User and Group Management in Linux

Published by Admin on

Table of Contents hide
1. Users and their Types
1.1. (A.) Users and their Types in Linux
1.2. (B.) File and Directory Ownership & Permission
2. User and Group Management
2.1. (A.) User Management
2.1.1. For Adding a New User
2.1.2. For Setting a Password for a Newly created User
2.1.3. For Viewing User Details
2.1.4. For Modifying User Attributes
2.1.5. For Deleting User Record
2.1.6. Switch to Another Users
2.1.7. To Check Current Users
2.1.8. To Check User’s Privileges
2.2. (B.) Group Management
2.2.1. For Creating a New Group
2.2.2. For Adding a User to a Group
2.2.3. For Viewing Group Membership
2.2.4. For Deleting a User from Group
2.2.5. For Deleting a Group
2.3. (C.) User Identification(UID) Management
3. User and Group Configuration Files
4. Management of Current Session in Linux
4.1. (A) Checking Current Session Information
4.2. (B) Managing Processes in the Current Session
4.3. (C) Managing Terminal Sessions
4.4. (D) Managing User Sessions
4.5. (E) Saving Session State
4.6. (F) Locking the Current Session

Users and their Types 

(A.) Users and their Types in Linux

    • Understanding user types and their roles is critical for securing and managing a Linux system effectively.
    • In Linux, users represent accounts that can log into and perform operations on the system.
    • Users are a fundamental concept in Linux for managing access to system resources.
    • An overview of users and their types in Linux are as follows:-

    1. Root User

      • The root user is the superuser with unrestricted access to the system.
      • This account can perform any operation, including system-critical tasks such as installing software, configuring hardware, and modifying system files.
      • Its username is usually named root.
      • The root user has full administrative privileges rights.
      • The Root user uses the sudo command to execute a command with root privileges temporarily.
      • The Root user directly log in as root (but it is not recommended for security reasons).

    2. System Users

      • These are non-login accounts created by the system or software during installation for specific services or functions.
      • For instance, www-data is a user for web servers, and nobody is a user for processes with minimal privileges.
      • The purpose of system users is to run background processes or daemons without direct user interaction.
      • Examples of some common  System  Users are  – bin, daemon, mail, ftp, and nobody.

    3. Regular Users

      • These are accounts created for individuals who use the system.
      • Regular users have restricted permissions and can only modify files they own or those explicitly shared with them.
      • These users have limited privileges and are limited to the user’s home directory and files.
      • The purpose of Regular users is for day-to-day tasks without compromising system security.

    4. Service Users

      • Service Users are similar to system users but typically associated with specific services or applications.
      • For example, database servers like MySQL or PostgreSQL may create users (mysql, postgres) to manage their processes.
      • The purpose of Service Users is to isolate application permissions and resources.

(B.) File and Directory Ownership & Permission

    • Linux uses a permission system involving:

      • Owner (usually the user who created the file).
      • Group (a set of users who can access the file).
      • Others (all other users).

    • The chmod, chown, and chgrp commands are used to modify permissions and ownership.

User and Group Management 

  • User and group management in Linux is essential for administering system security, resource allocation, and access control.

(A.) User Management

    • For Adding a New User
      • To add/create a new user, the useradd command is used.
      • Syntax – sudo useradd username (Press Enter)
    • For Setting a Password for a Newly created User
      • passwd command is used to set a password for the user.
      • Syntax – sudo passwd username (Press Enter)
    • For Viewing User Details
      • who command is used to see the currently logged-in users.
        • Syntax – $ who (Press Enter)
      • To show/list the detailed user account information. The file (/etc/passwd) contains user account information, including usernames, UIDs, home directories, and default shells.
        • Syntax –
          • $ cat  /etc/passwd (Press Enter)
          • $ cat  /etc/passwd  |  grep username (Press Enter)
    • For Modifying User Attributes
      • The usermod command is used to modify user properties/attributes.
      • To change a user’s home directory : sudo usermod -d /new/home username (Press Enter)
      • To Lock a User Account : sudo usermod -L username (Press Enter)
    • For Deleting User Record
      • The userdel command is used to remove a user.
        • Syntax – sudo userdel  username (Press Enter)
      • To remove the user’s home directory –
        • Syntax – sudo userdel -r username (Press Enter)
    • Switch to Another Users
      • Syntax – su username (Press Enter)
    • To Check Current Users
      • To identify the Logged-in Users : $ whoiam (Press Enter)
    • To Check User’s Privileges
      • To View groups and permissions : $ id username (Press Enter)

