User Management in Linux

User management is a core function of Linux system administration. It controls system access, enforces security, and ensures users have the correct privileges for their tasks. Linux supports multi-user environments, making it ideal for everything from personal laptops to large enterprise systems. Efficient user management:

  • Secures the system from unauthorized access
  • Ensures users can perform their roles without interfering with others
  • Helps in auditing and tracking user activity

Understanding Linux User IDs (UIDs)

Linux systems typically support up to 60,000 users, making them suitable for large-scale use.

Admins manage users by creating, modifying, and deleting accounts, setting permissions, and enforcing access policies. This ensures users can perform tasks without compromising system integrity.

 

Types of Users in Linux

Linux is a multi-user operating system, meaning multiple users can access and operate the system simultaneously. Each user type serves a specific purpose and has different levels of access and control.

Below are the main types of users you will encounter in Linux:

User TypeDescription
Root (Superuser)Full system control. Can install software, change config files, and delete anything. Powerful but risky.
Regular UserLimited access. Can create files, run applications, but not modify system-level settings.
Sudo UserRegular user with temporary admin rights via the sudo command. Common in modern systems.
System/Service AccountNon-human accounts used by services (e.g., mysqlnginx). Limited privileges.
Guest UserTemporary users with minimal privileges. Changes are not saved after logout.

User Groups

A user group is a collection of users. If you give permission to a group, all users in that group get the same access. This makes it easier to manage file and system permissions for many users at once.

1. Primary Group (Default for files)

  • Every Linux user is assigned one primary group.
  • When a user creates a file, the group ownership of that file is automatically set to their primary group.
  • By default, this group usually has the same name as the user.
  • It helps manage file ownership cleanly without much extra configuration.

Example:

Check Primary Group:

				
					id raj

Output:

Here, gid=1000(raj) means the primary group of user raj is raj.

2. Secondary Group(Additional Permissions)

  • A user can be a part of multiple secondary groups.
  • These groups provide extra access to files, folders, or services.
  • They are commonly used for team-based access or system-level permissions (e.g., accessing Docker, video devices, or running sudo).

Example:

Add User to a Secondary Group:

				
					sudo usermod -aG developers raj
  • This adds raj to the developers group.

Check Group Memberships:

				
					groups raj

Output:

This shows that user raj is part of two groups:

  • Primary: raj
  • Secondary: developers

User Management Files

These files are essential for managing users, groups, and permissions on a Linux system, and they play a key role in ensuring security and efficient system administration.

The following are different user management files in linux:

User Information

/etc/passwd: Stores basic details of all user accounts including:

  • Username
  • User ID (UID)
  • Primary Group ID (GID)
  • Home directory
  • Default shell
  • Full name of the user

/etc/shadow: Stores encrypted user passwords and password-related settings:

  • Encrypted passwords
  • Last password change date
  • Password expiration and inactivity rules
  • Account expiration settings

Group Management

/etc/group: Defines all groups in the system and user memberships:

  • Group name
  • Group ID (GID)
  • List of users in each group

/etc/gshadow: Secure counterpart to /etc/group, storing:

  • Encrypted group passwords
  • Group administrators
  • Group members

Privilege Control

/etc/sudoers: Manages sudo access for users and groups:

  • Who can use the sudo command
  • What commands they can run
  • From which terminals/systems

User Home Directory Setup

/etc/skel/: Directory containing default configuration files copied to a new user’s home directory:

  • Typically includes .bashrc.profile, etc.
  • Used to provide default shell settings and environment

Logs and Auditing

/var/log/auth.log: Records authentication-related events:

  • Successful and failed login attempts
  • Usage of the sudo command
  • Account lock and unlock events
  • Other security-related activities

User Management Commands

				
					How to Add a new user
.....................
sudo adduser john



How to Set/change a user’s password
...................................
sudo passwd john


How to Delete a user
....................
sudo deluser john


Delete a user (and optionally their home dir)
..............................................
sudo userdel -r john


Show user ID and group info
............................
id john


Show the current logged-in username
...................................
whoami

How to change pemisson ownership?
..................................
sudo chown -R username:group directory
centos - chown :groupnamr <filename>
         chown	<username> <filename>



How to show  users?
...................
getent passwd


How to show  group?
...................
getent group


How to check user which group join?
...................................
groups <username>


How to show all gropus?
.......................
compgen -g


How to show all users?
......................
compgen -u


How to List All Groups in Linux?
................................
cat /etc/group


How to normal users permisson to root privilage?
................................................
usermod -aG sudo <username>
sudo some-command
sudo visudo
sudo passwd -e bob
sudo passwd --expire sumita


