User and Group Management in Linux

Published by Admin on

Table of Contents hide
1. Users and their Types
1.1. (A.) Users and their Types in Linux
1.2. (B.) File and Directory Ownership & Permission
2. User and Group Management
2.1. (A.) User Management
2.1.1. For Adding a New User
2.1.2. For Setting a Password for a Newly created User
2.1.3. For Viewing User Details
2.1.4. For Modifying User Attributes
2.1.5. For Deleting User Record
2.1.6. Switch to Another Users
2.1.7. To Check Current Users
2.1.8. To Check User’s Privileges
2.2. (B.) Group Management
2.2.1. For Creating a New Group
2.2.2. For Adding a User to a Group
2.2.3. For Viewing Group Membership
2.2.4. For Deleting a Group
2.3. (C.) User Identification(UID) Management
3. User and Group Configuration Files

Users and their Types 

(A.) Users and their Types in Linux

    • Understanding user types and their roles is critical for securing and managing a Linux system effectively.
    • In Linux, users represent accounts that can log into and perform operations on the system.
    • Users are a fundamental concept in Linux for managing access to system resources.
    • An overview of users and their types in Linux are as follows:-

    1. Root User

      • The root user is the superuser with unrestricted access to the system.
      • This account can perform any operation, including system-critical tasks such as installing software, configuring hardware, and modifying system files.
      • Its username is usually named root.
      • The root user has full administrative privileges rights.
      • The Root user uses the sudo command to execute a command with root privileges temporarily.
      • The Root user directly log in as root (but it is not recommended for security reasons).

    2. System Users

      • These are non-login accounts created by the system or software during installation for specific services or functions.
      • For instance, www-data is a user for web servers, and nobody is a user for processes with minimal privileges.
      • The purpose of system users is to run background processes or daemons without direct user interaction.
      • Examples of some common  System  Users are  – bin, daemon, mail, ftp, and nobody.

    3. Regular Users

      • These are accounts created for individuals who use the system.
      • Regular users have restricted permissions and can only modify files they own or those explicitly shared with them.
      • These users have limited privileges and are limited to the user’s home directory and files.
      • The purpose of Regular users is for day-to-day tasks without compromising system security.

    4. Service Users

      • Service Users are similar to system users but typically associated with specific services or applications.
      • For example, database servers like MySQL or PostgreSQL may create users (mysql, postgres) to manage their processes.
      • The purpose of Service Users is to isolate application permissions and resources.

(B.) File and Directory Ownership & Permission

    • Linux uses a permission system involving:

      • Owner (usually the user who created the file).
      • Group (a set of users who can access the file).
      • Others (all other users).

    • The chmod, chown, and chgrp commands are used to modify permissions and ownership.

User and Group Management 

  • User and group management in Linux is essential for administering system security, resource allocation, and access control.

(A.) User Management

    • For Adding a New User
      • To add/create a new user, the useradd command is used.
      • Syntax – sudo useradd username (Press Enter)
    • For Setting a Password for a Newly created User
      • passwd command is used to set a password for the user.
      • Syntax – sudo passwd username (Press Enter)
    • For Viewing User Details
      • who command is used to see the currently logged-in users.
        • Syntax – $ who (Press Enter)
      • To show/list the detailed user account information. The file (/etc/passwd) contains user account information, including usernames, UIDs, home directories, and default shells.
        • Syntax –
          • $ cat  /etc/passwd (Press Enter)
          • $ cat  /etc/passwd  |  grep username (Press Enter)
    • For Modifying User Attributes
      • The usermod command is used to modify user properties/attributes.
      • To change a user’s home directory : sudo usermod -d /new/home username (Press Enter)
      • To Lock a User Account : sudo usermod -L username (Press Enter)
    • For Deleting User Record
      • The userdel command is used to remove a user.
        • Syntax – sudo userdel  username (Press Enter)
      • To remove the user’s home directory –
        • Syntax – sudo userdel -r username (Press Enter)
    • Switch to Another Users
      • Syntax – su username (Press Enter)
    • To Check Current Users
      • To identify the Logged-in Users : $ whoiam (Press Enter)
    • To Check User’s Privileges
      • To View groups and permissions : $ id username (Press Enter)

