Linux: Users and Groups

This page is a basic tutorial on managing Linux users and groups.

On a linux machine, there are:

1. A set of users.
2. A set a groups.
3. Each user has a name and a user ID called uid. (positive integer)
4. Each group has a name and a group ID called gid. (positive integer)
5. Each user belongs to at least one group.
6. One of the group the user belongs to is called his primary group.
7. The default admin user is named “root”, and its uid is 0.

Listing {user, group}, Finding {uid, gid}

Show a user's uid

# show a user's uid
id myLoginName

List all users

It's stored in the file /etc/passwd.

# list all users on a machine
cat /etc/passwd | awk -F\: '{print $1}'

Here's a sample passwd file:

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
…

Each line is a colon separated field. The values mean these:

1. login name
2. optional encrypted password
3. numerical user ID
4. numerical group ID
5. user name or comment field
6. user home directory
7. optional user command interpreter (shell path)

For detail, type man 5 passwd.

Show a group's gid

It's stored in the file /etc/group.

# list all group names
cat /etc/group

Here's a sample group file content:

root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:joe
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:

…

Each line is a colon separated field. The values mean these:

1. group name
2. password (not really used in practice)
3. group id (gid)
4. list of users that belongs to this group, separated by comma.

See man 5 group.

List all groups

cat /etc/group

Find the primary group of a user

id userName

Sample output:

uid=1000(joe) gid=1000(joe) groups=1000(joe),4(adm),20(dialout),24(cdrom),46(plugdev),116(lpadmin),118(admin),124(sambashare)

The “gid=1000(joe)” is the primary group the user belongs to. In this example, my user name is “joe”, uid is 1000, and there's a group also named “joe” with gid 1000, and it's primary group joe belongs to.

The “groups=…” are all the groups the user belongs to.

Creating/Modifying {user, group}

Create a new user

useradd newName. The “useradd” is a low-level command. On Debian based Linuxes, there's a higher-level command adduser you can use.

When you create a user, several other things must happen too. For example, creating a home dir for the user, specify the user's login shell path, specify the user's primary group.

Use useradd -D to see the defaults.

joe@joe-VirtualBox ◆  2012-10-13 ◆ 04:00  ◆ ~
useradd -D

GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/sh
SKEL=/etc/skel
CREATE_MAIL_SPOOL=no

Create a new group

groupadd newName, or addgroup.

See their man page for detail.

Change the primary group for a user

sudo usermod -g new_group_name userName

The group for all files of user's home dir will be changed too. But for other files, you'll need to change yourself.

Add a user to a group

sudo usermod -a -G new_group_name userName

The user needs to re-login for his new group to have effect.

Remove a user from a group

First, find out all the groups the user belongs, by id userName, then use sudo usermod -G comma_separated_group_names userName. The “-G” option take a list of all the groups the user should belong to.

Create multiple users in batch

newusers users_data_file. The users_data_file is a text file containing user info. Each line should have the same format as the /etc/passwd file. See: man newusers.