Managing User Accounts in Linux

The Linux system is a multi-user, multi-tasking time-sharing operating system. Any user who wants to use system resources must first apply for an account from the system administrator and then log into the system with this account.

A user’s account can help the system administrator track users who use the system and control their access to system resources; on the other hand, it can also help users organize files and provide security protection.

Each user account has a unique username and its own password.

When a user logs in with the correct username and password, they can access the system and their home directory.

To manage user accounts, the main tasks include the following:

Adding, deleting, and modifying user accounts.

Managing user passwords.

Managing user groups.

01
User Account Management
User account management mainly involves adding, modifying, and deleting user accounts.
Adding a user account means creating a new account in the system and assigning resources such as user ID, user group, home directory, and login shell to the new account. Newly added accounts are locked and cannot be used.

1. To add a new user account, use the useradd command with the following syntax:

useradd options username
Parameter Description:
Options:
-c comment specifies a comment description.
-d directory specifies the user’s home directory. If this directory does not exist, use the -m option to create the home directory.
-g user group specifies the user group to which the user belongs.
-G user group, user group specifies additional groups to which the user belongs.
-s shell file specifies the user’s login shell.
-u user ID specifies the user’s ID. If the -o option is also used, it can reuse the ID of another user.
username: specifies the login name of the new account.

Example 1

# useradd -d /home/sam -m sam
This command creates a user named sam, where the -d and -m options create a home directory /home/sam (with /home being the default parent directory for user home directories).

Example 2

# useradd -s /bin/sh -g group -G adm,root gem
This command creates a new user named gem, whose login shell is <span>/bin/sh</span>, belonging to the group user group, and also to the adm and root user groups, with group being the primary group.
You may also create groups:<span># groupadd group and groupadd adm</span>
Adding a user account involves adding a record for the new user in the /etc/passwd file and updating other system files such as /etc/shadow, /etc/group, etc.
Linux provides an integrated system management tool called userconf, which can be used for unified management of user accounts.

2. Deleting an Account

If a user’s account is no longer in use, it can be deleted from the system. Deleting a user account means removing that user’s record from system files such as /etc/passwd, and if necessary, also deleting the user’s home directory.
To delete an existing user account, use the <span>userdel</span> command with the following format:
userdel options username
The commonly used option is -r, which deletes the user’s home directory as well.
For example:
# userdel -r sam
This command deletes the records of user sam from system files (mainly /etc/passwd, /etc/shadow, /etc/group, etc.) and also deletes the user’s home directory.

3. Modifying an Account

Modifying a user account means changing the user’s attributes based on actual circumstances, such as user ID, home directory, user group, login shell, etc.
To modify an existing user’s information, use the <span>usermod</span> command with the following format:
usermod options username
Common options include <span>-c, -d, -m, -g, -G, -s, -u, and -o</span>, and the meanings of these options are the same as those in the <span>useradd</span> command, allowing you to specify new resource values for the user.
Additionally, some systems allow the use of the option: -l new username
This option specifies a new account, changing the original username to the new username.
For example:
# usermod -s /bin/ksh -d /home/z -g developer sam
This command changes user sam’s login shell to ksh, home directory to /home/z, and user group to developer.
Managing User Accounts in Linux
02
Password Management for Users
An important aspect of user management is managing user passwords. When a user account is created, it does not have a password and is locked, meaning it cannot be used until a password is assigned, even if an empty password is specified.
The shell command to specify and modify user passwords is <span>passwd</span>. The superuser can set passwords for themselves and other users, while ordinary users can only use it to modify their own passwords. The command format is:
passwd options username
Available options include:
-l locks the password, i.e., disables the account.
-u unlocks the password.
-d makes the account passwordless.
-f forces the user to change the password on the next login.
If no username is specified, it modifies the current user’s password.
For example, if the current user is sam, the following command modifies that user’s password:
$ passwd 
Old password:****** 
New password:******* 
Re-enter new password:*******
If you are a superuser, you can specify any user’s password with the following form:
# passwd sam New password:******* 
Re-enter new password:*******
When ordinary users modify their own passwords, the passwd command will first ask for the old password for verification before requesting the user to enter the new password twice. If both entries match, the new password is assigned to the user; while the superuser does not need to know the old password to set a password for a user.
For system security, users should choose relatively complex passwords, preferably 8 characters long, containing uppercase and lowercase letters and numbers, and should not be similar to their name, birthday, etc.
To assign an empty password to a user, execute the following command:
# passwd -d sam
This command deletes user sam’s password, so the next time user sam logs in, the system will not allow that user to log in.
The passwd command can also use the -l (lock) option to lock a user, preventing them from logging in, for example:
# passwd -l sam