(B.) Group Management

    • For Creating a New Group
      • To create a new group the groupadd command is used.
      • Syntax – sudo groupadd groupname (Press Enter)
    • For Adding a User to a Group
      • To add a user to a group the usermod command is used.
        • Syntax – sudo usermod -aG groupname username (Press Enter)
      • The gpasswd command is also used to add a user to a group.
        • Syntax – sudo gpasswd -a username groupname (Press Enter)
    • For Viewing Group Membership
      • To check the groups a user belongs to, groups command is used.
        • Syntax – $ groups username (Press Enter)
      • The groupmod command is used to change/modify the group name.
        • Syntax – $ groupmod -n newgroupname oldgroupname (Press Enter)
    • For Deleting a User from Group
      • To remove a user from a group in Linux, we can use the gpasswd or deluser command, depending on the Linux distribution and preferences.
      • Syntax :
(i) sudo gpasswd -d <username> <groupname>
(ii) sudo deluser <username> <groupname>
      • Example :
(i) sudo gpasswd -d user1 group1 (Press Enter) (This command removes user1 from the group1 group.)
(ii) sudo deluser user1 group1(Press Enter)
    • For Deleting a Group
      • To remove an existing group the groupdel command is used.
      • Syntax – sudo groupdel groupname (Press Enter)

(C.) User Identification(UID) Management

There are the following types of UID in the Linux system –

    • User IDs (UIDs):

      • Each user is associated with a unique identifier called a User ID (UID).
      • The common UID ranges are:-
        • 0: Root user.
        • 1–999: System and Service Users (may vary by distribution).
        • 1000 and above: Regular users (default range for most Linux distributions).

    • Group IDs (GIDs):

      • GIDs are the IDs provided to the Users that can belong to groups to simplify permission management.

User and Group Configuration Files

  • Linux systems store information about users and groups in specific configuration files, which are typically located in the /etc directory. 
  • Linux uses several configuration files to manage users and groups. These files are critical for defining user accounts, group memberships, and their attributes.
  • These files work together to manage users and groups.
  • Modifications to these files can be done manually using text editors, but it’s suggested to use commands like useradd, usermod, groupadd, etc., to avoid errors.
  • It is advised to always back up these files before making any significant changes.
  • Some common user and group configuration files are – 
    • /etc/passwd :
      • This file contains information about the system and user accounts.
      • To view the user information/file contents – $ cat /etc/passwd (Press Enter)
      • Each line of output represents single user account details and follows this format
username:x:UID:GID:comment:home_directory:shell (Syntax)
user1:x:1001:1001:User1:/home/user1:/bin/bash (Example)
Where
          • username: The login name of the user.
          • x: Placeholder for the encrypted password (actual password is stored in /etc/shadow for security).
          • UID: User ID, a unique numeric identifier for the user.
          • GID: Group ID, referring to the user’s primary group (defined in /etc/group).
          • comment: Optional fields usually contain a user description or full name.
          • home_directory: The user’s home directory.
          • shell: The default shell assigned to the user (e.g., /bin/bash).
    • /etc/shadow :
      • This file stores encrypted passwords and password-related information for users i.e., security information about users.
      • Only root or privileged users can read this file.
      • To show the file contents – $ cat /etc/shadow (Press Enter)
      • Each line of output represents single user details corresponding to a user from /etc/passwd and follows this format –
username:encrypted_password:last_changed:min_days:max_days:warn:inactive:expire:(Syntax)
user1:$6$xyz123$hashvalue:19000:0:99999:7:::  (Example)
Here,
  • username: The login name of the user.
  • encrypted_password: Hashed password (cryptographically transformed format of a plain-text password) or special values like:
    • ! or !!: Account is locked.
    • *: No password set.
  • last_changed: The number of days since January 1, 1970, when the password was last changed..
  • min_days: Minimum days required between password changes.
  • max_days: Maximum days the password is valid.
  • warn: Days before expiration to warn the user.
  • inactive: Days after expiration before the account is disabled.
  • expire: Absolute expiration date (days since January 1, 1970).
    • /etc/group :
      • This file contains information about groups on the system.
      • Each line of output represents group details corresponding to a group from /etc/group and follows this format –

groupname:x:GID:members (Syntax)

          • groupname: Name of the group.
          • x: Placeholder for the password (group passwords are rarely used).
          • GID: Group ID number.
          • members: Comma-separated list of users in the group (besides the primary group members).
    • /etc/gshadow :
      • This file contains encrypted group passwords and group-related security information.
      • Only root or privileged users can read this file.
      • Each line of output corresponds to a group that follows this format –

groupname:encrypted_password:group_admins:group_members (Syntax)

          • groupname: Name of the group.
          • encrypted_password: The hashed password for the group (or ! if no password).
          • group_admins: Users who can administer the group (comma-separated).
          • group_members: Regular members of the group (comma-separated).

