In this article, we will explore into various user management commands in Linux, providing a comprehensive guide to effectively administer users and groups within the system.
There are three types of users in Linux:
-
root user: The superuser with full administrative privileges.
-
normal user: A standard user with limited permissions.
-
application / system user: A user created for running specific applications or services.
How to Create a User in Linux
useradd
: This command helps us create a user. It automatically creates the home directory for the respective user and adds entries in the following files:
-
/etc/shadow
: Contains encrypted password information. -
/etc/group
: Defines the groups to which users belong. -
/etc/passwd
: Contains user account information.
Normal users can’t access this command; we need to switch to the root user or use sudo
.
To create a new user named john
, you would use the following command:
sudo useradd john
This command will create a user named john
and set up the necessary files and directories. The useradd
command has several options that can be used to customize the user creation process, such as:
-
-m
: Create the user’s home directory if it does not exist. This is useful for ensuring the user has a personal space for files. -
-s
: Specify the user’s login shell. For example,/bin/bash
for Bash shell. -
-G
: Add the user to additional groups. This is useful for granting additional permissions. -
-d
: Specify a custom home directory. This is useful if you want the user’s home directory to be different from the default.
How to modify the user attributes
usermod
The usermod
command is used to modify an existing user account. For example, to change the shell for user john
:
sudo usermod -s /bin/bash john
Another example is to add the docker group to the user john:
sudo usermod -aG docker john
Another example is to lock the user:
sudo usermod -L john
=> When you lock the user, you will see a '!' mark before the encrypted password in the /etc/shadow file.
Another example is to unlock the user:
sudo usermod -U john => When you lock the user, you will not see a '!' mark before the encrypted password in the /etc/shadow file.
How to delete the user
userdel
The userdel
command is used to delete a user account. To remove user john
:
sudo userdel john
sudo userdel -r john => It will delete the user home directory as well.
How to change the password for the user
passwd
The passwd
command is used to change a user’s password. To set a password for user john
:
sudo passwd john
How to create the group
We use groups to manage users effectively and assign permissions for files and directories.
groupadd
The groupadd
command is used to create a new group. To create a group named developers
:
sudo groupadd developers
groupdel
The groupdel
command is used to delete a group. To delete a group named developers:
sudo groupdel developers
gpasswd
The gpasswd command is used to add multiple users to a group. To add the developers group to multiple users (user1, user2, …, usern):
sudo gpasswd -M user1,user2,...,usern developers
chage
The chage
command is used to set attributes for a user, such as:
chage username
Difference between sudo su
and sudo su -
-
sudo su -
: This command switches to the root user, changes the directory to the root user’s home directory, and loads the root user’s configuration. -
sudo su
: This command switches to the root user but does not change the directory to the root user’s home directory and does not load the root user’s configuration. -
su – username: This command switches to another user. (If you don’t use the -, it won’t load the user’s configurations)
-
Normal => Normal user (Password required)
-
Normal => Root user (Password required)
-
Root => Normal user (Password not required)
-
How to give sudo access to normal user
visudo
=> This command locks the file, preventing other users from accessing it while you are giving sudo access to a normal user.
vi /etc/sudoers
=> Not best practice, because other users can modify the file at the same time.
Mastering user and group administration commands in Linux is essential for effective system management. By understanding and utilizing commands like useradd
, usermod
, userdel
, passwd
, groupadd
, and groupdel
, administrators can efficiently manage user accounts and permissions. Additionally, knowing the differences between sudo su
and sudo su -
, as well as how to grant sudo access to normal users, further enhances administrative capabilities. With these skills, you can ensure a secure and well-organized Linux environment.
Which command do you find most useful in your daily tasks? Let’s discuss!
Please subscribe to the blog for more updates.