How to Account Lokking Unlokking?
.................................
sudo passwd -l bob
sudo passwd -u bob
skill -u USERNAME


How to delete user forcefully kill?
....................................
sudo killall -u username
sudo userdel -f username
How to del group?
delgroup -f <group name>

Group Management Commands

				
					How to Add a new group
......................
sudo addgroup developers
sudo groupadd staff


How to Delete a group
.....................
sudo groupdel staff


Add a user to a group
.....................
sudo usermod -aG developers john

User Remove To Group
....................
deluser <username> <groupname>


Show groups of a user
.....................
groups john


Normal User Sudo Access
.......................
useradd   -G sudo sumita
sudo visudo
passwd newuser
whoami


View All Group
...............
cat /etc/group
cat /etc/passwd
grep sumita /etc/passwd

How to List All Members of a Group on Ubuntu ?
.............................................
getent group <group_name>


How to add User in a Group on Ubuntu?
......................................
sudo usermod -aG <group_name> <user_name>


How to remove User from a Group on Ubuntu ?
...........................................
sudo gpasswd -d <user_name> <group_name>


How to change password users self ?
...................................
passwd
				
			
				
					pwd - Shows the current working directory’s path

cd - Changes the working directory

mkdir - Creates a new directory

rm - Deletes a file

cp - Copies files and directories, including their content

mv - Moves or renames files and directories

touch - Creates a new empty file

file - Checks a file’s type

zip and unzip - Creates and extracts a ZIP archive


tar -Archives files without compression in a TAR format

nano, vi, and jed - Edits a file with a text editor

cat Lists, combines, and writes a file’s content as a standard output

grep - Searches a string within a file

sed Finds, replaces, or deletes - patterns in a file

head Displays a file’s first ten lines

tail - Prints a file’s last ten lines

awk - Finds and manipulates patterns in a file

sort Reorders a file’s content

cut Sections and prints lines from a file

diff - Compares two files’ content and their differences

tee Prints command outputs in Terminal and a file

locate - Finds files in a system’s database

find - Outputs a file or folder’s location

sudo - Runs a command as a superuser

su - Runs programs in the current shell as another user

chmod - Modifies a file’s read, write, and execute permissions

chown - Changes a file, directory, or symbolic link’s ownership

useradd and userdel - Creates and removes a user account

df - Displays the system’s overall disk space usage

du - Checks a file or directory’s storage consumption

top - Displays running processes and the system’s resource usage

htop - Works like top but with an interactive user interface

ps - Creates a snapshot of all running processes

uname - Prints information about your machine’s kernel, name, and hardware

hostname - Shows your system’s hostname

time - Calculates commands’ execution time

systemctl Manages system services

watch Runs another command continuously

jobs - Displays a shell’s running processes with their statuses

kill - Terminates a running process

shutdown - Turns off or restarts the system

ping - Checks the system’s network connectivity

wget - Downloads files from a URL

curl - Transmits data between servers using URLs

scp - Securely copies files or directories to another system

rsync - Synchronizes content between directories or machines

lfconfig - Displays the system’s network interfaces and their configurations

netstat - Shows the system’s network information, like routing and sockets

traceroute Tracks a packet’s hops to its destination

nslookup - Queries a domain’s IP address and vice versa

dig - Displays DNS information, including record types

history - Lists previously run commands

man - Shows a command’s manual

echo - Prints a message as a standard output

ln Links files or directories

alias and unalias - Sets and removes an alias for a file or command

cal - Displays a calendar in Terminal

apt-get - Manages Debian-based distros package libraries

Users & Group Management  Commnd  

1.How to Create a User Set Password
useradd kedar
passwd kedar

2.How To Change username
usermod -l newusername oldusername

3.Change User ID (UID
usermod -u <newUID> username

5.How To Set expiry date for account
usermod -e YYYY-MM-DD username

6.Change Group ID (GID)
usermod -g <newGID> username

7.How To Change group name/Rename a group
groupmod -n newgroupname oldgroupname
sudo groupmod -n test demo

8.Home Directory
useradd -d /etc/kedar/home kedar

9.Add users from a group
groupmod -m -m user1,user2 developers

10.How to Add User to Group
sudo adduser user_name new_group

11.Use the useradd command to add a user
sudo useradd –G new_group user_name

12.Usermod command to add a user to a group
sudo usermod –a –G group_name user_name

13.Add a User to Multiple Groups at Once
sudo usermod –a –G new_group,new_group2,new_group3 user_name

