User management is a core function of Linux system administration. It controls system access, enforces security, and ensures users have the correct privileges for their tasks. Linux supports multi-user environments, making it ideal for everything from personal laptops to large enterprise systems. Efficient user management:
- Secures the system from unauthorized access
- Ensures users can perform their roles without interfering with others
- Helps in auditing and tracking user activity
Understanding Linux User IDs (UIDs)
Linux systems typically support up to 60,000 users, making them suitable for large-scale use.
Admins manage users by creating, modifying, and deleting accounts, setting permissions, and enforcing access policies. This ensures users can perform tasks without compromising system integrity.
Types of Users in Linux
Linux is a multi-user operating system, meaning multiple users can access and operate the system simultaneously. Each user type serves a specific purpose and has different levels of access and control.
Below are the main types of users you will encounter in Linux:
| User Type | Description |
|---|
| Root (Superuser) | Full system control. Can install software, change config files, and delete anything. Powerful but risky. |
| Regular User | Limited access. Can create files, run applications, but not modify system-level settings. |
| Sudo User | Regular user with temporary admin rights via the sudo command. Common in modern systems. |
| System/Service Account | Non-human accounts used by services (e.g., mysql, nginx). Limited privileges. |
| Guest User | Temporary users with minimal privileges. Changes are not saved after logout. |
User Groups
A user group is a collection of users. If you give permission to a group, all users in that group get the same access. This makes it easier to manage file and system permissions for many users at once.
1. Primary Group (Default for files)
- Every Linux user is assigned one primary group.
- When a user creates a file, the group ownership of that file is automatically set to their primary group.
- By default, this group usually has the same name as the user.
- It helps manage file ownership cleanly without much extra configuration.
Example:
Check Primary Group:
id raj
Output:
Here, gid=1000(raj) means the primary group of user raj is raj.
2. Secondary Group(Additional Permissions)
- A user can be a part of multiple secondary groups.
- These groups provide extra access to files, folders, or services.
- They are commonly used for team-based access or system-level permissions (e.g., accessing Docker, video devices, or running sudo).
Example:
Add User to a Secondary Group:
sudo usermod -aG developers raj
- This adds
raj to the developers group.
Check Group Memberships:
groups raj
Output:
This shows that user raj is part of two groups:
- Primary:
raj - Secondary:
developers
User Management Files
These files are essential for managing users, groups, and permissions on a Linux system, and they play a key role in ensuring security and efficient system administration.
The following are different user management files in linux:
/etc/passwd: Stores basic details of all user accounts including:
- Username
- User ID (UID)
- Primary Group ID (GID)
- Home directory
- Default shell
- Full name of the user
/etc/shadow: Stores encrypted user passwords and password-related settings:
- Encrypted passwords
- Last password change date
- Password expiration and inactivity rules
- Account expiration settings
Group Management
/etc/group: Defines all groups in the system and user memberships:
- Group name
- Group ID (GID)
- List of users in each group
/etc/gshadow: Secure counterpart to /etc/group, storing:
- Encrypted group passwords
- Group administrators
- Group members
Privilege Control
/etc/sudoers: Manages sudo access for users and groups:
- Who can use the
sudo command - What commands they can run
- From which terminals/systems
User Home Directory Setup
/etc/skel/: Directory containing default configuration files copied to a new user’s home directory:
- Typically includes
.bashrc, .profile, etc. - Used to provide default shell settings and environment
Logs and Auditing
/var/log/auth.log: Records authentication-related events:
- Successful and failed login attempts
- Usage of the
sudo command - Account lock and unlock events
- Other security-related activities
User Account Management Commands
The below are some important user account management commands:
1. List all users
To list all the users in Linux, use the awk command with the -F option. This will access the /etc/passwd file and print only the first column, which contains the usernames.
awk -F':' '{ print $1}' /etc/passwd
2. Get User ID
The id command provides the user ID (UID) of any given username. This ID is also the group ID (GID) of the user by default.
id username
Example: id test
3. Add a User
The useradd command creates a new user in the system. The user will be assigned an automatic ID based on the system's settings.
useradd username
Example: sudo useradd geeks
4. Assign a Password
The passwd command is used to assign a password to the user. After entering the command, you will be prompted to input a new password for the user.
passwd username
Example: sudo passwd geeks
5. Accessing a User Configuration File
To view user details from the /etc/passwd file, use the cat command. This file contains user account information like UID, GID, home directory, and login shell.
cat /etc/passwd
This commands prints the data of the configuration file. This file contains information about the user in the format.
username : x : user id : user group id : : /home/username : /bin/bash
Now we will go through the commands to modify information.
System administrators often need to update user account settings. Below are common usermod and userdel commands used to modify user accounts.
1. Change User ID
To change the user ID (UID) of an existing user, use the usermod command with the -u option.
usermod -u new_id username
This command can change the user ID of a user. The user with the given username will be assigned with the new ID given in the command and the old ID will be removed.
Example: sudo usermod -u 1982 test
2. Change Group ID
To modify the group ID (GID) of a user or move a user to another group, use the usermod command with the -g option.
usermod -g new_group_id username
This command can change the group ID of a user and hence it can even be used to move a user to an already existing group. It will change the group ID of the user whose username is given and sets the group ID as the given new_group_id.
Example: sudo usermod -g 1005 test
3. Change Login Name
To change a user's login name, use the usermod command with the -l option.
usermod -l new_login_name old_login_name
Example: sudo usermod -c John_Wick John_Doe
4. Change Home Directory
To change a user's home directory, use the usermod command with the -d option. You can specify the new path for the home directory.
usermod -d new_home_directory_path username
Example: usermod -d new_home_directory test
5. Delete a User
The userdel command removes a user from the system. Use the -r option to also delete the user's home directory. If the user is part of any group, you must remove them from the group before deletion.
userdel -r username
Example: sudo userdel -r new_geeks
Common Issues in User Management in Linux
Managing users in Linux can present various challenges that impact system security and efficiency. The below are some common issues and strategies to address them:
1. Forgotten Passwords
Users may forget their passwords, leading to access issues.
Solution: Administrators can reset passwords using the passwd command.
sudo passwd username
This command prompts for a new password, restoring user access.
2. Account Lockouts
Multiple failed login attempts can lock user accounts.
Solution: Unlock accounts using the usermod command:
sudo usermod -U username
This command unlocks the specified user account.
3. Security Vulnerabilities
Outdated systems can be susceptible to security threats.
Solution: Keep the system updated with the latest patches using the package manager:
sudo apt update && sudo apt upgrade
Regular updates enhance system security.
4. Permission Errors
Incorrect file or directory permissions can restrict user access.
Solution: Adjust permissions using chmod and chown:
sudo chmod 755 /path/to/directory
sudo chown user:group /path/to/file
Proper permissions ensure appropriate access levels.
Users may lack necessary group memberships, limiting access.
Solution: Add users to groups with usermod:
sudo usermod -aG groupname username
This command appends the user to the specified group.
6. Privilege Escalation Risks
Improper configurations can allow unauthorized privilege escalation.
Solution: Review and edit the /etc/sudoers file carefully, preferably using visudo to prevent syntax errors.
sudo visudo
Ensure only authorized users have elevated privileges.
Errors in critical files like /etc/passwd and /etc/shadow can disrupt user management.
Solution: Use commands like vipw and vigr to safely edit these files:
sudo vipw
sudo vigr
These commands lock the files during editing, preventing concurrent modifications.
Also read:
Conclusion
User management in Linux helps control who can access the system and what they can do. It involves creating, editing, and deleting user accounts, setting permissions, and managing user groups. Important files like /etc/passwd and /etc/shadow store user information, and commands like useradd, usermod, and userdel are used to manage users. Common problems like forgotten passwords or account lockouts can be fixed with simple commands. Keeping the system updated and managing user permissions properly helps keep the system secure and running smoothly.
Similar Reads
File Management in Linux In Linux, most of the operations are performed on files. And to handle these files Linux has directories also known as folders which are maintained in a tree-like structure. Though, these directories are also a type of file themselves. Linux has 3 types of files: Gereral Files: It is the common file
3 min read
Types of User Profile Management in LINUX User profile management is an essential topic in the profile management system, and it describes how the user can handle the profile. Various types of user-profiles management in Linux are - bashrcbash_profilebash_historybash_logoutbashrc Procedures Open the terminal and add the user.useradd t1Switc
1 min read
7 Linux Commands For Managing Users Linux is a fantastic platform that allows multi-user access options. Different users can access the same Linux OS for working simultaneously. A user account allows multiple people to access directories, terminals, the Internet, etc. There are three types of user accounts: User Account: This account
3 min read
Some time-saving tips for Linux Users Are you making most out of the Linux? There are lots of helpful features which appears to be time saving Tips and Tricks for many of Linux Users. Sometimes these time saving Tips and Tricks become the need. They help you to get productive with the same set of commands yet with enhanced functionality
4 min read
How to Remove Users from Groups in Linux? Groups in Linux are an important part of organizing the system's access control. Creating separate groups for separate types of roles of users allows the administrator to manage the access control of the Linux system efficiently. It is an essential skill to understand how to add, remove, and update
4 min read
How to Manage Directories in Linux? Directories in Linux or any operating system help to organize the data and files, which is then easier to find and manage. In this article, you will learn everything you will need to manage directories in Linux. We will try to cover every topic from creating, and copying to deleting the directories
6 min read