Linux: Users and Groups
This page is a basic tutorial on managing Linux users and groups.
On a linux machine, there are:
- A set of users.
- A set a groups.
- Each user has a name and a user ID called uid. (positive integer)
- Each group has a name and a group ID called gid. (positive integer)
- Each user belongs to at least one group.
- One of the group the user belongs to is called his primary group.
- The default admin user is named “root”, and its uid is 0.
Listing {user, group}, Finding {uid, gid}
Show a user's uid
# show a user's uid id myLoginName
List all users
It's stored in the file /etc/passwd.
# list all users on a machine cat /etc/passwd | awk -F\: '{print $1}'
Here's a sample passwd file:
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh …
Each line is a colon separated field. The values mean these:
- login name
- optional encrypted password
- numerical user ID
- numerical group ID
- user name or comment field
- user home directory
- optional user command interpreter (shell path)
For detail, type man 5 passwd.
Show a group's gid
It's stored in the file /etc/group.
# list all group names cat /etc/group
Here's a sample group file content:
root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4:joe tty:x:5: disk:x:6: lp:x:7: mail:x:8: news:x:9: uucp:x:10: man:x:12: proxy:x:13: kmem:x:15: …
Each line is a colon separated field. The values mean these:
- group name
- password (not really used in practice)
- group id (gid)
- list of users that belongs to this group, separated by comma.
See man 5 group.
List all groups
cat /etc/group
Find the primary group of a user
id user_name
Sample output:
uid=1000(joe) gid=1000(joe) groups=1000(joe),4(adm),20(dialout),24(cdrom),46(plugdev),116(lpadmin),118(admin),124(sambashare)
The “gid=1000(joe)” is the primary group the user belongs to. In this example, my user name is “joe”, uid is 1000, and there's a group also named “joe” with gid 1000, and it's primary group joe belongs to.
The “groups=…” are all the groups the user belongs to.
Creating/Modifying {user, group}
Create a new user
useradd new_name. The “useradd” is a low-level command. On Debian based Linuxes, there's a higher-level command adduser you can use.
When you create a user, several other things must happen too. For example, creating a home dir for the user, specify the user's login shell path, specify the user's primary group.
Use useradd -D to see the defaults.
joe@joe-VirtualBox ◆ 2012-10-13 ◆ 04:00 ◆ ~ useradd -D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/sh SKEL=/etc/skel CREATE_MAIL_SPOOL=no
Create a new group
groupadd new_name, or addgroup.
See their man page for detail.
Change the primary group for a user
sudo usermod -g new_group_name user_name
The group for all files of user's home dir will be changed too. But for other files, you'll need to change yourself.
Add a user to a group
sudo usermod -a -G new_group_name user_name
The user needs to re-login for his new group to have effect.
Remove a user from a group
First, find out all the groups the user belongs, by id user_name, then use
sudo usermod -G comma_separated_group_names user_name. The “-G” option take a list of all the groups the user should belong to.
Create multiple users in batch
newusers users_data_file. The users_data_file is a text file containing user info. Each line should have the same format as the /etc/passwd file. See: man newusers.
If you have a question, put $5 at patreon and message me.