Managing users is the foundation of Linux system security. It is not just about typing commands; it is about managing the entries in the system's "database" files: /etc/passwd and /etc/shadow.
Where Users Live
Before running commands, understand where the data goes. Linux stores user data in plain text files.
- /etc/passwd: Stores public user info (Name, ID, Home Directory, Shell).
- /etc/shadow: Stores encrypted passwords and expiration data.
- /etc/group: Stores group memberships.
Anatomy of a User Entry (/etc/passwd):
john:x:1001:1001:John Doe:/home/john:/bin/bash- john: Username
- x : Password placeholder (stored in shadow)
- 1001 : User ID (UID)
- 1001 : Group ID (GID)
- /home/john : Home Directory
- /bin/bash : Default Shell
1. Creating Users (adduser or useradd):
Creating a new user involves assigning a username, user ID (UID), primary group ID (GID), home directory, and login shell. Linux provides two commands for this purpose: adduser and useradd.
Using adduser:
sudo adduser new_usernameThe adduser command is a high-level, user-friendly script. It automatically:
- Creates the home directory
- Assigns default groups
- Sets up user configuration files
- Prompts for password and user details
Using useradd:
sudo useradd new_usernameThe useradd command is a low-level system utility. By default, it:
- Creates the user entry but does not create a home directory
- Does not prompt for a password
Additional options (such as -m) are required for full setup.
2. Reading User Information (finger or id):
To retrieve information about a user, Linux provides commands such as finger and id.
Using finger:
finger usernameThis command displays detailed user information such as login name, home directory, shell, and last login (if the finger package is installed).
Using id:
id usernameThis command displays the user ID (UID), group ID (GID), and all groups the user belongs to.
3. Updating User Information (usermod):
The usermod command is used to modify user account attributes, such as the home directory, login shell, username, UID, or group memberships.
Example: Changing User's Home Directory:
sudo usermod -d /new/home/directory usernameThis command updates the home directory path for the specified user (it does not automatically move existing files unless used with additional options).
4. Deleting Users (deluser or userdel):
When a user account is no longer required, it can be removed using deluser or userdel.
Using deluser:
sudo deluser usernameThe deluser command is a higher-level utility that removes the user account and can optionally remove the home directory if specified.
Using userdel:
sudo userdel usernameThis command deletes the user account but does not remove the home directory by default.
To remove the home directory as well:
sudo userdel -r usernameAdditional Tips:
Adding Users to Groups (usermod or gpasswd):
sudo usermod -aG groupname usernameOR
sudo gpasswd -a username groupnameThese commands add an existing user to an existing group without removing them from other groups.
Changing User Password (passwd):
sudo passwd usernameThis command allows an administrator (or the user themselves) to set or change the user’s password.
Summary Cheatsheet
| Goal | Command |
|---|---|
| Create (Interactive) | sudo adduser bob |
| Create (Standard) | sudo useradd -m -s /bin/bash bob |
| Set Password | sudo passwd bob |
| Grant Admin/Sudo | sudo usermod -aG sudo bob |
| Check Groups | id bob |
| Delete (Wipe) | sudo userdel -r bob |