14.Create a User and Add to Group
sudo useradd –G new_group new_user

15.Assign a password to the new user
sudo passwd new_user

16.Add user to supplementary groups
usermod -aG group1,group2 username

17.Remove users from a group
groupmod -M user1,user2 developers
sudo gpasswd –delete user1 demo

18.Delete a group
sudo groupdel demo

19.Check a newly added user
tail -1 /etc/passwd

20.List All Groups on the System

getent group

  • groups – a command that lists the groups to which a user belongs.
  • getent – a command that retrieves entries from the specified Name Service Switch (NSS) databases

21.How to Add a User to the Root Group
sudo usermod -aG wheel username

groups username

All user account related information is stored in /etc/passwd, /etc/shadow and /etc/group files to store user information

22.Check for Running Processes of the User

Before deleting a user account, it’s important to check for any
running processes associated with the user. This will help you
avoid issues caused by deleting an account with active processes.
To check for running processes, use the ps command

ps -u username

  • ps -u username – Lists running processes associated with the specified user account.
  • sudo userdel username – Deletes the specified user account without removing the home directory.
  • sudo userdel -r username – Deletes the specified user account and removes the home directory.
  • sudo rm /var/mail/username – Removes the mail spool
  • for the specified user account.
  • Sudoers: These are regular users who have been granted permission to execute commands with root privileges using the sudo command.
  • Service Users: Used by system services and applications, these users are created to run specific services (e.g., www-data for the web server).

User Types Summary:

  1. Root (Superuser) – Full access to the system.
  2. Regular Users – Limited access to their own files and directories.
  3. System Users – For running system processes with limited permissions.
  • Root Superuser ID Alwyes 0 check commnd id root
  • If you want to see the names of all the users, you have to write this command cat/etc/passwd
  • System User Example shutdown,Nagios,Apache etc And System User Identify range 1-999 & System users will increase as many services are installed Like FTP,Mysql etc
  • Standard user by default id range 1000-60000
  • It is important to know that Linux should never work by logging into Superuser,
    it is always necessary to work with an admin account.For Extra Security
  • When we create a standard user, the Home directory And Mailbox is created automatically.Example Path Home Directory = /home/
    Mailbox File = /Var/spool/mail/ Checking Home directory Commnd –  ls/home        ls/Var/spool/mail/
  • When we create a user in Linux, the group is created in the same way as the user, 

useradd ram <New User Add From ram>

usermod -p 123 ram <User Password Setup>

grep ram /etc/shadow

ram:123:19172:0:99999:7:: username:password:last password change:min. password age:max.password age:warning label:
inactive period:expirey date

chage -l ram <all Information Like User Password Change Date etc>

  • All Configuration File Save Location In Linux From /etc

  • /etc/passwd – User details

    /etc/shadow – User password information
    Useradd – add new user
    Usermod – modify existing user
    Userdel – delete existing user

     

    adduser ram – Create New User
    id ram – Display User ID Ram

     

    adduser ram – Create New User
    id ram – Display User ID Ram
    grep -w  ram /etc/passwd – Grep Commnd View Only Ram R related all user view But  with  -w Commnd match Text Viewing Only  Ram User Details Example Format   Example ram:x:1001:1001::/home/bin/bash
    Username Ram:Password Ram:UseridRam:Groupid:Commnt:Home Directory:Shell

     

    useradd -c “This is Ram From IT Department” shyam – User Description Add -c Commnt use

    grep -w Shyam /etc/passwd – Checking description shyam

     

    useradd -d /user1 user1 – User Home Directory customize means Location Change user Profile directory
    grep user1 /etc/passwd – Checking 

     

    useradd -e 07/02/2024 user2 – User expairy Date Setup Month Date Year
    chage -l user2 – Checking View expairy Date

     

    useradd -f 15 user4 – inactive user 15 Dayes
    grep user4 /etc/passwd
    Example – Output user4:x:1006:1006::/home/bin/bash
    useradd -g 1007 user4 – Change Group ID

     

    tail -n 7 /etc/group – Last 7 user Group Showing This Tail Commnd Means Filter
    useradd -G IT,Admin sumita – Add User To Group sumita user add to IT and Admin Group

     

    useradd -N user8 – N Commnd Without group User create
    cat /etc/default/useradd – By Default User8 add to user Group And default  Member ID 100

