BLOG POSTS
How to Add and Delete Users on CentOS 8

How to Add and Delete Users on CentOS 8

Managing user accounts on CentOS 8 systems is a fundamental skill that every sysadmin and developer needs to master. Whether you’re setting up development environments, managing production servers, or dealing with team access control, knowing how to properly add and delete users can save you time and prevent security headaches. This guide will walk you through the complete process, from basic user creation to advanced configurations, plus we’ll cover the gotchas that can trip you up if you’re not careful.

Understanding User Management in CentOS 8

CentOS 8 handles user management through a combination of system files and command-line utilities. When you create a user, the system updates several key files:

  • /etc/passwd – Contains basic user account information
  • /etc/shadow – Stores encrypted passwords and account aging info
  • /etc/group – Defines group memberships
  • /etc/gshadow – Contains secure group account information

The primary tools you’ll use are useradd, userdel, usermod, and passwd. Each has its own set of options and behaviors that can make or break your user management strategy.

Adding Users: Step-by-Step Implementation

Let’s start with the basics and work our way up to more complex scenarios.

Basic User Creation

The simplest way to add a user is with the useradd command:

sudo useradd john

This creates a user account but doesn’t set a password or create a home directory by default on some configurations. To make it immediately usable:

sudo useradd -m -s /bin/bash john
sudo passwd john

The -m flag creates a home directory, and -s sets the default shell.

Advanced User Creation Options

For production environments, you’ll often need more control over user creation:

# Create user with specific UID, group, and home directory
sudo useradd -u 1500 -g developers -d /home/custom/john -m -s /bin/bash john

# Add user to multiple groups
sudo useradd -m -s /bin/bash -G wheel,docker,developers jane

# Create system user (for services)
sudo useradd -r -s /bin/false serviceuser

Here’s what each option does:

Option Purpose Example
-u Specify user ID -u 1500
-g Primary group -g developers
-G Additional groups -G wheel,docker
-d Home directory path -d /custom/path
-s Default shell -s /bin/bash
-r System user -r

Deleting Users: The Right Way

User deletion is trickier than creation because you need to decide what to do with their files and running processes.

Basic User Deletion

# Delete user but keep home directory
sudo userdel john

# Delete user and home directory
sudo userdel -r john

# Force deletion even if user is currently logged in
sudo userdel -f john

Safe User Deletion Process

Before deleting a user in production, follow this checklist:

# 1. Check if user is currently logged in
who | grep username

# 2. List user's running processes
ps -u username

# 3. Find all files owned by the user
find / -user username -type f 2>/dev/null

# 4. Check crontab entries
crontab -u username -l

# 5. Backup important data before deletion
tar -czf /backup/username_backup.tar.gz /home/username

# 6. Finally delete the user
sudo userdel -r username

Real-World Use Cases and Examples

Development Team Onboarding

Here’s a script that creates a standardized development user:

#!/bin/bash
# dev_user_setup.sh

USERNAME=$1
if [ -z "$USERNAME" ]; then
    echo "Usage: $0 "
    exit 1
fi

# Create user with development groups
sudo useradd -m -s /bin/bash -G wheel,docker,git $USERNAME

# Set up SSH directory
sudo -u $USERNAME mkdir -p /home/$USERNAME/.ssh
sudo -u $USERNAME chmod 700 /home/$USERNAME/.ssh

# Create basic development directories
sudo -u $USERNAME mkdir -p /home/$USERNAME/{projects,scripts,logs}

# Set password
sudo passwd $USERNAME

echo "Development user $USERNAME created successfully"

Batch User Management

When managing multiple users, you can use a CSV file and scripting:

# users.csv format: username,fullname,groups
# john,John Doe,developers
# jane,Jane Smith,developers,testers

#!/bin/bash
while IFS=',' read -r username fullname groups; do
    sudo useradd -m -s /bin/bash -c "$fullname" -G "$groups" "$username"
    echo "Created user: $username"
done < users.csv