(B.) Group Management

    • For Creating a New Group
      • To create a new group the groupadd command is used.
      • Syntax – sudo groupadd groupname (Press Enter)
    • For Adding a User to a Group
      • To add a user to a group the usermod command is used.
        • Syntax – sudo usermod -aG groupname username (Press Enter)
      • The gpasswd command is also used to add a user to a group.
        • Syntax – sudo gpasswd -a username groupname (Press Enter)
    • For Viewing Group Membership
      • To check the groups a user belongs to, groups command is used.
        • Syntax – $ groups username (Press Enter)
      • The groupmod command is used to change/modify the group name.
        • Syntax – $ groupmod -n newgroupname oldgroupname (Press Enter)
    • For Deleting a Group
      • To remove an existing group the groupdel command is used.
      • Syntax – sudo groupdel groupname (Press Enter)

(C.) User Identification(UID) Management

There are following types of UID in the Linux system –

    • User IDs (UIDs):

      • Each user is associated with a unique identifier called a User ID (UID).
      • The common UID ranges are:-
        • 0: Root user.
        • 1–999: System and Service Users (may vary by distribution).
        • 1000 and above: Regular users (default range for most Linux distributions).

    • Group IDs (GIDs):

      • GIDs are the IDs provided to the Users that can belong to groups to simplify permission management.

User and Group Configuration Files

  • Linux uses several configuration files to manage users and groups. These files are critical for defining user accounts, group memberships, and their attributes.
  • Some common user and group configuration files are – 
    • /etc/passwd :
      • This file contains user account information.
      • To view the user information/file contents – $ cat /etc/passwd (Press Enter)
      • Each line of output represents single user details and follows this format
username:x:UID:GID:comment:home_directory:shell (Syntax)
user1:x:1001:1001:User1:/home/user1:/bin/bash (Example)
Where
          • username: The login name of the user.
          • x: Placeholder for the encrypted password (stored in /etc/shadow for security).
          • UID: User ID, a unique numeric identifier for the user.
          • GID: Group ID, referring to the user’s primary group (defined in /etc/group).
          • comment: Optional user description or full name.
          • home_directory: Path to the user’s home directory.
          • shell: The user’s default shell (e.g., /bin/bash).
    • /etc/shadow :
      • This file stores secure information about user passwords.
      • To show the file contents – $ cat /etc/shadow (Press Enter)
      • Each line of output represents single user details corresponding to a user from /etc/passwd and follows this format –
username:encrypted_password:last_changed:min_days:max_days:warn:inactive:expire:(Syntax)
user1:$6$xyz123$hashvalue:19000:0:99999:7:::  (Example)
Here,
  • username: The login name of the user.
  • encrypted_password: Hashed password or special values like:
    • ! or !!: Account is locked.
    • *: No password set.
  • last_changed: Days since January 1, 1970, when the password was last changed.
  • min_days: Minimum days between password changes.
  • max_days: Maximum days before the password expires.
  • warn: Days before expiration to warn the user.
  • inactive: Days after expiration before the account is disabled.
  • expire: Account expiration date in days since January 1, 1970.
    • /etc/group:

Loading

Categories: Unix/Linux OS

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Posts

Unix/Linux OS

Linux Architecture and File System

Linux Files and Directory System  Linux OS comes with a well-defined file structure where user files are arranged in a definite directory structure. According to the type of files, the directories are categorized as Binary directories, Read more…

Unix/Linux OS

Reference Books & Websites

slno Name of Books Authors Publications 1. Unix Shell Programming Yashwant Kanitkar BPB 2. Linux Networking and Security Nicholas Wells Vikas Publishing, New Delhi 3. Unix – Concepts & Applications Sumitabha Das Tata Mcgraw Hill Read more…

Unix/Linux OS

Linux Shell Programming

Steps to Create a Linux Program Step 1 – Open Linux in command mode and make a new directory at Linux prompt (say $) to store newly created Linux program file either online or offline Read more…