Comments
How to Manage Users and Groups in Linux
Edited 3 weeks ago by ExtremeHow Editorial Team
User ManagementPermissionsCommand LineSystem AdministrationSecurityScriptingServerMulti-UserAccess ControlTerminal
This content is available in 7 different language
Managing users and groups is an essential task for any Linux system administrator. It involves creating, modifying, and deleting user accounts and groups to efficiently maintain the security of the system and the productivity of users. This lesson will guide you step by step through the processes involved in managing Linux users and groups.
Understanding users and groups in Linux
In Linux, users have accounts that define who they are. A user account includes several settings, for example, a unique user name, a user ID, a home directory, and a shell. This account allows the person to log in to the system and obtain appropriate access rights.
Groups, on the other hand, are collections of users. By organizing users into groups, system administrators can easily manage permissions and access rights to shared resources. For example, if users belong to a group that has read/write access to a certain directory, all members of that group will have those access privileges.
User and group files
User and group information is usually stored in a few files within the /etc directory:
/etc/passwd: This file contains all user account information except the password./etc/shadow: This file contains users' encrypted passwords and other password-related information./etc/group: This file records information about groups.
Create a new user
To create a new user in Linux, you usually use the useradd command. Below is an example of using this command:
sudo useradd <username>This command creates a new user with the specified username. However, this is usually not enough by itself if you want to set up a working account. You may want to add a home directory, a default shell, and, naturally, a password.
You can use the -m option to create a home directory:
sudo useradd -m <username>To set a password for a new user, use:
sudo passwd <username>This command will ask you to enter and confirm the new password for the user.
Deleting a user
To delete a user from the system, userdel command is used. Here is an example:
sudo userdel <username>This will delete the user, but not the user's home directory. If you want to delete the home directory as well, you can use:
sudo userdel -r <username>Modifying the user
To change a user's details, use usermod command. Here are some common modifications you can make:
Change the user's home directory:
sudo usermod -d /new/home/directory <username>Change the user's username:
sudo usermod -l <newusername> <oldusername>You can also add users to supplemental groups using:
sudo usermod -a -G <groupname> <username>Creating groups
Groups can be created using groupadd command. This is usually done like this:
sudo groupadd <groupname>This command creates a new group with the specified name.
Deleting a group
You can delete a group using groupdel command:
sudo groupdel <groupname>This will remove the group from the system.
Adding users to a group
To add a user to a group, you can use usermod command as shown previously:
sudo usermod -a -G <groupname> <username>Be careful with -a option, as omitting it will remove the user from all groups he is already part of, except the newly specified group.
Listing users and groups
Sometimes it is necessary to list all users or groups. You can do this by viewing the contents of the /etc/passwd or /etc/group files, respectively:
cat /etc/passwdcat /etc/groupPassword management
The password can be changed using passwd command. Any user can change their password by simply typing:
passwdThe system administrator can change the password of another user as follows:
sudo passwd <username>The administrator can also enforce password policies with chage :
sudo chage -l <username>This will list the user's password expiration date information.
sudo chage -E <YYYY-MM-DD> <username>The above command sets the expiration date of the user's password.
Using sudo for administrative tasks
When managing users and groups, you will often need administrative privileges. sudo command allows a permitted user to execute commands as the superuser or another user specified by the security policy. Always make sure you have the necessary permissions before attempting administrative tasks.
Conclusion
User and group management is crucial to maintaining a secure and efficient Linux environment. By understanding how to create, modify, and delete users and groups, as well as manage passwords and permissions, you can keep your system properly managed and secure. Whether you're working on an individual system or on a large network, these tasks are fundamental to Linux administration.
Always remember to make changes carefully, especially when it comes to user accounts and permissions, as mistakes can lead to unintentional access problems or security vulnerabilities.
If you find anything wrong with the article content, you can