Table of Contents

Adding a User & Groups in CentOS

If you're using command line CentOS, adding a user is a bit complicated. FreeBSD has a nice command line script (adduser), but in CentOS:

 useradd -d /home/bobsmith -s /bin/bash -c "Bob Smith" bobsmith
 passwd bobsmith

If you want the user account to be created, but not let the user login via the command line, set the shell to /bin/false. If you want to prevent them from logging in at all (even via email, etc., set it to /sbin/nologin)

Adding Groups

If you want to add a group, the easiest way is to manually modify the /etc/group file, and copy one of the existing entries. You comma-delimit usernames when adding users to a group; e.g.:

users:x:100:dordal,bsmith,bjones

Common Groups

By default on CentOS, every user is added to a group of their own name. In other words, the user dordal is added to the group dordal, as the default group. When a user creates files, its with a umask of 002, meaning read/write access for the user + group, and read access for the world. (See /etc/bashrc for where this is set.)

This makes for fairly fine-grained permissions, effectively meaning that any file the user creates is writable by them and only them. That works, but in many cases you may want to have a whole bunch of people be able to write to the same set of files (e.g. everyone in the marketing department can write to a common data store). In this case, you want to put them all in the same group (e.g. 'marketing'), and then:

chown -R :marketing myfiles

Then you want to say:

chmod -R g+s myfiles

which sets the permissions so that any new files are created with the same group as the parent folder (e.g. 'marketing'), rather than the group of the user (e.g. 'dordal').