In this blog, we will learn about user management in Linux, such as what the functions of user management in Linux are, what commands are used for user management, and how it works behind the scenes.
Introduction to User Management in Linux
- In a Linux operating system, a user is an entity that has access to files and can carry out a number of additional tasks.
- In the operating system, an ID that is specific to each user is given to them.
- The IDs for local users start at 1000 after the operating system has been installed.
- The root user is given ID 0 and the system users are given IDs 1 to 999 (inclusive).
- We can create 60000 users in a single directory.
Types of users in Linux User Management
There are three types of users in Linux User Management, which are as follows:
a) Root User
- The primary user account in a Linux system is the root user. It is created automatically during installation. It enjoys the system’s highest privilege.
- It has the ability to use any service and do any administrative task. This account should only be used for system management because it is its intended usage.
- It shouldn’t be utilized for everyday tasks. It is not erasable. However, it can be turned off if necessary.
b) Regular User
- The default user account is a regular user. One normal user account is automatically generated during installation.
- We can create as many normal user accounts as we require after the installation. This account has a fair amount of authority. This account is for everyday tasks.
- It can only access the files and services for which it has been given permission, and it can only carry out the tasks for which it has been given permission.
- It may be deleted or disabled as necessary.
c) Service User
- Service accounts are created by installation packages when they are installed.
- Service accounts are used by services to run processes and execute functions.
- Service accounts are neither intended nor should be used for routine work.
Ways to carry out the tasks of User Management in Linux
There are three ways to carry out the functions of User Management in Linux
a) Graphical Tools
It is easy and suitable for new users, as it ensures you’ll not run into any trouble.
b) Command Line Tools
Command Line Tools include commands like useradd, userdel, passwd, etc. These are mostly used by server administrators.
c) Edit the Local Configuration File
Edit the local configuration file directly using any editor.
The local user database is stored in /etc/passwd directory in Linux.
## Local User Database
/etc/passwd
Look at the above snapshot, it has seven columns separated by a colon. Starting from the left columns denote username, an x, user id, primary group id, a description, name of the home directory, and a login shell.
Let’s take an example of one line in the above snapshot:
binfintech:x:1002:1002:BinFinTech,,,:/home/binfintech:/bin/bash
Here,
binfintech -> username
1002 -> User ID
1002 -> Primary Group Id
,,, -> Description (I have stored it as an optional that’s why it is showing three commas (,,,))
/home/binfintech -> Name of Home Directory
/bin/bash -> Login Shell
Root user in Linux
- The root user is the superuser and has the authority to add new users, remove existing users, and even log in using the accounts of other users.
- The root user’s userid is always 0.
$head -1 /etc/passwd
root:x:0:0:root:/root:/bin/bash
Linux follows the principle of user management therefore if more than one person uses a single system, then every user has their own account. Therefore, it will help to know the user account details.
Let’s see some command which is used to identify the current user info.
Identify the Loggined User Information
a) whoami
It prints the system’s username
$ whoami
binfintech
b) who
It prints the information about the users logged on to the system.
$ who
binfintech :0 2023-01-18 17:37 (:0)
c) w
It displays the users who are logged in and what are they doing.
$ w
18:58:53 up 1:24, 1 user, load average: 2.28, 2.14, 2.50
USER TTY FROM
binfintech :0 :0
LOGIN@ IDLE JCPU PCPU
17:37 ?xdm? 1:30m 0.01s
WHAT
/usr/lib/gdm3/gdm-x-session --run-script
d) id
This command tells about your user id, primary group id, and list of groups that belong to you.
$ id
uid=1000(binfintech) gid=1000(binfintech) groups=1000(binfintech),
4(adm),
24(cdrom),
27(sudo),30(dip),46(plugdev),
120(lpadmin),132(lxd),133(sambashare),140(vboxusers)
Adding or removing users is one of the most fundamental functions of a new Linux server.
A fresh Linux server only provides us with a root user account. A user can get a lot of power and accessibility by adding a user account. It is a helpful but unsafe Linux server utility. Adding a non-privileged user to perform routine activities is a smart idea.
However, using the command-line tool sudo, we can gain access to the administrator privilege.
Managing the User in Linux User Management
a) Create a User in Linux
a) adduser command
- The adduser command in Linux is used to add new users to our system.
- With this command, you can change the settings for the user that will be created.
- It is comparable to the Linux useradd command. Compared to the useradd command, the adduser command is much more interactive.
To run this command we have to add sudo in the prefix.
Syntax:
$ sudo adduser user_name
$ sudo adduser binfin
Adding user `binfin' ...
Adding new group `binfin' (1003) ...
Adding new user `binfin' (1003) with group `binfin' ...
Creating home directory `/home/binfin' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for binfin
Enter the new value, or press ENTER for the default
Full Name []: BinFin
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y
Now, to check whether the new user is added or not, we can check with the help of the tail command. As soon as we add a new user to our system, it stores the information in the /etc/passwd file.
