Blog

Linux-user-management

How do I manage users in Linux?

  • Post author:
  • Post category:Linux
  • Post comments:0 Comments
  • Post last modified:September 2, 2024
  • Reading time:23 mins read

We’re going to take a look at user management in Linux—one of the most important things you’ll learn because you need to keep track of users on your Linux servers. I’m going to show you the basics, including how to add users, remove users, set their passwords, and more. How do I manage users in Linux?

Anyway, as I mentioned, the command we will use to add a new user to our system is the useradd command. Since we are making changes to the system, we need to either login as root or simply use sudo to run this command with root privileges, which is necessary for any command that makes changes to the server. Adding a user is a system-wide change, so we need root privileges. Most of you should have sudo installed.

After we type useradd, we type the name of the user that we want to add to the system, and that will complete the command. Before we add a new user, let’s look at some foundational concepts.

Viewing the /etc/passwd file

The first thing I recommend you do is understand which users you already have on your system. Some people list the contents of the home directory because, generally speaking, most users will have their home directory under /home. You can see mine right here. So, Now, you probably already knew that because you can see my username in the prompt, so you knew at least my user account existed.

The passwd is abbreviated; that’s not a typo. I’ll refer to it as /etc/passwd, which is common in the Linux community, even though it’s abbreviated. The cat command will show me the contents of that file.

However, checking the contents of the home directory is not the best way to find out how many users or which users, in particular, you have on your server. From the output here, you might assume that my user account is the only user on the system, but that’s not true. What I want to do right now is make sure you’re aware of a very special file: /etc/passwd.

As you can see, we have quite a few users on this system, not just mine. We see my user right here, and each user is on its line. For example, if you run the cat command on /etc/passwd again and pipe it into the wc command, which stands for “word count” (and that’s a bonus command that wasn’t even supposed to be part of the video, but you’re welcome anyway), you can add the -l option to get the count of how many lines there are. From the output, there are 27 users on the system—a lot more than just the one you saw earlier in the /home directory.

In this file, every user on the system has its line. The first column shows the name of the user, and other columns follow. I’ll go over this file in more detail later on, but for now, I want you to be aware of this file, its existence, and its purpose. It contains a listing of the users and the options associated with their accounts.

To make this clear, I will use the grep command to isolate the line that contains my user account, and I want to point out this number right here, where it shows 1000. Again, I’ll go over this file in more detail later, but it’s important to understand what this number means. This number refers to the User ID or UID. Every user has a unique UID. As you can see, the UID of my user is 1000. Most Linux distributions will ask you to create a user account during the installation process, and that first user is almost always given a UID of 1000. I’ll talk more about UIDs a bit later, but I just wanted you to be aware of that.

How to add a user account

(useradd/adduser)

Now, let’s go back to the useradd command. After all, that’s why we’re here—to learn how to add and remove users. The useradd command adds a user to the system. Since the root user is logged in, the command cannot be used without sudo or logging in as root. I’m going to create a user named techlinux.

So, I’ll press enter, and it will ask me for my user password to verify that I have access to the sudo command. It didn’t say anything, but it didn’t fail either.

                              cat /etc/passwd

Viewing User ID

When you run the cat command on /etc/passwd again, you can see that the user created the very last line in this file. If you recall, the UID for my user was 1000, and for techlinux, it’s 1001.

When you add a user to a Linux system, it will assign the next available UID to that user. Since my user already had the UID of 1000, that UID is no longer available. When I created the techlinux account, it just incremented by one, so 1001 is the UID provided.

You might notice that there are some UIDs much lower than 1000, such as 122, 121, and so on. Most Linux distributions assign UIDs 1000 and above to normal user accounts associated with interactive logins while considering UIDs below 1000 as system accounts.

I’ll talk a little more about system accounts in a few minutes, but I wanted you to be aware of this distinction. We have user accounts and system user accounts, and the useradd command by default adds normal user accounts.

I added the user techlinux with the previous command. Let’s also list the contents of the /home directory to see if that user has a home directory under /home, and it doesn’t. Why is that?

Depending on your distribution, it might have created a home directory for that user. On my end, it didn’t. This is one of the things that differs from one distribution to another—each distribution sets its defaults for the useradd command. On your end, it might have created a home directory. I wasn’t so fortunate. Let’s take a quick detour to another file: /etc/default/useradd.

I’m not going to go into too much detail about this file, but it sets the defaults for useradd. Each distribution can provide its version of this file.

As you can see, we have SHELL=/bin/bash. If you want to use a different default shell, you can change it here. This file just sets the defaults, and it will differ from one distribution to another. It’s also possible that your distribution might not even have this file.

All I want you to know at this point is that this file exists. You might think I’m going to recommend customizing this file with your preferred defaults, but I’m not. Instead, I recommend being explicit—state what you mean and mean what you say. Even if your distribution created a home directory for the user, I still recommend specifying that you want a home directory created. It might seem redundant if the directory was already created, but being explicit in Linux is a good habit, especially for scripts. If you have a script you want to run on multiple distributions, you’ll want the same output every time. When using the useradd command in a script, make sure to add all the necessary options to ensure that you always create the user accounts in the same way.Get in the habit of being explicit.

I’ll use this opportunity to show you how to remove a user account.

