Hardware

Manage users and groups in linux

Table of contents:

Anonim

Managing users and groups in Linux will allow us to make optimal use of the multi-user system, for those cases where several people make use of server resources. Each of the users is identified through a name and must have a password assigned, with both data they must access the system for their respective credential verification. If you want to learn about user and group management, this is the ideal article for you.

Manage users and groups in Linux

The main objective of user and group management in Linux is to allow multiple users to use the system, but in an orderly and secure way. In such a way that none of the tasks carried out by any user can put the entire system at risk. Through management, security mechanisms and policies are established for the protection of each user's data, as well as to ensure and protect the operation of the entire system.

User account

As I mentioned before, in order to use the Linux operating system, you need to have a user account. This account is made up of a username (login) and a password. User accounts are created by the system administrator, who in Linux is known as the root user. Each user must necessarily belong to some user group. Additionally, at the time of entering the system, the user must identify himself with his user account and in case of error, the system will deny him access.

After satisfactorily identifying himself, the user will be able to use the system and run all the applications that are allowed, as well as perform actions (read, modify or delete) on the files in which he has permission.

We recommend reading the guide for beginners in Linux.

On the other hand, a user account not only provides a simple name, it is also the starting point to establish a route where your documents and user profile are stored. In Linux, it is usually inside the / home / username folder .

The moment the user runs an application, the system loads it into memory and then runs. In the computing field, the applications that are running at a certain time are called processes. So, in a multi-user system, each process belongs to a user, the same system is in charge of assigning it to the user who has started execution.

We can see all the running processes, using command:

ps aux

To see them in real time, we use the command

top

User groups

To allow flexible administration of user permissions, Linux allows users to be structured across groups, and permissions can be assigned to a group. For example, we have an educational institution, the group of teachers has access to certain files, when adding a new teacher in the system, we only have to assign the teacher group to their user account.

As I mentioned before, all users must belong to a primary or primary group (mandatory), but it can belong to other groups, those are considered secondary. All user groups can only contain multiple users, that is, they cannot contain other groups.

Each group of users in Linux is identified with a different number. This is known as a group identifier or gid = Group IDentifier. Internally, the system performs the procedures under the gid, and not with the name of the group. Usually when creating groups, the system assigns you a gid of 1000 and up. Gid less than 100 are reserved for use by the system and its special groups.

By default, in Linux the information of the groups of a system is saved in the / etc / group file. This file can be viewed from any text editor. Each of its lines stores the specific parameters of the group and associated users. The file can only be modified by the administrator (root user). On the other hand, the passwords of the groups are stored in encrypted form with an irreversible encryption system, in a text file as well: / etc / gshadow.

User and group management commands in Linux

Creation of users

To add a user, indicating its information parameters, we use the useradd command in the console. Its syntax is:

useradd username

We can highlight among all your options, the following:

  • g: Main group that will be assigned to the user d: To assign the user's home folder. Usually it is / home / username-m: Create home folder in case they don't exist: User shell (shell). It is usually / bin / bash

For example, we want to create a user named "luis" and that their main group is "teachers", that others have assigned as home folder "/ home / luis" and that their commands are interpreted in "/ bin / bash". The command that we must execute will be the following:

sudo useradd -g teachers -d / home / luis -m -s / bin / bash luis

Now we have to establish your password by using the passwd command:

sudo passwd luis

The system will ask us for the password twice and that's it! It will be assigned.

A relevant fact is that we can use the useradd command to create users in batches using the shell script.

WE RECOMMEND YOU PlayOnLinux: Windows games on Linux

On the other hand, a recommendation to take into account is the fact of creating the user names in lowercase and that also includes numbers and a sign such as hyphen or underscore. It must also be remembered that for Linux, Luis is different from luis, since it is case sensitive.

Modification of users

To make changes to users, the usermod command is used. This allows you to make changes to the name, the home folder, its command interpreter, its groups, among others.

For example, to change the username we use:

sudo usermod -d / home / folder_luis luis

Deletion of users

The elimination of users is carried out by using the userdel command and then the username. If we add the -r option to the instruction, your home folder will also be removed. Let's see the example:

sudo userdel -r luis

Creation of groups

In this case, we have the groupadd command, we just have to indicate the group name as a parameter. For example, if we wanted to add a group called "students", the sentence would be:

sudo groupadd students

Group modification

Of course, groups can also be modified just like we do with users. To do this, we use the groupmod command. In the case of groups we can edit their name or their gid.

The syntax for the command is: sudo groupmod group-name, example:

for example, let's change the gid of the group "professors":

sudo groupmod -g 2000 teachers

Group deletion

We do it with the groupdel command followed by the group name, for example:

sudo group of teachers

The group will be deleted only if it does not have users with the group assigned as primary. If any user with this condition exists, the group will not be deleted.

Add users to a group

For this we use the adduser command and then the user name and the group name. For example, to add Luis to the teachers group we use:

sudo adduser luis teachers

Remove users from a group

And finally, if we want to remove a user from a group, we use the deluser command accompanied by the name of the user and the group. For example, if we want to remove "luis" from the "professors" group:

sudo deluser luis professors

As you can see, we have enough tools to perform excellent user and group management in Linux. If you require more information about the commands, you can consult the available help, executing man followed by the name for example:

man adduser

Additionally, can you leave us your questions or concerns in our comments and can we help you?

Hardware

Editor's choice

Back to top button