Introduction
User management is a fundamental skill for system administrators and Linux users. The command-line interface (CLI) provides powerful tools to create, modify, and delete user accounts efficiently. Proper user management ensures system security, proper access control, and organized permissions.
In this guide, we'll explore essential Linux user management commands, including sudo, su, useradd, userdel, usermod, and passwd. Whether you're managing a personal server or an enterprise system, these commands will streamline your administrative tasks.
Executing Commands as Another User with sudo and su
The sudo command allows executing commands with elevated privileges or as another user. Some essential sudo usage examples include:
sudo -i # Switch to root user
sudo -u {username} {command} # Execute a command as another user
The su command enables switching users by requesting authentication via PAM:
su {username} # Switch to another user
su - # Switch to root user
These commands are crucial for managing user permissions and executing administrative tasks safely.
Creating and Managing Users with useradd
The useradd command is used to create new user accounts. Below are some common options:
sudo useradd -m {username} # Create a new user with a home directory
sudo useradd --lock {username} # Lock a user's password
sudo useradd --shell /bin/false {username} # Prevent user login
sudo useradd --uid {uid} {username} # Assign a specific UID
sudo useradd --gid {gid} {username} # Assign a specific GID
sudo useradd --groups {group1,group2} {username} # Assign secondary groups
sudo useradd --home-dir {path} {username} # Set a custom home directory
sudo useradd --comment "User description" {username} # Add a comment field
sudo useradd --skel {path} {username} # Use a skeleton directory
sudo useradd --create-home {username} # Create a home directory
sudo useradd --system {username} # Create a system user
These options allow fine-tuned control over user creation and permissions.
Deleting and Modifying Users
Removing a User with userdel
The userdel command removes a user account and its associated files:
sudo userdel -r {username} # Delete user and home directory
Modifying User Accounts with usermod
The usermod command is used to modify existing user accounts:
sudo usermod -aG {group} {username} # Add user to a group
sudo usermod -d {new_home_dir} -m {username} # Change home directory
sudo usermod -L {username} # Lock user account
sudo usermod -U {username} # Unlock user account
Managing Groups with addgroup and delgroup
User groups help manage permissions efficiently. You can add and remove groups using:
sudo addgroup {groupname} # Create a new group
sudo delgroup {groupname} # Remove a group
Assign users to groups using:
sudo usermod -aG {groupname} {username}
Groups provide an efficient way to manage user permissions for different tasks and access levels.
Changing Passwords Securely with passwd
The passwd command is used to change user passwords:
sudo passwd {username} # Set or change a user's password
passwd # Change the password for the current user
To enforce security policies, administrators can expire passwords or lock user accounts:
sudo passwd -l {username} # Lock a user's account
sudo passwd -u {username} # Unlock a user's account
This ensures better password management and security enforcement.
Conclusion
Mastering user management via the Linux CLI is essential for maintaining system security and efficiency. Commands like sudo, su, useradd, usermod, userdel, and passwd provide robust control over user accounts, ensuring smooth system administration.
By integrating these commands into your workflow, you can manage users effectively while maintaining security and access control. Whether you're a system administrator or an advanced Linux user, proper user management is a vital skill for maintaining system integrity.