Every operating system has regular users who are not regarded as the local administrator as in windows or root as in UNIX-like and Linux systems. In Linux systems, every process run as a particular user, and a particular user owns all files in the system.
Since Linux was designed to allow multiple users to have access to the system at the same time, there is a need for users in the system to restrict or set permissions to their files. This is one of the benefits of files permissions in a Linux system.
During installation, the root user is created by default, but Linux also gives an option to either create a regular user or not. This process can be skipped as users can either be created from the GUI interface or the command-line interface.
In this article, we will be learning in details how to create or add, delete, view modify and set passwords for the local users
HOW TO CREATE/ADD USERS
The following section will show you the command and different options needed to create a user in a Linux system.
The useradd command is a low-level utility for adding users to a Linux system or updating default new user information in the /etc/passwd file when run without options.
When useradd command is invoked without any option, it does not set any valid password for the user by default, and the user cannot log in to the system until a password is set.
The above command uses useradd to add user captain to the system. You can view the information about the system users by running the cat, less, head or tail command.
The first field is the user being added; the second field is the password field; the third field is the UID of the user; the fourth field is the GID of the user. The fifth is the comment, but it wasn’t specified, the sixth field is the home directory, and the seventh field is the shell
The following is the basic options that are applied to useradd command
As a system administrator, it is not advisable to add a user with the –p option as the password will be visible to the users listing the process.
HOW TO MODIFY ACCOUNT OF EXISTING USERS
To modify users account which you have created, you make use of the usermod command. usermod command modifies account based on the specified values. The syntax is as; usermod options username. The following options can be used to modify the user’s account. You can use the
–L option to lock users account
-c to add a comment to the user’s account
-s command to specify a new login shell for the user account,
-d will specify a new directory for the user,
-m option will move the user’s home directory to a new location,
-U option will unlock the user’s account and
–a option is used with the –G option to append a user to a supplementary group
HOW TO DELETE A USERS ACCOUNT
The userdel command deletes users account and related files. For userdel to be successful, the user must exist in the system. userdel command deletes the specified user and leaves its home directory by default. They are various options to specify while working with the userdel command**.**
Please, use the man page for userdel to see available options that suit your needs.
The Most used and useful option in the userdel command is the –r option. The –r option, when specified with the userdel command**,** removes the users account alongside the home directory of the specified user.
Note that when a user is removed with the userdel command without the –r option, the system retains the previous users home directory which includes the files and also the UID. So when a new user is created without specifying the UID to that user, the system automatically assigned available UID to the newly created user. This can lead to information leakage and other security issues. So it is recommended to make use of the –r option when using the userdel command to delete users from the system.
In the command above we added a user captain. You can see in the /etc/passwd that the user is added and we also used the userdel command to delete the same user.
HOW TO VIEW USERS INFORMATION
To view user’s information specific to the system, you make use of the id command**.** The id command will display the user’s information, including the UID number and the group which they belong.
To view the file that belongs to or associated with a user, use ls –l command. You can also view the processes associated by a user by invoking the ps au command on the terminal.
Sending the ps command only shows the process in the current shell. Appending option “a” to it will list all the processes with a terminal.
The information of every local user on the system is located and stored in a flat-file of the /etc/passwd. A colon separates each information in the file. The file holds the username, password, UID, GID, GECOS/comments/full name of the user, home directory, and the shell. All of these separated by a colon. You can run a cat command on the /etc/passwd file to view all available user in the system
HOW TO SET USER’S PASSWORD
Like we said earlier, it is not recommended to set a password with the –p option while running the useradd command; instead, use the passwd command to set users password after adding the user to the system.
Only the root user has the right to create the user’s account or set passwords for any user. For a regular user to be able to perform this operation, the user must be added to the sudo group
It is necessary to set a password with a minimum of 8 characters and doesn’t
include a dictionary meaning or your username.
UNDERSTANDING UID VALUES SPECIFIC TO LINUX SYSTEMS
The UID values are what Linux system used to identify every user in the system and is used by the system to determine which resources of the system a user can access or is currently using. The UID values are stored in the /etc/passwd, the third field in the file.
In Linux systems, the UID values range as follows;
UID 0 is reserved for the root user
UID 1-200 is system processes reserved UID
UID 201-999 are system user’s ID used by system processes which do not own files in the file system. They are allocated dynamically from the available pool until the program that needs them is installed
UID 1000 and above are for regular users
CONCLUSION
I believe that after going through this article; you can add, modify, and delete users from the system. it is also important to understand basic security features while deleting a user from the system as it leads to the bridge of privacy or information leakage to another user when the –r option is not specified with the userdel command**.**
If you want to assign another user the files meant for the previous user, you can as well not use the –r option and go straight ahead to assign the current user the UID of the previously deleted user by using the –g option when creating the account**. (i.e., useradd –g username)**. It all goes down to knowing what you are doing and knowing your commands.
Note: A user might not be deleted straight using the userdel command if it is running on a process. To go about this, kill the process by running pkill process ID, and then run the userdel –f username afterwards. The process ID will be displayed along with the message on the terminal. The –f option will force the user to be deleted along with the home directory
Don’t forget to use the manual page of any command you finding difficult to understand.
REFERENCES:
passwd man page
Userdel man page
Useradd man page
Red Hat System Administration I Course