpass(1) | A flexible tool for changing user database information. |
passwd(1) | The simple command-line tool to change user passwords. |
pw(8) | A powerful and flexible tool for modifying all aspects of user accounts. |
adduser(8) is a simple program for adding new users
When a new user is added, this program automatically updates
/etc/passwd
and
/etc/group
. It also creates a home
directory for the new user, copies in the default
configuration files from /usr/share/skel
, and can
optionally mail the new user a welcome message.
#
adduser
Username: jru
Full name: J. Random User
Uid (Leave empty for default):
Login group [jru]:
Login group is jru. Invite jru into other groups? []: wheel
Login class [default]:
Shell (sh csh tcsh zsh nologin) [sh]: zsh
Home directory [/home/jru]:
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]:
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username : jru
Password : ****
Full Name : J. Random User
Uid : 1001
Class :
Groups : jru wheel
Home : /home/jru
Shell : /usr/local/bin/zsh
Locked : no
OK? (yes/no): yes
adduser: INFO: Successfully added (jru) to the user database.
Add another user? (yes/no): no
Goodbye!
#
Since the password is not echoed when typed, be careful to not mistype the password when creating the user account.
To completely remove a user from the system use rmuser(8). This command performs the following steps:
Removes the user's crontab(1) entry if one exists.
Removes any at(1) jobs belonging to the user.
Kills all processes owned by the user.
Removes the user from the system's local password file.
Removes the user's home directory, if it is owned by the user.
Removes the incoming mail files belonging to the user
from /var/mail
.
Removes all files owned by the user from temporary
file storage areas such as /tmp
.
Finally, removes the username from all groups to which
it belongs in /etc/group
.
If a group becomes empty and the group name is the same as the username, the group is removed. This complements the per-user unique groups created by adduser(8).
rmuser(8) cannot be used to remove superuser accounts since that is almost always an indication of massive destruction.
By default, an interactive mode is used, as shown in the following example.
rmuser
Interactive Account
Removal#
rmuser jru
Matching password entry:
jru:*:1001:1001::0:0:J. Random User:/home/jru:/usr/local/bin/zsh
Is this the entry you wish to remove? y
Remove user's home directory (/home/jru)? y
Updating password file, updating databases, done.
Updating group file: trusted (removing group jru -- personal group is empty) done.
Removing user's incoming mail file /var/mail/jru: done.
Removing files belonging to jru from /tmp: done.
Removing files belonging to jru from /var/tmp: done.
Removing files belonging to jru from /var/tmp/vi.recover: done.
#
chpass(1) can be used to change user database information such as passwords, shells, and personal information.
Only the superuser can change other users' information and passwords with chpass(1).
When passed no options, aside from an optional username, chpass(1) displays an editor containing user information. When the user exists from the editor, the user database is updated with the new information.
You will be asked for your password after exiting the editor if you are not the superuser.
chpass
by
SuperuserA user can change only a small subset of this information, and only for their own user account.
chpass
by Normal
Userchfn(1) and chsh(1) are links to
chpass(1), as are ypchpass(1), ypchfn(1), and
ypchsh(1). NIS support is
automatic, so specifying the yp
before
the command is not necessary. How to configure NIS is
covered in Chapter 29, Network Servers.
passwd(1) is the usual way to change your own password as a user, or another user's password as the superuser.
To prevent accidental or unauthorized changes, the user must enter their original password before a new password can be set. This is not the case when the superuser changes a user's password.
%
passwd
Changing local password for jru.
Old password:
New password:
Retype new password:
passwd: updating the database...
passwd: done#
passwd jru
Changing local password for jru.
New password:
Retype new password:
passwd: updating the database...
passwd: doneAs with chpass(1), yppasswd(1) is a link to passwd(1), so NIS works with either command.
pw(8) is a command line utility to create, remove, modify, and display users and groups. It functions as a front end to the system user and group files. pw(8) has a very powerful set of command line options that make it suitable for use in shell scripts, but new users may find it more complicated than the other commands presented in this section.
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.