Linux: How to Manage Users & Groups in Linux

Home /

Table of Contents

Users and Groups

File access and ownership in Linux, like any other operating system, is permission-based. The distribution allows to create of different users and all the data related to a user is stored located in the Linux File System as /home/username generally. But it can be different depending on the linux distribution. This method, Linux ensures that a certain file can only be edited by a specific user. There are two forms of identification: user id (UID) and group ID (GID).

Users include not just people but also other system daemons that do various tasks in order for a program to run. The most essential and powerful user in Linux is superuser, commonly known as root. It has complete power over everything and can modify or stop anything. This raises the possibility of destroying system files. This is why operating as root is not recommended all of the time. When root access is required, Linux provides the sudo (superuser do) command.

To explore user and permissions settings in linux, we may try to read to protected file and see what the system says about it. 

$ cat /etc/shadow


oR gBZLCmekLVMmgciFjlyO9oSyyXJ n6eM0SzbFYnl Tcqd8GRJkAkGcSdKqSoX5q0kH85OgoEMCCdiPH611omqis7DJu7z6NYrAvK8rTj1iF8THkvyAeqcWiVfrrTod8KXFkmrcWLPvVn1Biqgq43BMyOzEksHuQgfp1SNvHSqhvPgO2KPELSa - Linux: How to Manage Users & Groups in Linux

As a result, the system displays that the user does not have permission to view the file. After that, we may look at the file’s permissions.

$ ls -la /etc/shadow


C1S7DWZ0tVBRuWTwc 5YII4Wcr4xuW 3uGLn5Ycswk5h3qkcagvmHVNmiIsprqNcwi Ji8H3rZMRjewE jIw2FSm2Sxz - Linux: How to Manage Users & Groups in Linux

We can see that, permission is reserved for root. So, to read the file, you need to operate as superuser by using sudo command. Let’s try this.

$ sudo cat /etc/shadow

DB5f3unzYFZc4OJ5O 2qPJ1IN5PxtcK5TgXbURh6uAUr8in1A3fYPLrfmY7go5Cdrrd3jPzSd7Wfhtc03SMs4BFlU3jxZCywdCLxfLuYJqIWJLqzDj VYJkdM5Z4Ng4 qGDP0FCeFBQ2S1wbdM4svA0mAuRDebHLaCgz7l2JwdmbjkIVmuaK84wt - Linux: How to Manage Users & Groups in Linux

Following the sudo command, the system will prompt for the superuser password. You can read the file after providing the password.

Another option is to use the ‘su’ command to run the terminal as a superuser. If you supply the root password, the user’s terminal will be substituted by superuser.

$ su


gz8wessaWRxP1a2OGBVKe9Dl6e4aDFTHS0jX5QDqR7jH4AWLhSB73MEO2fKQxoUtOmecltnf STM2fTn SvYtiDyYq2P1 HQamgPBf2 eZx elU6I8hJyoxAG26d9AOcjso8dOrEjXIDxkEgBb1InojJGBMaD2u GOc6NZpscQPU6WoXFJotR 2W - Linux: How to Manage Users & Groups in Linux

As a result, you have root access. Any command you type in the terminal will be run as root. However, there is a significant danger of system corruption. It’s best not to use terminal as root unless absolutely necessary.

/etc/passwd

In linux, a user has user name and user id (UID) or password. Only username is not sufficient enough for identification. All the user’s information are stored in the /etc/passwd folder. 

$ cat /etc/passwd

This shows long list of users and other information about the users separated by colons.  The first user depicted here is root. Let’s see what other information it tells.

 eOIqmCr4rLRc Dn59pKLP01q8JqF2gZLL3IkYXVmQTq2YAdtw2FODWEzThyaI9wY3a26RMxPo 37zLtU6nJJoPij fev9K hyhQXm65uM9nEmeWRTM0FKZKSTU6b8lta9guU4qF scmR76XF1KufZUHH5PoF607fDYArw3zHf8syLZURC6Q7Q - Linux: How to Manage Users & Groups in Linux

  • Username: inital name of each line is the username such as root, daemon, bin.
  • User’s password: The user’s password is indicated by the letter x. However, passwords are not stored here, but in the /etc/shadow file Instead. A “*” and a blank box can also be seen here, indicating that the user does not have login privileges and that the user has no password respectively.
  • User ID (UID): An ID is attached to every user such as  user has id of 0.
  • The group ID
  • GECOS field: 
  • User’s home directory
  • User’s shell 

/etc/shadow

As we saw earlier, it needs superuser permissions to read the file. Because, it stores sensitive data like the passwords of users. Let’s try to read the file again and try to understand the pieces of information it contains. 

