TheCloud

Linux User Management 101

This is a short introduction to user management on Linux.

If you’ve got any suggestions or feedback for this article, message me here.
E&OE*. Use these commands at your own risk**!

The best way to learn anything on Linux, is by doing.

So if you are worried about breaking something, then install Linux on a usb drive and boot from that for testing.

Let’s begin by asking, who am I ?

Before we continue, we need to make sure that your account (user login) has the permissions needed to manage users and groups.
If you are not the server owner or do not have some administrative rights, then this article is not for you.

Start by opening a terminal window by pressing Ctrl + Alt + T

Type: whoami #Then press enter

The output will be the username you are currently logged in as.  You might also have noticed that your username makes up the first part of your command line prompt (i.e [email protected] ). For something a little more useful you can try: who -m #Then press enter.

Now that we know what user you’re logged in as, lets find out what groups you are a member of.

Type: groups #Then press enter

You should get an output similar to this (I’ve added the #comments for clarity).

My logged in username is hayward, my primary group is hayward and my secondary groups are sudo, shares and admin.

The important thing to note here is that my account is a member of the sudo group (commonly known as Super User DO) .

What is sudo ?

Sudo is a program that allows users to run commands that would normally only work with higher level accounts, such as root for example. Users who need administrative privileges should be added to the sudo group, rather than given the root login and password.  When a sudo group member wants to run an administrative command, they prefix it with sudo (example: sudo apt-get update).  Sudo tells the system to run the following command(s) as a substitute user, commonly the root user. The sudo user will need to provide their own password for security authentication. Nobody, even the server owner should be logging in as root, unless absolutely critical to the task in hand.

Be very careful running commands as root user. StartPage.com is your friend for more information and horror stories on using root :p

Why is my primary group the same as my username ?

The primary group is used by default when you log in, for setting ownership on files you create for example.
You can learn more about file permissions in our article: Linux Permissions 101 .

It is possible of course to change your primary group to something else, but that’s for advanced users and wont be covered here.

My username is root , what now ?

If your version of Linux didn’t prompt you to provide a username during installation (as is the case with most VPS hosting), then you’ll more than likely be logging in for the first time using the root account. This is often an unavoidable step when setting up a new server, so it’s nothing to worry about. Although you should make it a priority to prevent remote access with the root account. For more in depth advice on hardening a Linux server, read this article.

Adding a new user:

The native command for adding new users is useradd, this is considered the more advanced method. But I’m trying to make your life easier, so I’ll show you how to use the second method also, which is with the adduser command (it’s actually a perl script that calls the useradd command).  adduser prompts you for the information needed, while useradd expects you to provide it as part of the command line.  Let’s take a look at both methods below:

adduser (recommended method).

Should your version of Linux not have adduser installed, install it with this command: sudo apt-get install adduser

If you are logged in as root:

Type: adduser username #If the username already exists, you will get an error message. doh!

If you are logged in as a user with sudo privileges:

Type: sudo adduser username #Same as above, but you will need to enter your password to continue.

You will be asked to set a password for the new user and given the option to provide additional information, such as Full Name. Once you’ve set a password you can simply press enter for each of the other prompts until you’re asked if the information you provided is correct. Press Y , then Enter.

useradd (for advanced users).

Using this command will not automatically add a home directory or prompt you to set the user password.

If you are logged in as root:

Type: useradd username #Without home directory or password
Alternatively: useradd -d /home/username/ -m username #With home directory, note the space after /username/

If you are logged in as a user with sudo privileges:

Type: sudo useradd username #Same as above, but you’ll need to enter your password to continue.
Alternatively: sudo useradd -d /home/username/ -m username #Note the space after /username/

Once you’ve added the new user, set a password by typing: sudo passwd username #Don’t use sudo if logged in as root.

Adding the new user to a secondary group (sudo, for this example).

If you are logged in as root:

Type: usermod -a -G sudo username #Adds username to the sudo group

-a (append) -G sudo (add user to secondary group, sudo)

If you are logged in as a user with sudo privileges:

Type: sudo usermod -a -G sudo username #Same as above, but you’ll need to enter your password to continue.

This user will now be able to run commands as sudo (Super User DO).

You can switch to this new user by typing: su username #To switch back, just type exit and press enter.

For everything else, see our useful Linux commands article.