Skip to content

Instantly share code, notes, and snippets.

@TeroKeso

TeroKeso/user_package_manage.md

Forked from dipaish/user_package_manage.md
Created August 28, 2024 13:45
Show Gist options
  • Save TeroKeso/57e9f6f83f01572cd28894f817f03b42 to your computer and use it in GitHub Desktop.
Save TeroKeso/57e9f6f83f01572cd28894f817f03b42 to your computer and use it in GitHub Desktop.
Download ZIP
User Management in Ubuntu
Raw
user_package_manage.md

User Management in Linux

Adding and removing users on a Linux system is crucial for system administration. Typically, you start with just the root account, which has full control but can be risky. It's better to create standard users (with no admin rights) for common tasks. In order to execute commands with superuser privileges, you can either log in as a root user (sudo su , not recommended) or use sudo with your commands (recommended).

To perform admin tasks, Ubuntu has a tool called sudo, allowing you to run commands as other users, including administrators.

Create a New User.

You can use the useradd command to add a new user to the system.

sudo useradd username

# When adding user with useradd command, you set the password for the user using the passwd command after creating the user account.

sudo passwd username

# Note that the password will not be displayed as you type it for security reasons.

You may also use adduser command to create new users.

sudo adduser username

Display a list of users.

You can use several commands to display a list of users on a Linux system. You can find some options below:

  1. You can use cut command to extract the usernames from the /etc/passwd file.
cut -d: -f1 /etc/passwd
  1. You can use cat command to display the /etc/passwd file. Each line in the /etc/passwd file represents a user account and is divided into fields, separated by colons (":") as in the example below:
sudo cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
  • The first field is the user's login name.
  • It is followed by the x which indicates that the password in stored in the /etc/shadow file or another password database.
  • The first numeric value is the userid(UID).
  • The second numeric value is the group id(GID). This value represents the primary group to which the user belongs. The group's information is stored in the /etc/group file.
  • The next field represents the user's home directory.
  • The last field is the user's default shell, which is the program that runs when the user logs in. Common shells include /bin/bash, /bin/sh, /bin/zsh, etc.

Change the password for an user.

The passwd command is used to set or change a user's password.

sudo passwd username

Delete an user account.

To delete an user account, you can use the userdel command.

sudo userdel username

Another friedlier way to delete an user account is to use the deluser command.

sudo deluser username

Switch to another user's account.

To switch to another user account, you can use the su command.

su username

Create a new group

To create a new user group, you can use the groupadd command.

sudo groupadd groupname

Display a list of groups

You can view the /etc/group file directly to see a list of groups. You can use a text editor or a command-line tool like cat or less to view the contents of the file.

cat /etc/group

Delete a group

To delete a group, you can use the groupdel command.

sudo groupdel groupname

List the groups a user belongs to.

To list the groups, an user belongs to, you can use the groups command.

groups username

Modify user account properties.

You can use the usermod command to modify user account properties, such as adding the user to a group:

# adding the user to a group
sudo usermod -aG groupname username

# adding an user to multiple groups 
sudo usermod -aG group1,group2,group3 username

Remove a User from a Group

You can use the gpasswd command manage group passwords and remove a user from a group.

sudo gpasswd -d username groupname

List of some useful commands

  • id - Display user and group information.

  • who - Show who is logged on.

  • w - Display who is logged on and what they are doing

  • su - Switch to another user's account.

  • sudo - Execute commands with superuser privileges.

Granting a User Sudo Privileges

Adding the New User to the Sudo Group

By default, a new user is only in their own group which adduser creates along with the user profile. A user and its own group share the same name. In order to add the user to the sudo group, you can use the usermod command:

usermod -aG sudo username

Specifying Explicit User Privileges in /etc/sudoers (Don't do this, only for your info)

  • As an alternative to putting your user in the sudo group, you can use the visudo command, which opens a configuration file called /etc/sudoers in the system’s default editor, and explicitly specify privileges on a per-user basis.
  • Using visudo is the only recommended way to make changes to /etc/sudoers because it locks the file against multiple simultaneous edits and performs a sanity check on its contents before overwriting the file. This helps to prevent a situation where you misconfigure sudo and are prevented from fixing the problem because you have lost sudo privileges.
sudo visudo

Additional Reading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment