user accounts

• Administration Tasks
In Linux, user accounts play a crucial role in managing
access to system resources, performing administrative tasks,
and maintaining security. Here are key aspects of user
accounts in Linux:
1.Username: Each user account in Linux is associated with a unique
username. Usernames are typically alphanumeric and can include
underscores (_) or hyphens (-) but not spaces.

2.UID (User Identifier): Every user account has a numeric UID that
uniquely identifies the user within the system. The UID is used by the
system to determine the user's permissions and access rights to files,
directories, and system resources.

3.Home Directory: Each user account has a home directory where the
user's files, settings, and personal data are stored. The home directory
user accounts……
4.Shell: A shell is a command-line interface that allows users to interact with
the Linux system. Each user account is associated with a default shell, such
as Bash (/bin/bash), which determines the command prompt and behavior of
the command-line environment.
5.Password: User accounts are protected by passwords, which are used to
authenticate users during login. Passwords should be strong and kept
confidential to ensure the security of user accounts.
6.Groups: Users can be members of one or more groups in Linux. Groups
provide a way to manage permissions and access rights collectively for a set of
users. Each user account is associated with a primary group and may belong
to additional supplementary groups.
7.Permissions: Linux uses file permissions and ownership to control access to
files, directories, and system resources. Each file and directory has associated
permissions for the owner, group, and others, determining who can read, write,
or execute the file.
user accounts……
8.Root User: The root user (UID 0) is a special system account with
unrestricted privileges. The root user has full control over the system and
can perform administrative tasks, install software, modify system
configurations, and manage other user accounts.
9.System Users: Linux systems may have system accounts that are
used for running system services and processes. System accounts
typically have a UID below a certain threshold (e.g., 1000) and do not
have interactive login access.

10.User Management: System administrators are responsible for

managing user accounts in Linux. They can create new user
accounts, modify account settings, reset passwords, assign groups,
Overall,
and deleteuser
oraccounts in Linux
disable user provide as
accounts a structured
needed. and secure way to
manage user access, permissions, and interactions with the system,
ensuring system integrity and security.
The User Manager window, Users
tab
The User Properties window, User
Data tab
 Managing Users and Groups
• One of the key administrative tasks with Linux is
managing users and groups.
• The primary reason for user accounts is to verify the
identity of each individual using a computer system.
• A secondary reason for user accounts is to permit the per-
individual tailoring of resources and access privileges.
• Resources can include files, directories, and devices.
Controlling access to these resources is a primary task of
an administrator
Groups tie together users that have a
common purpose.

• an organization may have persons responsible

for accounts payable and others responsible for
payroll.
• By placing the user accounts in an accounts
payable group then common permissions
can be given to all the members of that
group.
• Members of the accounts payable group
would not have access to the information
and resources of the payroll group. Users
within the same group have the same read,
and write. or execute privileges of group
resources.
etc
•Several files are used when creating users in Linux.
The following are a few most commonly used.
/etc/passwd
/etc/shadow
/etc/group
/etc/passwd

• The /etc/passwd file contains the user ID, and default

home directory. Because this file is used by many tools
it needs to be readable by any user.
• To view the /etc/passwd file use the less command.
less /etc/passwd
• The /etc/passwd file is a group of fields separated with a colon
(:). They are username, password (shown as an x), numeric
user ID, numeric group ID, full name, user’s home directory,
and user’s shell account.
 /etc/shadow
•The /etc/shadow file contains the encrypted passwords and other
password information.
• This file is viewable by the root user only.
•To view the /etc/shadow file use the following commands:
su – root
tail /etc/shadow
•The /etc/shadow file is a group of fields separated with a colon (:).
They are:
• Username
• password (13 characters encrypted)
• the number of days since the password was last changed
• the number of days before the password may be changed
• the number of days to warn a user of an expiring password
• the number of days after a password expires that account is disabled
• the number of days since an account has bee disabled
• a reserved field for possible future use.
 Adding a User 1
•Use the useradd command to add a user. The syntax of the
command is displayed by typing the command alone.
useradd
•The most basic command to add a user named John Smith with
and user ID of jsmith is the following:
useradd jsmith
•If you view /etc/passwd after the add you will see that jsmith has
been added.
jsmith:x:501:501::/home/jsmith:/bin/bash
id:password(shadowed):Full Name:homeDir:shell
• The full name can be added with the –c option. useradd –c “John
Smith” jsmith
 Adding a User 2
•When a user is added the home directory is not created automatically.
It is assigned but not created until the user logs in the first time. To
force the home directory to be created use the –m option. The following
command will create the jsmith user and create the associated home
directory:
useradd –c “John Smith” –m jsmith
•View the jsmith user home directory with the command:
ls /home/directory
•Any files and directories that are in the /etc/skel directory are
automatically copied into the newly created home directory. If /etc/skel
has no files or directories (the default) then nothing is created.
•The /etc/skel directory on this Linux system has a Documents directory
and a Welcome file.
 Adding a User 3
•A look at the /etc/shadow file shows that jsmith was added but a
password has not been assigned. The command to add a password is
passwd. As root you can change the password for jsmith with the
following command:
passwd jsmith
•You will be asked to type the password and then repeat it to ensure it
was typed correctly. The root user can change any user password. A
user can change their own password by typing passwd without a user
ID.

•passwd has options to configure the minimum password lifetime,

maximum password lifetime, and other options.
 Deleting a User
•Deleting a user is done as the root user with the userdel command. To
delete the user jsmith use the command:
userdel jsmith
•Userdel has one option, -r, which removes the user’s home directory as
well as the account. To remove jsmith and the associated home
directory, /home/jsmith, use the following command:
userdel –r jsmith
•Once a user’s home directory is removed it would have to be restored
from backup to recover it.
•There may be orphaned files – files that are not associated by a valid
user – when you delete a user
• Example: jsmith was storing some files in /tmp. Those files are not deleted
when the user jsmith is removed. Those files in /tmp are now orphaned.
 Adding a Group
•The mail file for groups is the /etc/group file. The file is a group of
fileds that describe the group and who is a member of it. The fields in
order are the group name, password (not used), numeric ID, and then a
list of members separated by a comma.

•A group is used to assign rights and permissions to users. For example,

if you have several files that should be made available to users in the
Accounts Payable department you could create an Accounts Payable
group then add users to the group. Once the group is populated then
the permissions of the file or directory can be changed to allow access
by the group.

•To add a group use the groupadd command.

groupadd AccountsPayable
 Assigning Users to a Group
•The usermod command is used to add users to a group.
• It also has options to change the home directory, change the shell, and
other values.
•To use usermod to add users jsmith and jdoe to the AccountsPayable
group type the following:
usermod –G AccountsPayable jsmith
usermod –G AccountsPayable jdoe
 Changing Group Permissions
•Groups can be used to assign privileges to resources, such as a
directory.
• to change the group to AccountsPayable. This is accomplished with the
following command:
chgrp –R AccountsPayable AP
• Where –R causes it to recursively affect files and directories within the AP
directory, AccountsPayable is the new group, and AP is the name of the
directory.
• Permissions for group are then changed to give full read/write/execute
access with the chmod command.
chmod 775 AP