Linux – User Managment

This tutorial provides a step-by-step guide to managing Linux users and groups, including adding users with `useradd`, understanding the importance and usage of `sudo`, and managing user groups and permissions. Each step builds on the previous one, with practical examples and engaging practice exercises.

Beginner30 minutes

Step 1: Introduction to Linux Users and Groups

Linux is a multi-user system, meaning multiple users can interact with the system simultaneously. Each user has a unique identifier (UID) and belongs to one or more groups, which also have unique identifiers (GIDs). Understanding how to manage users and groups is essential for system administration.

Practice Exercise

List all users on your Linux system using the /etc/passwd file. Identify the UID and GID of each user.

Show Solution
# Use the `cat` command to view the /etc/passwd file
cat /etc/passwd
# Each line represents a user, with fields separated by colons. The third field is the UID, and the fourth is the GID.

Step 2: Adding Users with `useradd`

The useradd command is used to create new users. By default, it creates a user with a home directory and assigns a UID and GID. You can also specify additional options, such as setting the user's shell or home directory location.

# Create a new user named 'john'
sudo useradd john
# Verify the user was created
id john

Practice Exercise

Create a new user named 'alice' with a custom home directory /home/alice_home and set her default shell to /bin/bash. Verify the user's details.

Show Solution
# Create the user with custom home directory and shell
sudo useradd -m -d /home/alice_home -s /bin/bash alice
# Verify the user's details
id alice
# Check the home directory and shell
ls -ld /home/alice_home
grep alice /etc/passwd

Step 3: Understanding the Importance of `sudo`

The sudo command allows authorized users to execute commands as the superuser or another user. It is crucial for performing administrative tasks without logging in as the root user, enhancing security by limiting root access.

# Grant 'john' sudo privileges
sudo usermod -aG sudo john
# Verify sudo access
sudo -U john -l

Practice Exercise

Grant 'alice' sudo privileges and verify her access. Then, create a new directory /var/alice_data as the root user using sudo.

Show Solution
# Grant sudo privileges to alice
sudo usermod -aG sudo alice
# Verify sudo access
sudo -U alice -l
# Create a directory as root using sudo
sudo mkdir /var/alice_data
# Verify the directory was created
ls -ld /var/alice_data

Step 4: Managing User Groups

Groups are used to organize users and manage permissions collectively. You can add users to groups, create new groups, and modify group memberships using commands like groupadd, usermod, and gpasswd.

# Create a new group named 'developers'
sudo groupadd developers
# Add 'john' to the 'developers' group
sudo usermod -aG developers john
# Verify group membership
id john

Practice Exercise

Create a new group named 'designers' and add 'alice' to it. Then, create a shared directory /var/designers with group ownership and permissions that allow group members to read and write.

Show Solution
# Create the 'designers' group
sudo groupadd designers
# Add 'alice' to the group
sudo usermod -aG designers alice
# Create the shared directory
sudo mkdir /var/designers
# Set group ownership and permissions
sudo chown :designers /var/designers
sudo chmod 770 /var/designers
# Verify the setup
ls -ld /var/designers

Step 5: Managing File Permissions

Linux uses a permission system to control access to files and directories. Permissions are divided into three categories: owner, group, and others. You can modify permissions using the chmod command and change ownership with chown.

# Change the permissions of a file to allow the owner to read/write, the group to read, and others to have no access
chmod 640 myfile.txt
# Change the ownership of a file to 'john' and the group to 'developers'
sudo chown john:developers myfile.txt

Practice Exercise

Create a file /var/designers/project.txt and set its permissions so that the owner can read/write, the group can read, and others have no access. Change the ownership to 'alice' and the group to 'designers'.

Show Solution
# Create the file
touch /var/designers/project.txt
# Set permissions
sudo chmod 640 /var/designers/project.txt
# Change ownership
sudo chown alice:designers /var/designers/project.txt
# Verify the setup
ls -l /var/designers/project.txt

Step 6: Advanced Group Management with `gpasswd`

The gpasswd command allows you to manage group administrators, set group passwords, and add or remove users from groups. This is useful for delegating group management tasks.

# Set 'john' as the group administrator for 'developers'
sudo gpasswd -A john developers
# Add 'alice' to the 'developers' group
sudo gpasswd -a alice developers
# Remove 'alice' from the 'developers' group
sudo gpasswd -d alice developers

Practice Exercise

Set 'alice' as the group administrator for 'designers'. Then, add 'john' to the 'designers' group and verify the group membership.

Show Solution
# Set 'alice' as the group administrator
sudo gpasswd -A alice designers
# Add 'john' to the group
sudo gpasswd -a john designers
# Verify group membership
groups john

Step 7: Real-World Scenario: Managing a Development Team

In a real-world scenario, you might need to manage a development team with different access levels. For example, developers need access to a shared code repository, while designers need access to design assets.

# Create groups for developers and designers
sudo groupadd dev_team
sudo groupadd design_team
# Add users to the respective groups
sudo usermod -aG dev_team john
sudo usermod -aG design_team alice
# Create shared directories with appropriate permissions
sudo mkdir /var/dev_repo
sudo mkdir /var/design_assets
sudo chown :dev_team /var/dev_repo
sudo chown :design_team /var/design_assets
sudo chmod 770 /var/dev_repo
sudo chmod 770 /var/design_assets

Practice Exercise

Create a new group 'qa_team' and add a user 'bob' to it. Create a shared directory /var/qa_reports with permissions that allow the 'qa_team' group to read/write, and others to read only.

Show Solution
# Create the 'qa_team' group
sudo groupadd qa_team
# Add 'bob' to the group
sudo usermod -aG qa_team bob
# Create the shared directory
sudo mkdir /var/qa_reports
# Set group ownership and permissions
sudo chown :qa_team /var/qa_reports
sudo chmod 774 /var/qa_reports
# Verify the setup
ls -ld /var/qa_reports

Step 8: Troubleshooting User and Group Issues

Common issues include incorrect permissions, missing group memberships, or users unable to access resources. Use commands like id, groups, ls -l, and getent to diagnose and resolve these issues.

# Check a user's group memberships
id john
# List all groups
getent group
# Check file permissions and ownership
ls -l /var/dev_repo

Practice Exercise

A user 'bob' reports that they cannot access /var/qa_reports. Diagnose the issue and fix it, ensuring 'bob' has the necessary permissions.

Show Solution
# Check 'bob's group memberships
id bob
# Verify the permissions of /var/qa_reports
ls -ld /var/qa_reports
# If 'bob' is not in the 'qa_team' group, add him
sudo usermod -aG qa_team bob
# Verify the fix
id bob
ls -ld /var/qa_reports

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .