User and group management is fundamental to administering any Linux system. It ensures proper access control, multi-user environment management, and system security. In this guide, we’ll explore how Linux handles users and groups, and how you can manage them efficiently using commands and configuration files.
Understanding Users in Linux
Linux is a multi-user system, meaning multiple users can work on it simultaneously. Each user has:
- A username
- A unique User ID (UID)
- A default Group ID (GID)
- A home directory
- A default shell
Key Files Involved
| File | Description |
|---|---|
| /etc/passwd | Stores user account details |
| /etc/shadow | Stores encrypted user passwords |
| /etc/group | Stores group information |
| /etc/gshadow | Stores group passwords (rarely used) |
Creating Users
Basic User Creation
sudo adduser username
or
sudo useradd -m username
- -m: Create the home directory if it doesn’t exist.
- -s /bin/bash: Specify the default shell.
Example:
sudo useradd -m -s /bin/bash john
Setting Passwords
sudo passwd john
Prompts you to set and confirm the password for the user john.
Modifying User Accounts
sudo usermod -s /bin/zsh john
Useful options:
-s: Change default shell-G: Add to additional groups-d: Change home directory
Deleting Users
sudo userdel john
To remove the home directory too:
sudo userdel -r john
Understanding Groups in Linux
Groups are a way to manage permissions for multiple users. Each user is a member of:
- Primary group (specified at user creation)
- Supplementary groups
Group IDs (GID) are stored in /etc/group.
Managing Groups
Create a Group
sudo groupadd developers
Add User to Group
sudo usermod -aG developers john
-aG: Append user to group(s) without removing them from existing groups.
View Group Membership
groups john
Delete a Group
sudo groupdel developers
Viewing User Information
Check User Details
id john
List All Users
cut -d: -f1 /etc/passwd
List All Groups
cut -d: -f1 /etc/group
Default Configuration Files
- /etc/login.defs: Default settings like UID ranges
- /etc/skel/: Default files copied to new user home directories
Best Practices for User/Group Management
- Always assign users to least privilege groups.
- Use group-based permissions to manage access cleanly.
- Regularly audit /etc/passwd and /etc/group.
- Disable or lock unused user accounts:
sudo usermod -L usernameConclusion
User and group management is crucial for every Linux system administrator. Mastering the commands and understanding the configuration files will enable you to build a secure and manageable Linux environment.