Managing User Accounts in Linux

03
User Group Management
Each user belongs to a user group, and the system can centrally manage all users within a user group. Different Linux systems have different regulations regarding user groups, such as in Linux, users belong to a user group with the same name, which is created simultaneously when the user is created.
User group management involves adding, deleting, and modifying user groups. Adding, deleting, and modifying groups effectively updates the /etc/group file.

1. To add a new user group, use the groupadd command. Its format is as follows:

groupadd options usergroup
Available options include:
-g GID specifies the group ID (GID) for the new user group.
-o is generally used with the -g option, indicating that the new user group’s GID can be the same as an existing user group’s GID.

Example 1:

# groupadd group1
This command adds a new group group1 to the system, with the group ID being one greater than the current maximum group ID.

Example 2:

# groupadd -g 101 group2
This command adds a new group group2 to the system and specifies that the new group’s ID is 101.

2. To delete an existing user group, use the groupdel command with the following format:

groupdel usergroup

For example:

# groupdel group1
This command deletes the group group1 from the system.

3. To modify the properties of a user group, use the groupmod command. Its syntax is as follows:

groupmod options usergroup
Common options include:
-g GID specifies a new group ID for the user group.
-o used with the -g option, allows the new group ID to be the same as an existing user group’s ID.
-n new user group renames the user group to a new name.

Example 1:

# groupmod -g 102 group2
This command changes the group ID of group2 to 102.

Example 2:

# groupmod -g 10000 -n group3 group2
This command changes the group2’s ID to 10000 and renames it to group3.

4. If a user belongs to multiple user groups, they can switch between groups to gain permissions from other groups.

After logging in, a user can use the command newgrp to switch to another user group, with the command parameter being the target user group. For example:
$ newgrp root
This command switches the current user to the root user group, provided that the root user group is indeed the user’s primary or additional group. Similar to user account management, user group management can also be performed using integrated system management tools.
——- END ——-
Disclaimer

This article contains some graphics and text sourced from the internet.

If there are copyright issues, please contact us promptly.

Related posts

  1. Setting Up a DNS Server on Linux
  2. Silent Threats Inside IoT Devices
  3. Comprehensive SoC Training Camp: Mastering Chip Design from A to Z
  4. 5 Tips for Resolving Specific Domain Names Inside Containers
  5. Practical Cases of AI Agents in Marketing and HR
  6. Microsoft: Using Rust to Rewrite Windows Components
  7. An Introduction to Block Device Drivers
  8. Advanced CMake Techniques for Project Management
  9. Analysis of Side-Channel Attack Testing on Talosec Hardware Wallet Part 1
  10. Innovative Applications of ADC Technology Beyond Oncology
  11. Implementing RNNs on FPGA for Enhanced Performance
  12. New Energy Efficiency Curve for Dimensity 9200+ SoC
  13. Exploring The Linux Bus, Device, and Driver Model
  14. Essential 60 Practical Linux Commands Revealed (Part 2)
  15. Introduction to Zephyr C Standard Library
  16. Matlab 2019a Installation Guide for Windows 10
  17. Introduction to Python Strings: Lesson 11
  18. Disassembling The Popular 100M Logic Analyzer
  19. Introduction to Rust Programming: Project Structure and Modular Design

Leave a Comment