Users and their Types
(A.) Users and their Types in Linux
(B.) File and Directory Ownership & Permission
User and Group Management
- User and group management in Linux is essential for administering system security, resource allocation, and access control.
(A.) User Management
-
-
For Adding a New User
- To add/create a new user, the useradd command is used.
- Syntax – sudo useradd username (Press Enter)
-
For Setting a Password for a Newly created User
- passwd command is used to set a password for the user.
- Syntax – sudo passwd username (Press Enter)
-
For Viewing User Details
- who command is used to see the currently logged-in users.
- Syntax – $ who (Press Enter)
- To show/list the detailed user account information. The file (/etc/passwd) contains user account information, including usernames, UIDs, home directories, and default shells.
- Syntax –
- $ cat /etc/passwd (Press Enter)
- $ cat /etc/passwd | grep username (Press Enter)
- Syntax –
- who command is used to see the currently logged-in users.
-
For Modifying User Attributes
- The usermod command is used to modify user properties/attributes.
- To change a user’s home directory : sudo usermod -d /new/home username (Press Enter)
- To Lock a User Account : sudo usermod -L username (Press Enter)
-
For Deleting User Record
-
The userdel command is used to remove a user.
-
Syntax – sudo userdel username (Press Enter)
-
-
To remove the user’s home directory –
-
Syntax – sudo userdel -r username (Press Enter)
-
-
-
Switch to Another Users
- Syntax – su username (Press Enter)
-
To Check Current Users
- To identify the Logged-in Users : $ whoiam (Press Enter)
-
To Check User’s Privileges
- To View groups and permissions : $ id username (Press Enter)
-
(B.) Group Management
-
-
For Creating a New Group
- To create a new group the groupadd command is used.
- Syntax – sudo groupadd groupname (Press Enter)
-
For Adding a User to a Group
-
To add a user to a group the usermod command is used.
-
Syntax – sudo usermod -aG groupname username (Press Enter)
-
- The gpasswd command is also used to add a user to a group.
- Syntax – sudo gpasswd -a username groupname (Press Enter)
-
-
For Viewing Group Membership
-
To check the groups a user belongs to, groups command is used.
- Syntax – $ groups username (Press Enter)
-
The groupmod command is used to change/modify the group name.
-
Syntax – $ groupmod -n newgroupname oldgroupname (Press Enter)
-
-
-
For Deleting a User from Group
- To remove a user from a group in Linux, we can use the
gpasswd
ordeluser
command, depending on the Linux distribution and preferences. - Syntax :
- To remove a user from a group in Linux, we can use the
-
-
-
- Example :
-
-
-
For Deleting a Group
- To remove an existing group the groupdel command is used.
- Syntax – sudo groupdel groupname (Press Enter)
-
(C.) User Identification(UID) Management
There are the following types of UID in the Linux system –
-
-
User IDs (UIDs):
- Each user is associated with a unique identifier called a User ID (UID).
- The common UID ranges are:-
0
: Root user.1–999
: System and Service Users (may vary by distribution).1000 and above
: Regular users (default range for most Linux distributions).
-
Group IDs (GIDs):
- GIDs are the IDs provided to the Users that can belong to groups to simplify permission management.
-
User and Group Configuration Files
- Linux systems store information about users and groups in specific configuration files, which are typically located in the /etc directory.
- Linux uses several configuration files to manage users and groups. These files are critical for defining user accounts, group memberships, and their attributes.
- These files work together to manage users and groups.
- Modifications to these files can be done manually using text editors, but it’s suggested to use commands like
useradd
,usermod
,groupadd
, etc., to avoid errors. - It is advised to always back up these files before making any significant changes.
- Some common user and group configuration files are –
- /etc/passwd :
- This file contains information about the system and user accounts.
- To view the user information/file contents – $ cat /etc/passwd (Press Enter)
- Each line of output represents single user account details and follows this format
- /etc/passwd :
-
-
-
-
-
username
: The login name of the user. -
x
: Placeholder for the encrypted password (actual password is stored in/etc/shadow
for security). -
UID
: User ID, a unique numeric identifier for the user. -
GID
: Group ID, referring to the user’s primary group (defined in/etc/group
). -
comment
: Optional fields usually contain a user description or full name. -
home_directory
: The user’s home directory. -
shell
: The default shell assigned to the user (e.g.,/bin/bash
).
-
-
-
- /etc/shadow :
-
This file stores encrypted passwords and password-related information for users i.e., security information about users.
- Only root or privileged users can read this file.
- To show the file contents – $ cat /etc/shadow (Press Enter)
-
Each line of output represents single user details corresponding to a user from /etc/passwd and follows this format –
-
-
username
: The login name of the user.encrypted_password
: Hashed password (cryptographically transformed format of a plain-text password) or special values like:!
or!!
: Account is locked.*
: No password set.
last_changed
: The number of days since January 1, 1970, when the password was last changed..min_days
: Minimum days required between password changes.max_days
: Maximum days the password is valid.warn
: Days before expiration to warn the user.inactive
: Days after expiration before the account is disabled.expire
: Absolute expiration date (days since January 1, 1970).
-
- /etc/group :
- This file contains information about groups on the system.
- Each line of output represents group details corresponding to a group from /etc/group and follows this format –
- /etc/group :
groupname:x:GID:members (Syntax)
-
-
-
-
groupname
: Name of the group.x
: Placeholder for the password (group passwords are rarely used).GID
: Group ID number.members
: Comma-separated list of users in the group (besides the primary group members).
-
-
- /etc/gshadow :
- This file contains encrypted group passwords and group-related security information.
- Only root or privileged users can read this file.
- Each line of output corresponds to a group that follows this format –
-
groupname:encrypted_password:group_admins:group_members (Syntax)
-
-
-
-
groupname
: Name of the group.encrypted_password
: The hashed password for the group (or!
if no password).group_admins
: Users who can administer the group (comma-separated).group_members
: Regular members of the group (comma-separated).
-
-
-
Management of Current Session in Linux
- Managing the current session in Linux involves monitoring, controlling, and interacting with user sessions and system processes.
- These tools and commands provide robust ways to manage, monitor, and secure your current Linux session.
- There are various tools and commands are commonly used to manage the current session in Linux environments:-
(A) Checking Current Session Information
- who : To display logged-in users and their session details.
- w : This command provides detailed information about users and their activities.
- whoami : This command displays the username of the current session.
$ whoami (Press Enter)
- tty : This command displays the terminal associated with the current session.
$ tty (Press Enter)
Example output : /dev/pts/0
(B) Managing Processes in the Current Session
- ps : This command lists active processes in the current session.
- top or htop : top command monitors system resource usage and processes in real-time.
- kill : This command ends a specific process by using its process ID (PID).
- killall : This command ends all processes with a specific name.
$ killall firefox (Press Enter)
(C) Managing Terminal Sessions
- logout : This command helps to Log out the current session in a terminal.
- exit : This command closes the current shell session.
- screen and tmux : These tools are used to manage multiple terminal sessions.
(D) Managing User Sessions
- logout or exit : This command ends the current session.
- loginctl : This command manages system logins, sessions, and seats.
(E) Saving Session State
- history : To view the command history of the current session.
- nohup : To run a process in the background, surviving session termination.
- disown : To detach a running process from the current session.
(F) Locking the Current Session
- vclock : To lock the terminal session.
- gnome-screensaver-command (for GUI) : To lock the graphical session.
0 Comments