Day 5: Mastering Linux: Essential User and Group Administration Commands

Omprakash Kalagoni's photo
Omprakash Kalagoni
·

4 min read

Day 5: Mastering Linux: Essential User and Group Administration Commands

Table of contents

In this article, we will explore into various user management commands in Linux, providing a comprehensive guide to effectively administer users and groups within the system.

There are three types of users in Linux:

  • root user: The superuser with full administrative privileges.

  • normal user: A standard user with limited permissions.

  • application / system user: A user created for running specific applications or services.

How to Create a User in Linux

useradd: This command helps us create a user. It automatically creates the home directory for the respective user and adds entries in the following files:

  • /etc/shadow: Contains encrypted password information.

  • /etc/group: Defines the groups to which users belong.

  • /etc/passwd: Contains user account information.

Normal users can't access this command; we need to switch to the root user or use sudo.

To create a new user named john, you would use the following command:

sudo useradd john

This command will create a user named john and set up the necessary files and directories. The useradd command has several options that can be used to customize the user creation process, such as:

  • -m: Create the user's home directory if it does not exist. This is useful for ensuring the user has a personal space for files.

  • -s: Specify the user's login shell. For example, /bin/bash for Bash shell.

  • -G: Add the user to additional groups. This is useful for granting additional permissions.

  • -d: Specify a custom home directory. This is useful if you want the user's home directory to be different from the default.

How to modify the user attributes

usermod

The usermod command is used to modify an existing user account. For example, to change the shell for user john:

sudo usermod -s /bin/bash john

Another example is to add the docker group to the user john:

sudo usermod -aG docker john

Another example is to lock the user:

sudo usermod -L john => When you lock the user, you will see a '!' mark before the encrypted password in the /etc/shadow file.

Another example is to unlock the user:

sudo usermod -U john => When you lock the user, you will not see a '!' mark before the encrypted password in the /etc/shadow file.

How to delete the user

userdel

The userdel command is used to delete a user account. To remove user john:

sudo userdel john

sudo userdel -r john => It will delete the user home directory as well.

How to change the password for the user

passwd

The passwd command is used to change a user's password. To set a password for user john:

sudo passwd john

How to create the group

We use groups to manage users effectively and assign permissions for files and directories.

groupadd

The groupadd command is used to create a new group. To create a group named developers:

sudo groupadd developers

groupdel

The groupdel command is used to delete a group. To delete a group named developers:

sudo groupdel developers

gpasswd

The gpasswd command is used to add multiple users to a group. To add the developers group to multiple users (user1, user2, ..., usern):

sudo gpasswd -M user1,user2,...,usern developers

chage

The chage command is used to set attributes for a user, such as:

chage username

Difference between sudo su and sudo su -

  • sudo su -: This command switches to the root user, changes the directory to the root user's home directory, and loads the root user's configuration.

  • sudo su: This command switches to the root user but does not change the directory to the root user's home directory and does not load the root user's configuration.

  • su - username: This command switches to another user. (If you don't use the -, it won't load the user's configurations)

    • Normal => Normal user (Password required)

    • Normal => Root user (Password required)

    • Root => Normal user (Password not required)

How to give sudo access to normal user

visudo => This command locks the file, preventing other users from accessing it while you are giving sudo access to a normal user.

vi /etc/sudoers => Not best practice, because other users can modify the file at the same time.

Mastering user and group administration commands in Linux is essential for effective system management. By understanding and utilizing commands like useradd, usermod, userdel, passwd, groupadd, and groupdel, administrators can efficiently manage user accounts and permissions. Additionally, knowing the differences between sudo su and sudo su -, as well as how to grant sudo access to normal users, further enhances administrative capabilities. With these skills, you can ensure a secure and well-organized Linux environment.

Which command do you find most useful in your daily tasks? Let’s discuss! 💬

Please subscribe to the blog for more updates.

#90daysofdevopsDevopslinux for beginners