Linux User Administration

A Linux administrator manages user accounts, their rights, and the overall system security.

Linux Account Types

A Linux group plays important role in handling file permissions and process management. Every account is a part of another group account.

  • Root account or superuser assumed as a system administrator with complete and unfettered control of the system and can run any commands without any restriction
  • System accounts needed for the operation of system-specific components for example mail accounts and the sshd accounts. Any modifications to them could adversely affect the system
  • User accounts provide interactive access to the system for users and groups of users. Usually, they have limited access to critical system files and directories

User Administration Files

  • /etc/passwd − Keeps the user account and password information
  • /etc/shadow − Holds the encrypted password of the corresponding account
  • /etc/group − This file contains the group information for each account.
  • /etc/gshadow − This file contains secure group account information
Switch user to root from current login
Switch user to root from current login and load's its profile
List logged-in users with their session information
List logged-in users
Display current user
Procure information of the users on a Linux machine
Display users currently logged in
Change properties of the specified user account
usermod -a -G [groupname] [username]
Add a user to a group

useradd -d homedir -g groupname -m -s shell -u userid accountname
adduser [username] OR
useradd [username]
Create a new user
-d homedir Specifies home directory for the account
-g groupname Specifies a group account for this account
-m Creates the home directory if it doesn't exist
-s shell Specifies the default shell for this account
-u userid specify a user id for this account
userdel -r [username]
Delete an account
userdel -r [username]
Delete an account, but keep the home directory for backup purposes
passwd [username]
Set or change the user's password
passwd -l [username]
Remove the password set on the account
groupadd [-g gid [-o]] [-r] [-f] groupname
Create a new group with a specified name
-g GID The numerical value of the group's ID
-o Permits to add group with non-unique GID
-r This flag instructs groupadd to add a system account
-f Exit with success status, if the specified group already exists
groupmod -n new_group_name old_group_name
To modify or change a group
groupdel [groupname]
To delete an existing group
Display the group membership of the currently logged in user
exit from the login session