Common Issues and Troubleshooting

User Creation Failures

The most common issues you'll encounter:

  • Username already exists - Check with id username before creating
  • UID conflicts - Use getent passwd | cut -d: -f3 | sort -n to see used UIDs
  • Group doesn't exist - Create the group first with groupadd groupname
  • Insufficient permissions - Make sure you're using sudo or running as root

Home Directory Issues

Sometimes home directories don't get created properly:

# Manually create home directory if missing
sudo mkdir /home/username
sudo cp -r /etc/skel/. /home/username/
sudo chown -R username:username /home/username
sudo chmod 750 /home/username

Deletion Problems

Common deletion issues and solutions:

# User has running processes
sudo pkill -u username
sudo userdel username

# User's mailbox is locked
sudo rm /var/spool/mail/username
sudo userdel username

# Files in unexpected locations
find / -user username -exec rm -rf {} \; 2>/dev/null

Best Practices and Security Considerations

Password Policies

Set up strong password requirements by editing /etc/security/pwquality.conf:

# Minimum password length
minlen = 12

# Require different character types
minclass = 3

# Prevent dictionary words
dictcheck = 1

User Account Monitoring

Keep track of user account changes:

# Check recent user additions
sudo grep "new user" /var/log/secure

# Monitor user login attempts
sudo lastlog

# Check failed login attempts
sudo lastb

Automated Cleanup

Set up automated cleanup for inactive accounts:

#!/bin/bash
# Find users inactive for 90+ days
lastlog -b 90 | grep -v "Never" | awk '{print $1}' | tail -n +2 > /tmp/inactive_users

# Review and potentially disable these accounts
while read user; do
    echo "User $user has been inactive for 90+ days"
    # sudo usermod -L $user  # Uncomment to lock account
done < /tmp/inactive_users

Performance and System Impact

User management operations have minimal system impact, but here are some considerations:

Operation System Impact Time (avg) Notes
useradd (basic) Very Low < 0.1s Only updates system files
useradd -m Low 0.1-0.5s Creates home directory
userdel -r Medium 1-10s Depends on home directory size
Batch operations Medium Variable Consider rate limiting

Alternative Tools and Methods

While useradd and userdel are standard, there are alternatives worth knowing:

  • adduser - More interactive, Debian-style user creation (available via EPEL)
  • system-config-users - GUI tool for user management
  • Ansible - For infrastructure-as-code user management
  • LDAP integration - For centralized user management in larger environments

For more advanced scenarios, check the official Red Hat documentation on user management.

Remember that user management is often tied to broader system security policies. Always test your user management procedures in a non-production environment first, and keep backups of critical system configuration files before making bulk changes.

This article incorporates information and material from various online sources. We acknowledge and appreciate the work of all original authors, publishers, and websites. While every effort has been made to appropriately credit the source material, any unintentional oversight or omission does not constitute a copyright infringement. All trademarks, logos, and images mentioned are the property of their respective owners. If you believe that any content used in this article infringes upon your copyright, please contact us immediately for review and prompt action.

This article is intended for informational and educational purposes only and does not infringe on the rights of the copyright owners. If any copyrighted material has been used without proper credit or in violation of copyright laws, it is unintentional and we will rectify it promptly upon notification. Please note that the republishing, redistribution, or reproduction of part or all of the contents in any form is prohibited without express written permission from the author and website owner. For permissions or further inquiries, please contact us.

More stories

Debian 13 “Trixie” Released: Major Upgrades for Modern Infrastructure
admin, August 13, 2025
Debian 13 “Trixie” Released: Major Upgrades...
Proxmox VE 9.0: The Ultimate Virtualization Beast is Here
admin, August 8, 2025
Proxmox VE 9.0: The Ultimate Virtualization Beast is He...
Install and Uninstall Node.js on Ubuntu – Step-by-Step
admin, August 4, 2025
Install and Uninstall Node.js on Ubuntu – Step-by-Step

Leave a reply

Your email address will not be published. Required fields are marked

Login
Register
Forgot something?