Management of Current Session in Linux

  • Managing the current session in Linux involves monitoring, controlling, and interacting with user sessions and system processes.
  • These tools and commands provide robust ways to manage, monitor, and secure your current Linux session.
  • There are various tools and commands are commonly used to manage the current session in Linux environments:-
(A) Checking Current Session Information
  • who : To display logged-in users and their session details.
 $ who (Press Enter)
 Example Output : user1 tty1 2025-01-09 10:00 (:0)
  • w : This command provides detailed information about users and their activities.
$ w (Press Enter)
Example Output : 
10:10:00 up 3:00, 3 users, load average: 0.01, 0.05, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
user1     pts/0    :0.0              10:00    0.00s  0.01s  0.00s bash
  • whoami : This command displays the username of the current session.

$ whoami (Press Enter)

  • tty : This command displays the terminal associated with the current session.

$ tty (Press Enter)

Example output : /dev/pts/0

(B) Managing Processes in the Current Session 
  • ps : This command lists active processes in the current session.
$ ps (Press Enter)
To view all processes for the current user:-
$ ps -u $(whoami) (Press Enter)
  • top or htop : top command monitors system resource usage and processes in real-time.
$ top (Press Enter)
For a more user-friendly interface, we use htop command. (Ensure htop is installed.)
  • kill : This command ends a specific process by using its process ID (PID).
$ kill <PID>(Press Enter)
Example Output : $ Kill 1234 (Press Enter) [Kills the process having 1234 id]
  • killall : This command ends all processes with a specific name.

$ killall firefox (Press Enter)

(C) Managing Terminal Sessions
  • logout : This command helps to Log out the current session in a terminal.
$ logout (Press Enter)
  • exit : This command closes the current shell session.
$ exit (Press Enter)
  • screen and tmux : These tools are used to manage multiple terminal sessions.
screen : To start a new session.
$ screen (Press Enter)
Ctrl + A, D : To detach the session.
screen -r : To reattach the session:
tmux (more advanced): To start a new session.
$ tmux (Press Enter)
Ctrl + B, D : To detach the session.
tmux attach-session : To reattach the session.
(D) Managing User Sessions
  • logout or exit : This command ends the current session.
$ pkill -KILL -u <username> (Press Enter) : Forces logout of a specific user.
  • loginctl : This command manages system logins, sessions, and seats.
$ loginctl (Press Enter)
$ loginctl list-sessions (Press Enter) – It lists the Sessions.
$ loginctl terminate-session <session-id> (Press Enter) – To Terminate a specific session.
(E) Saving Session State
  • history : To view the command history of the current session.
$ history (Press Enter)
$ history -c (Press Enter) : To clear history for the current session.
  • nohup : To run a process in the background, surviving session termination.
$ nohup command & (Press Enter)
  • disown : To detach a running process from the current session.
$ disown <job-id> (Press Enter) : To detach a specific running process from the current session.
(F) Locking the Current Session
  • vclock : To lock the terminal session.
  • gnome-screensaver-command (for GUI) : To lock the graphical session.
$ gnome-screensaver-command -l (Press Enter)

Loading

Categories: Unix/Linux OS

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Posts

Unix/Linux OS

Configuring a Firewall in Linux

Firewalls are critical for securing Linux systems by controlling incoming and outgoing network traffic based on predefined rules. A firewall is a security system that monitors and controls network traffic. Linux firewalls operate at the Read more…

Unix/Linux OS

Configuring DNS Server

DNS DNS(Domain Name System) is a hierarchical system used to translate human-readable domain names (e.g., example.com) into their respective machine-readable IP addresses (e.g., 192.0.2.1). In other words, a DNS Server resolves domain names into IP addresses Read more…

Unix/Linux OS

Managing Disk Partitions

Partitioning is essential for organizing disk storage in Linux. It allows us to efficiently allocate space for the operating system, swap, data storage, and other purposes.  Disk Storage and Devices Storage devices in Linux are Read more…