The Complete Guide to User Management in Linux

Person account administration is likely one of the many challenges of Linux system directors. A few of the tasks of a system administrator are enabling/disabling person accounts, preserving the house listing, setting person permissions, assigning teams/shells to customers, and managing passwords.

Efficient management of person accounts is barely doable after familiarity with the fundamentals of Linux account administration. Therefore, this text is a stepping stone in the direction of securing person accounts. It demonstrates how one can create, delete and modify person accounts and handle predefined settings or recordsdata to construct probably the most appropriate and safe setting for Linux customers.

The way to Add Person Accounts in Linux

As a phrase of precaution, any person who makes use of your Linux machine should have a separate person account. A person account permits you to separate your recordsdata in a secure area with the power to tailor your private home directories, path, setting variables, and so forth.

Earlier than starting with the creation of a brand new person, listing the out there person accounts with the assistance of the minimize command as follows:

minimize -d: -f1 /and so forth/passwd

View all available users on linux

The best approach of making a brand new person account in Linux is with the assistance of useradd. This utility presents varied parameters to specify further info whereas including a brand new person. A few of the choices are:

  • -c: Provides description/remark to a person account.
    useradd -c "John Smart" john
  • -d: Units the house listing for the required person. By default, the useradd command units it to the username (/house/john), however you may exchange it with the listing of your selection as follows:
    useradd -d /mnt/house/john
  • -g: Means that you can set the first group of a person. The person might be added to a gaggle by default in case you do not add one in the course of the creation course of.
  • -G: Provides the person to a number of teams.
    useradd -G juice,apple,linux,tech john
  • -o: Creates a brand new person account utilizing the UID of an present person.
  • -p: Used so as to add an encrypted password to the account. You can too add your password later utilizing the passwd command.
    passwd john


As an example, here is how you should use the useradd command and a number of the above parameters so as to add a brand new person:

useradd -g tech -G apple,linux -s /bin/zsh -c "James Adem" adem

Within the person creation course of, the aforementioned command performs a number of actions:

Modify Default Person Settings

The useradd command reads the default values from /and so forth/login.defs, /and so forth/useradd, and /and so forth/default/useradd. You possibly can open the recordsdata in your favourite textual content editor in Linux, make and save the suitable adjustments earlier than utilizing the command.

You possibly can view a number of the settings out there inside login.defs utilizing the next command:

cat /and so forth/login.defs | grep 'PASS|UID|GID'

Login.def File Output

The uncommented strains are key phrases with values. As an example, the PASS_MAX_DAYS key phrase units a most of 9999 days for password expiration. Equally, the PASS_MIN_LEN key phrase requires the password size to be a minimum of 5 characters. Lastly, the UID and GID key phrases enable customization of the person and group ID ranges for any new person account.

You can too view/modify the default settings current contained in the recordsdata through the use of the useradd command with the -D flag.

useradd default settings view

Word that you do not use the -D flag to create a brand new account. As a substitute, it solely permits you to change the default settings. Additionally, it helps adjustments for just a few parameters that the useradd command makes use of to create an account.

Flags Description
-b Modifies the default house listing (/house) for brand new person accounts.
-g Modifies the default new person major group (username) with one other default group.
-s Replaces the default /bin/bash shell with one other default shell.
-e Modifies the default expiration date to disable a person account in YYYY-MM-DD format.
-f Permits to set inactive days earlier than the account is disabled and after password expiration

As an example, the next command adjustments the default shell to /bin/sh and the house listing to /house/new:

useradd -D -b /house/new -s /bin/sh

Modify Person Teams on Linux

usermod is one other easy but simple Linux utility to switch person account particulars. It helps comparable parameters or flags because the useradd command and that is why its utilization is sort of easy.

As an example, you may change the default shell of the person adem from /bin/sh to /bin/bash as follows:

usermod -s /bin/bash adem

Now to incorporate adem within the gross sales group, you will want to make use of the -aG flag as a easy -G flag will take away the person from the beforehand added supplementary teams: apple and linux.

usermod -aG gross sales adem
cat /and so forth/group | grep adem

add a user to groups in linx

Associated: The Greatest Command Line Utilities for Viewing File Content material in Linux

The way to Delete Person Accounts on Linux

Linux presents one other command-line utility userdel to delete any person account. This is the essential syntax:

userdel username

Nevertheless, it’ll solely take away the account particulars from the /and so forth/passwd file. To take away the person’s house listing as properly, use the -r flag, as follows:

userdel -r username

As a precaution, we advocate discovering all of the recordsdata owned by the person and reassigning them to another present person account. Use the discover command to listing all of the recordsdata both owned by the person or assigned to a person ID you might have eliminated or not related to any person.

discover / -user username -ls
discover / -uid 504 -ls
discover / -nouser -ls

Linux Person Account Administration in a Nutshell

This text demonstrates Linux person account creation, deletion, and modification examples with ideas and tips for any newbie Linux person who needs to pursue system administration and study person account administration.

It additionally reveals how one can edit the configuration recordsdata to outline UID and GID ranges and alter the default settings for person account creation in Linux.

Follow simple processes
The way to Add a Person in Linux

Want to provide a member of the family or buddy entry to your Linux PC? This is how one can add a person in Linux and provides them their very own account.

Learn Subsequent

About The Creator

Leave a Comment