In this article we are going to learn How we can add/remove/modify users and groups on Linux operating systems using CLI / How to Manage Users and Groups in Linux.
Table of Contents
Manage Users and Groups in Linux
What is a Linux user?
A user is an entity, in a Linux operating system, that can manipulate files and perform several other operations.
Types of Linux Users
There are two types of users which exist on a typical Linux operating system.
Linux System users
A system user account is created by the operating system during its installation and is used for operation system defined purposes. They have user id’s predefined (100-999)
This range can be verified in the file /etc/login.defs
cat /etc/login.defs | grep -i SYS_UID_MIN cat /etc/login.defs | grep -i SYS_UID_MAX cat /etc/login.defs | grep -i SYS_GID_MIN cat /etc/login.defs | grep -i SYS_GID_MAX
Linux Regular users
The regular user accounts has ids begin from 1000.
cat /etc/login.defs | grep -i UID_MIN | grep -v -E '^\#' cat /etc/login.defs | grep -i UID_MAX | grep -v -E '^\#' cat /etc/login.defs | grep -i GID_MIN | grep -v -E '^\#' cat /etc/login.defs | grep -i GID_MAX | grep -v -E '^\#'
Linux user Accounts:
When we create a local user account, users login information and all other details are stored in the /etc/passwd file.
Syntax:
username:password:UID:GID:name:home directory:shell
Field Number | Field Value | Description |
1 | Username | The username given at the time of creation. |
2 | Password | The password stored as ‘x’ indicates that encrypted password is stored in /etc/shadow file |
3 | UID | Each user on linux must be assigned a user ID (UID) |
4 | GID | The primary group ID the user is associated to. |
5 | Comment | Contains extra information about the user as its full name, phone number etc. |
6 | Home Directory | The absolute path to the user’s home directory |
7 | Login Shell | The absolute path to the ‘shell’ the user will be assigned when login. |
Create a Linux user
Create new user in linux using below commands:
useradd demo cat /etc/passwd | grep -i demo
Following are the commonly used options.
-b : The default base directory for the system.
-c: Adds description/comment to a user account.
-d: The new user will be created using HOME_DIR as the value for the users login directory.
-f: The number of days after a password expires until the account is permanently disabled.
-k: The skeleton directory, which contains files and directories to be copied in the user’s home directory, when the home directory is created by useradd.
-m: Create the user’s home directory if it does not exist. The files and directories contained in the skeleton directory will be copied to the home directory.
-M: Do not create the user’s home directory, even if the system wide setting from /etc/login.defs (CREATE_HOME) is set to yes.
-s: The name of the user’s login shell. The default is to leave this field blank, which causes the system to select the default login shell specified by the SHELL variable in /etc/default/useradd, or an empty string by default.
-u: The numerical value of the user’s ID.
-g: The group name or number of the user’s initial login group.
-G: Adds the user to multiple groups.
-r: Files in the user’s home directory will be removed along with the home directory itself and the user’s mail spool.
Assign Password to a Linux user
Using the below command we can assign passwords to linux users.
passwd demo
Delete Linux user
Using the below command you can delete a user from the Linux operating system.
userdel -r demo1
Modifying users properties in Linux
Following commands are used to modify an existing user’s properties.
Update the comment part
usermod -c “This is demo user” demo
Change User Home Directory
usermod -d /var/www/ demo
Setting User Account Expiry Date
usermod -e 2022-11-05 demo chage -l demo
Lock and unlock the user account
Use ‘-L’ (lock) option with usermod command to lock the user account and to unlock use -U option.
Once locked, the user can’t login by using the password and you will see a ! added before the encrypted password in /etc/shadow file, meaning the password is disabled.
usermod -L demo
usermod -U demo
Group Management
There are two types of groups in Linux. The primary group and secondary group. On Linux when you create a user the primary group that the user belongs to also gets created with the same name as the user.
You can see in the above image that the demo user is part of its own primary group named demo.
Create a Linux Group
Use below command to create a linux group
groupadd mygroup
Add users to a Linux group
We can add users to become part of any other groups
usermod -G mygroup demo
usermod -G mygroup sample
Now another way to check group information of a Linux user using id and groups command
id demo
id sample
groups demo
groups sample
Change name of a Linux group
Use below command to change name of linux group
Syntax:
groupmod -n newname oldname
groupmod -n mynewgrp mygroup
Change GID of a Linux group
Use below command to change GID of linux group
Syntax:
groupmod -g newgid groupname
group -g 1008 mynewgrp
Remove a user from Linux group
Use below commands to remove a user from Linux group
gpasswd -d sample mynewgrp
Delete or Remove a Linux group
Use below command to delete or remove linux group
groupdel mynewgrp
We have covered Manage User and Groups in Linux
Conclusion:
How we can add/remove/modify users and groups on Linux operating systems using CLI / How to Manage Users and Groups in Linux.
Related Articles:
Reference: