We will Learn how to Add Users in Linux in this article. Linux user management is important as it helps manage access, maintain security, and perform well in a multi-user environment. Suppose you want to add or manage users on Linux. In that case, this guide discusses every component — first, the simplest user creation commands, followed by in-depth methods for group and permission configuration.
1. What is User Management in Linux?
Linux’s multi-user capabilities make it ideal for servers and systems that need secure, segmented access.
User management is fundamental in Linux for:
- Security: Protects sensitive files and commands from unauthorized access.
- Organization: Structures permissions and roles to maintain an orderly environment.
- Resource Management: Allows to control which resources can be used by a process, i.e., CPU, memory, and disk space.
User management allows administrators to define which users can access specific files, execute commands, or install software.
2. Permissions and User Roles in Linux
Permissions and roles are the backbone of Linux security, defining access at both the user and group level. Linux permissions operate under three main categories:
- User: The file or directory owner.
- Group: Users who share similar access needs.
- Other: All other users on the system.
Each category has read (r), write (w), and execute (x) permissions. Permissions are represented by a numeric code, where 7 is full access, 5 is read and executed, and so on.
Types of Users in Linux
- Root User: The superuser with unrestricted access, used for system administration.
- System Users: Accounts that serve specific system processes (e.g., web server).
- Regular Users: Standard user accounts with permissions set by the administrator.
Understanding these user types and permissions helps you set access controls appropriately.
3. Requirements for User Creation
Before adding users, make sure you have:
- Sudo or Root Access: Most user management commands require elevated privileges.
- Terminal Access: User commands are executed through the command line.
- Knowledge of Default Group Policies: Helps in configuring users efficiently.
Key Concepts in User Management
- UID (User Identifier): Each user is assigned a unique UID.
- GID (Group Identifier): Each group has a unique GID.
- Home Directory: The directory where a user’s files are stored.
- Shell: The command-line interpreter assigned to a user (e.g., /bin/bash).
4. Commands for Adding Users
Linux provides two main commands for adding users: useradd and adduser. Each command has distinct features.
Adding Users with useradd
useradd is a core command in most Linux distributions and provides full control over user configuration.
Basic Syntax
sudo useradd [username]
By default, this creates a user with minimal settings. Additional options allow for more customization:
Common useradd Options
Create Home Directory: Use -m to create a user’s home directory automatically.
sudo useradd -m [username]
- Set a Custom Home Directory: Use -d to specify a custom directory path.
sudo useradd -d /custom/path [username]
- Assign Default Shell: Use -s to specify the login shell (e.g., /bin/bash, /bin/zsh).
sudo useradd -s /bin/bash [username]
- Expiration Date: Use -e to set an account expiration date, useful for temporary accounts.
sudo useradd -e 2025-01-01 [username]
- Primary Group: Use -g to set the primary group for the user.
sudo useradd -g groupname [username]
- Supplementary Groups: Use -G to add the user to multiple groups.
sudo useradd -G group1,group2 [username]
Adding Users with adduser
adduser is a higher-level command available on Debian-based systems, providing an interactive approach.
Basic Usage
sudo adduser [username]
The command will cause it to ask you to type the user’s password, and other details, making it a nice option when you are looking to set up a user quickly.
5. Configuring User Accounts
User accounts can be configured with specific settings for home directories, shells, and expiration dates.
Setting Default Shells
Specify a login shell at creation to control the user’s command interpreter:
sudo useradd -s /bin/zsh [username]
Setting Expiration Dates
An expiration date is useful for temporary users:
sudo useradd -e YYYY-MM-DD [username]
For existing users, use chage to adjust the expiration:
sudo chage -E YYYY-MM-DD [username]
Locking and Unlocking User Accounts
To lock an account, preventing the user from logging in:
sudo usermod -L [username]
To unlock an account:
sudo usermod -U [username]
6. Managing User Groups
These groups group users and define permissions shared for (files, directories, and commands).
Primary and Secondary Groups
- Primary Group: The group a user belongs to by default. It’s assigned during user creation.
- Secondary Groups: Additional groups that extend access privileges.
Group Management Commands
Create a Group: Use groupadd to create a new group.
sudo groupadd [groupname]
- Add a User to a Group: Use usermod with -aG to add users to supplementary groups.
sudo usermod -aG [groupname] [username]
- Remove a Member from a Group: You can either remove a user from a group by editing /etc/group or with gpasswd.
sudo gpasswd -d [username] [groupname]
- Check Group Membership: Use groups to verify group assignments.
groups [username]
7. Setting and Managing Passwords
Passwords are very important for the user, and Linux has few options for controlling how passwords come to life.
Setting Initial Passwords
To set or change a user’s password, use passwd:
sudo passwd [username]
Enforcing Password Policies
Control password rules, including minimum length, complexity, and expiration, by configuring the /etc/login.defs file or using chage.
Using chage to Enforce Password Expiration
sudo chage -M 90 [username]
This command sets the password to expire every 90 days, requiring users to update it regularly.
Locking Passwords
Lock a user’s password without disabling the account:
sudo passwd -l [username]
Unlock it with:
sudo passwd -u [username]
8. Customizing User Environments
Each user has a default environment that includes files, directories, and shell settings.
Default Files in /etc/skel
Files in /etc/skel are copied to a new user’s home directory upon creation. Add custom files to /etc/skel to set up a standardized environment for all users.
Configuring Shell Profiles:
.bashrc
or
.profile
They are files in a user’s home directory that set environment variables, aliases, and preferences for command use by individual users.
9. Advanced User Permissions and Restrictions
For users with elevated responsibilities, control access with sudo privileges or restrict access to certain commands.
Granting Sudo Access
Granting permission elevated, add a user to the sudo group.
sudo usermod -aG sudo [username]
Configuring sudoers
To limit which commands a user can execute with sudo, edit the /etc/sudoers file:
sudo visudo
Take care to define clear, specific commands under the user’s entry to control sudo access.
10. File and Directory Permissions
Linux file permissions use a numeric system to represent different levels of access for users, groups, and others.
Changing Permissions with chmod
Adjust file permissions using chmod:
sudo chmod 744 [filename]
This command gives the owner read, write, and execute permissions and allows all others to have read permissions.
11. Configuration Files for User Management
Several key files store user and group information:
- /etc/passwd: Stores basic user account details.
- /etc/shadow: Holds encrypted passwords and password aging information.
- /etc/group: Lists group information.
- /etc/gshadow: Securely manages group passwords.
These files are critical for account management and should be handled carefully.
12. Automating User Management Tasks
Automate user creation and management for efficient handling of large-scale systems.
Scripting for Bulk User Creation
Use a bash script to create multiple users from a file:
#!/bin/bash
while IFS=, read -r username
do
sudo useradd "$username"
done < users_list.txt
Save the list of users in users_list.txt and run the script to automate the process.
13. Troubleshooting and Maintenance
Common problems involved with user management are login issues, permission errors, and grouping issues. When you address these things (verifying permissions, checking group memberships, reviewing expiration settings, etc.), it’ll speed things up.
14. Additional Tools for User Management
Several GUI tools can simplify user management, including:
- Webmin: A user and group management web based interface.
- Cockpit: They are a server manager with user and permissions management.
- Linuxconf is software in some distribution kits, allowing us to manage users and services.
15. Conclusion
Linux user management is an essential skill for administrators, offering flexibility in configuring and securing user accounts. Following these detailed steps allows you to create, configure, and maintain user accounts effectively across various Linux environments.
About the writer
Vinayak Baranwal wrote this article. Use the provided link to connect with Vinayak on LinkedIn for more insightful content or collaboration opportunities.