$ tail -n 5 /etc/passwd
mongodb:x:130:138::/var/lib/mongodb:/usr/sbin/nologin
vivek:x:1001:1001:Maurya Vivek,123,8169817135,:/home/vivek:/bin/bash
fwupd-refresh:x:131:139:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin
binfintech:x:1002:1002:BinFinTech,,,:/home/binfintech:/bin/bash
binfin:x:1003:1003:BinFin,,,:/home/binfin:/bin/bash
Here, the binfin is the new user which is added to the system.
b) useradd command
- The useradd command is also used to add user accounts to our system.
- In Linux, the adduser command is simply a symbolic link, and the only distinction between the two is that useradd is a native binary built into the operating system, whereas adduser is a Perl script that uses the useradd binary in the background.
- To run this command we have to add sudo in the prefix.
When we add a new user to our system, it makes the following changes in the files:
- /etc/passwd.
- /etc/shadow
- /etc/gshadow
- /etc/group
- creates a directory for the new users in /home
Syntax:
$ sudo useradd bin
$ sudo useradd alex
$ tail -n 5 /etc/passwd
vivek:x:1001:1001:Maurya Vivek,123,8169817135,:/home/vivek:/bin/bash
fwupd-refresh:x:131:139:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin
binfintech:x:1002:1002:BinFinTech,,,:/home/binfintech:/bin/bash
binfin:x:1003:1003:BinFin,,,:/home/binfin:/bin/bash
alex:x:1004:1004::/home/alex:/bin/sh
Here, you can see that I have added a new user as alex to the system. And it can be seen in the /etc/passwd directory.
There are many other ways we can add users to the system by using the useradd command.
a) To give a home directory path for new users.
$ sudo useradd -d /home/user_name user_name
b) To create a user with a specific user ID.
$ sudo useradd -u id_number user_name
c) To create a user with a specific group ID.
$ sudo useradd -g 1000 user_name
d) To create a user without a home directory.
$ sudo useradd -M user_name
e) To create a user with an expiry date.
$ sudo useradd -e 2023-01-21 user_name
f) To see the details of the user expiration date
$ sudo chage -l user_name
g) To set an unencrypted password for the user.
$ sudo useradd -p your_password user_name
b) Accessing a user Configuration File
To access the information of the user which is available in our system we can easily see the configuration file.
File Name:
$ cat /etc/passwd
This file contains information about the user in the format:
username : x : user id : user group id : : /home/user_name : /bin/bash
For Example:
$ tail -3 /etc/passwd
tomcat:x:998:998:Apache Tomcat:/:/usr/sbin/nologin
mongodb:x:130:138::/var/lib/mongodb:/usr/sbin/nologin
binfintech:x:1002:1002::/home/binfintech:/bin/sh
c) Delete the user from the system
a) userdel command
- To delete the user from the system we can use the userdel command.
- First of all, check that the user should not be part of any group. If it is a part of any group then we have to remove him/her from the group and then we can delete that user.
Syntax:
$ sudo userdel -r user_name
$ id binfintech
uid=1002(binfintech) gid=1002(binfintech) groups=1002(binfintech)
$ sudo userdel -r binfintech
userdel: binfintech mail spool (/var/mail/binfintech) not found
$ id binfintech
id: ‘binfintech’: no such user
From the above commands, we can clearly see before deleting the user we can see the information of the user after deleting the user it gives the error of no such user.
d) Deleting the Home directories of the User
There is another way to delete the user from the user which is to delete the user directory which is stored in our system.
$ sudo useradd binfintech
$ tail -3 /etc/passwd
tomcat:x:998:998:Apache Tomcat:/:/usr/sbin/nologin
mongodb:x:130:138::/var/lib/mongodb:/usr/sbin/nologin
binfintech:x:1002:1002::/home/binfintech:/bin/sh
$ sudo userdel -r binfintech
userdel: binfintech mail spool (/var/mail/binfintech) not found
userdel: binfintech home directory (/home/binfintech) not found
$ tail -3 /etc/passwd
mysql:x:129:137:MySQL Server,,,:/nonexistent:/bin/false
tomcat:x:998:998:Apache Tomcat:/:/usr/sbin/nologin
mongodb:x:130:138::/var/lib/mongodb:/usr/sbin/nologin
From the above commands, we can clearly see before deleting the user we can see the information of the user after deleting the user it gives the error of no such user.
e) Update the User Information
Cheat sheet For Linux commands
Cheat Sheet for Linux Commands
FAQ
In a Linux operating system, a user is an entity that has access to files and can carry out a number of additional tasks.
In the operating system, an ID that is specific to each user is given to them.
The IDs for local users start at 1000 after the operating system has been installed.
1) Root User.
2) Regular User.
3) Service User.