     

    useradd -p 123 user9 – Plain Text Password set Help Of -P Commnd Make sure Plain text password user can not login From GUI  Set encrpt Password Need

    passwd user9 – Encrypted User Password  Commnd

    Importend Notes – User Jotokhon na Login korbe mesine Totokhon kintu user home profile toiri hobe na Example  – Picture,Music,download

    tail -n 5/etc/shadow – Checking last 5 user password records

     

    useradd -r user12 – Create System Service User  Like shutdows,Mysql,Nagios etc
    grep user12 /etc/passwd – Checking User records

     

    useradd – u 60000 user13 – Modify user ID 60000 Manual – Tarmane amra je user gulo banachi tar user id amader icha moto modify kore nite parbo kintu id range modhey thakte hobe by default standard user range holo 1000-60000

    id user 13 – Checking Id no commnd for user13

     

    All features One commnd deployment 

    useradd -c “Hello” -d /user123 -e 07/15/2022 -f 10 -g 5000 -G IT,Admin,Sales -p 1234 -u 6000 sumita

    cat/etc/passwd | grep user15 – Use pipe and grep commnd  show only user15 data 
    -c –  Any Description Add
    -d – Customize user Home Directory
    -e – User account Expaire
    -f 10 – inactive before date 10 dayes
    -g – User group id
    -p – User plain text password set
    -u – Customize User ID Number 6000
    G – User adding to Multiple Group

    Sumita – User account name

Usermod & Userdel Command

usermod – modify existing user

tail -n 15 /etc/passwd – Last 15 User show terminal

I wan to Change User Description or Any modification related Work Then use usermod commnd

usermod -c “New description” sumita – Change description user sumita

usermod -d /user10 sumita – Change Directory For sumita User

chage -l user10 – User Expaire date
grep user10 /etc/shadow
usermod -e 07/03/2022 user10

usermod -g 5000 user10 – Change Group id help of Usermod Commnd -g

usermod -u 4000 user10 – Change User id help of Usermod Commnd -u

usermod -G IT,Admin,Sales user10 – User10 Add to Multiple Group Like IT,Admin Group Help of usermod -G Commnd

usermod -l abc user10 – Username change Commnd user10 to abc new name but not change user10 home directory

grep -w abc /etc/shadow 

usermod -L abc – Lock account abc do not show login screen
usermod -U abc –  unlock user abc showing login screen

grep -w abc /etc/passwd – Showing abc userid records
usermod -u 20000 abc – Change User id number abc

Notes- 1000 kimba tar Besi User id number hole tahole seta standard user bola hoy

usemod -s /sbin/nologin abc – Change shell Bash Mane user Login korte Parbe na shell change hoye gache
grep -w abc /etc/passwd – Checking shell bash Status

Notes-  Shell Holo amader task define kore amra ki ki kaj korbo jemon shutdown shell alada sysnc shell alada  ata dekhar jonny cat /etc/passwd commnd type kore dekha jabe.Potita user jonney alada alada shell toiri hoy.

useradd -u 20000 -d /user1 abc – user id customize 20000 and directory folder customize -d user1
userdel -f abc – User Force Fully remove
userdel -rf abc – Remove User Directory all file with mailbox file

cat/etc/group – Details or information about groups
tail -n 10 /etc/group – View All group
group-name:password:group-id:group-members

cat/etc/gshadow – Secure group information Examle group password  showing
tail -n 10 /etc/gshadow
group-name:password:list-of-group-admins:list-of-group-members

groupadd – Add a new group
groupmod – Modify an existing group
groupdel – Delete a group
gpasswd – Manage group

tail -n 3 /etc/group
groupadd test – Create test new group
groupadd -g 50000 test1 – Change Group id test1 50000

groupadd -p 123 test2 – Create group test2 and plain text password protected
tail -n 3 /etc/gshadow – Checking group create or not show group password 

groupmod -g 5000 test2 – change group id -g means group
groupmod -n test4 test1 – Change group name test1 to test4 -n means group name
groupmod -p 456 test2 – Change group plain text password
tail -n 3 /etc/gshadow – Checking of group password showing

gpasswd test2 – Group encrypted password setip this commnd
tail -n 3 /etc/gshadow – Checking for group encrypted password create or not

useradd user1
useradd user2
useradd user3
ls/home – Showing user home directory folder

groupdel -f user1
groupdel -f user2
groupdel -f user3

tail -n 3 /etc/gshadow
grep test2 /etc/gshadow – Ai test2 group encrypted password add kora ache akhon amra
user1 user2 user3 ai user gulo test2 group add korbo

gpasswd -a user1 test2 – User1 add to test2 group
grep test2 /etc/gshadow – Checking user group addd or not
gpasswd -d user1 test2 – Remove user -d commnd test2 group