A Linux administrator manages user accounts, their rights, and the overall system security.
Linux Account Types
A Linux group plays important role in handling file permissions and process management. Every account is a part of another group account.
- Root account or superuser assumed as a system administrator with complete and unfettered control of the system and can run any commands without any restriction
- System accounts needed for the operation of system-specific components for example mail accounts and the sshd accounts. Any modifications to them could adversely affect the system
- User accounts provide interactive access to the system for users and groups of users. Usually, they have limited access to critical system files and directories
User Administration Files
- /etc/passwd − Keeps the user account and password information
- /etc/shadow − Holds the encrypted password of the corresponding account
- /etc/group − This file contains the group information for each account.
- /etc/gshadow − This file contains secure group account information
su
|
Switch user to root from current login |
su-
|
Switch user to root from current login and load's its profile |
w
|
List logged-in users with their session information |
who
|
List logged-in users |
whoami
|
Display current user |
finger
|
Procure information of the users on a Linux machine |
users
|
Display users currently logged in |
usermod
|
Change properties of the specified user account |
usermod -a -G [groupname] [username]
|
Add a user to a group |
useradd -d homedir -g groupname -m -s shell -u userid accountname
adduser [username] OR
useradd [username]
|
Create a new user |
| -d homedir Specifies home directory for the account -g groupname Specifies a group account for this account -m Creates the home directory if it doesn't exist -s shell Specifies the default shell for this account -u userid specify a user id for this account |
|
userdel -r [username]
|
Delete an account |
userdel -r [username]
|
Delete an account, but keep the home directory for backup purposes |
passwd [username]
|
Set or change the user's password |
passwd -l [username]
|
Remove the password set on the account |
groupadd [-g gid [-o]] [-r] [-f] groupname
|
Create a new group with a specified name |
| -g GID The numerical value of the group's ID -o Permits to add group with non-unique GID -r This flag instructs groupadd to add a system account -f Exit with success status, if the specified group already exists |
|
groupmod -n new_group_name old_group_name
|
To modify or change a group |
groupdel [groupname]
|
To delete an existing group |
groups
|
Display the group membership of the currently logged in user |
exit
|
exit from the login session |