$ sudo cat /etc/shadow
HWLM5wFpFz2kcypCW5C2TLTRndyxzUC Ymzm ICG8w 79IaNnNrreNfP fPKyDbVA FeYydEP rI2WrmuGfVTntM 9tHnxJMwvOI6dE9VhEPtnis625rEaVwQhcPGztMZTBm2r2r3DpSQB4 G6VNixr5trc fyXkYVYESlJP3AmolUj7 ryk5yYd - Linux: How to Manage Users & Groups in Linux

From the result, we can see that pieces of information are separated by colons just like the /etc/passwd file. The stored data are discussed below:

  • Username: It starts with username like root, daemon,bin.
  • Password: The passwords are encrypted here. 
  • Date of last password changed
  • Minimum and Maximum password age: Minimum and maximum times a user has to wait before changing their password again.
  • Account expiration date: After this date user will lose it’s login privileges. 

/etc/group

This is another important file that contains  data about the different groups with their permissions. Let’s try to read this with ‘cat’ command.

$ cat /etc/group
JOxCs2H6JiWjjg2o5GJuU2zRA JRdZLYuKYpMTJSIwyZx4Wo eMi6UZSfjuc3ll1lS1RJZQYja 9xPPea 9MzAhVjRX9jAi9iVoXZtykZsWQ7jUZvEBFfnXLkZtvVvqee5Z6zoG6ohCHM1NuMNJf ncFRsCMrizdMvBHhLiEluY7scCY6P2NHTNu - Linux: How to Manage Users & Groups in Linux

The informations are listed below:

  • Group name: The initial name is the group name.
  • Group password: ‘x’ refers to the group password. However, a group password is not always necessary.
  • Group ID (GID): A group ID like 0,1,2 is set for all the groups available.
  • List of users: Users that belong to the group. You may do this manually with proper authentications. 

User Management Tools

Managing users requires root-level access. With the proper authentications, there are ways to add or remove users to the machine. In this section, we will explore these kinds of operations.

To add a new user, one need to use ‘useradd’ or ‘adduser’ command. Run the following command.

$ sudo adduser Dalton
bVOOKkNzYBD5l Wv6Xz6OUbzRvBFgE75Ji CnrDxMBWgY9WF1OBagL2iYRgFl58dz93h9HgmD 7SZh4bYRmu6SrX0v 4oGUb7JJfIJe0zaF - Linux: How to Manage Users & Groups in Linux

As you can see in the figure, the system will ask you about the new user’s data such as Name, phone number, and password. If the data are correct, it will create a new user. You can see these pieces of information by looking into the /etc/passwd and /etc/shadow files.

You can also change the password for an user. You must need superuser access. To accomplish this, you need to run the following command.

$ sudo passwd dalton


wSSWbNIPWAdbqlnSEtlRy1PxTeaea9rF5nr6He2Q9hDx2DDgLMIRpggQM3MdfHEG9c1YtXHaJRTO8hIgqMDL0cilem7meEVKw7T33tTFQACNOfNOf2ejQCtp8KhVDC2ZN z6pMqmTcbtTfcjMFy3n9e3gUuIeBOn9PTvlKiD XMWSYEO7aQ7sYoZ - Linux: How to Manage Users & Groups in Linux

You can also remove an user. For this, the ‘userdel’ command is used. And of course, you need superuser or root access to do this. 

$ sudo userdel dalton

Running this command will delete the dalton user from the system. 

Share The Tutorial With Your Friends
Twiter
Facebook
LinkedIn
Email
WhatsApp
Skype
Reddit
Other Recommended Article