How to remove a user account

Delete User (userdel)

To remove a user account, you can use the userdel command. We already in sudo user and provide the name of the user we want to delete. Be very careful when running this command; the Linux system assumes you know what you’re doing. Make sure you’re typing the correct username.

        You can use the  -r  option to remove the home directory and mail

Add a Home Directory

useradd -m

Let’s move forward with re-adding the user to the system and making sure a home directory is created for them.

                         sudo useradd -m techlinux

-m: This option tells useradd to create the user’s home directory if it does not already exist.

Removing a Home Directory

userdel -r

Let’s talk about how to remove a user and also their home directory at the same time.

When we removed the techlinux user before, we used this command:

                     sudo userdel techlinux

To also remove the user’s home directory, we add the -r option:

                  sudo userdel -r techlinux

This command will delete both the user account and their home directory.

Setting a Password for a User

First, re-add the user with a home directory:

                 sudo useradd -m techlinux

Now, let’s look at how to set a password for a user. To set a password for a user, use the passwd command:

                    sudo passwd techlinux

You’ll be prompted to enter and confirm the new password for the user. This command does not require the user’s current password—if you have sudo access, you can set or change any user’s password.

Creating a System User

System User

Now let’s look at creating a system user. System administrators use system users for tasks that do not require an interactive login, such as running automated scripts or scheduled tasks.

To create a system user, use the -r option with the useradd command:

                        sudo useradd -r sysuser

Let’s check the /etc/passwd file for the sysuser entry:

                           cat /etc/passwd | grep sysuser

You’ll see that the sysuser has a UID less than 1000. Normal user accounts start at 1000, while system users have UIDs below 1000.

Most desktop distributions won’t show system users on the login screen, but if they did, you’d see many accounts and it would look messy.

Summary

That covers the basics of user management: adding users, removing users, setting passwords, and creating system users. For more advanced options, you can use the man command to see the manual pages for useradd:

Understanding /etc/passwd

Let’s go over the /etc/passwd file to help you understand it better.

This file lists all the users on the system, and each line has several columns separated by colons.

  1. Username: The user’s login name.
  2. Password Placeholder: Usually, an ‘x’ in this field indicates that the password is stored in the /etc/shadow file. We use hashed passwords for security.
  3. UID: The User ID. Users with UIDs of 1000 and above are regular users, while those below 1000 are system users.
  4. GID: The Group ID associated with the user.
  5. User Information (GECOS field): This is optional and usually contains the user’s full name.
  6. Home Directory: The path to the user’s home directory.
  7. Shell: The default shell for the user.

Here’s a sample line from /etc/passwd:

           username:x:1000:1000:User Name,,,:/home/username:/bin/bash

In this example:

  • username is the login name.
  • x indicates the password is in /etc/shadow.
  • 1000 is the UID.
  • 1000 is the GID.
  • User Name,,, is the GECOS field.
  • /home/username is the home directory.
  • /bin/bash is the shell.

Conclusion

This concludes the basics of user management in Linux. We covered how to add and remove users, set passwords, and create system users.

The Shell and /etc/passwd

echo $SHELL

When you log in, the shell that starts up is specified in the /etc/passwd file. For example, if you type:

                              echo $SHELL

You might see something like /bin/bash, which indicates that bash is the default shell.

Different users might have different shells, such as /bin/sh or /bin/bash. Some users might have /sbin/nologin, which means they cannot log in. This is common for system users who perform background tasks and do not need interactive login capabilities.

When a system denies access to a user with /sbin/nologin who tries to log in, even if they have set a password, it is because system users, generally used for automated processes, do not require interactive sessions.

Viewing the /etc/shadow File

/etc/shadow

We talked about how /etc/passwd has an ‘x’ for hashed passwords. To see the actual hashed password, you need to look at the /etc/shadow file. Unlike /etc/passwd, you need sudo to view this file:

In this file, each line has several columns separated by colons. Let’s break down the columns:

  1. Username: The user’s login name.
  2. Password Hash: This is the hashed version of the user’s password, not the actual password.
  3. Last Changed: The number of days since the Unix epoch (January 1, 1970) when the password was last changed. For example, 18807 means the password was changed 18,807 days after the Unix epoch.
  4. Min Days: The minimum number of days required before the user can change their password again. A value of 0 means the password can be changed at any time.
  5. Max Days: The maximum number of days before a password change is required. 99999 means there’s effectively no expiration.
  6. Warn Days: The number of days before the password expires that the user will be warned to change it. If it’s 7, the user will be notified 7 days before expiration.
  7. Inactive Days: The system locks the account after a certain number of days pass since the password expires. If the setting is not configured, the account remains unlocked.
  8. Expiration Date: The date when the user’s account will be disabled. If not set, the account will not expire.

Checking User Password and Account Information

You can manage these fields with commands, so there’s no need to remember all these details. For example, you can use commands to check password expiration and lock/unlock accounts.

Conclusion

This blog covered the basics of user management, including creating and deleting users, setting passwords, and understanding system users. We also explored the /etc/passwd and /etc/shadow files to understand user account information.

techlinux.in

I’m a DevOps engineer with 8 years of experience in automation and cloud infrastructure. I’m passionate about optimizing software delivery and love sharing practical DevOps tips.Outside of work, I enjoy hiking, cooking, and contributing to open-source projects.Thanks for visiting my blog

Leave a Reply