Linux: Users and Groups
This page is a basic tutorial on managing Linux users and groups.
On a linux machine, there are:
- A set of users.
- A set a groups.
- Each user has a name and a user ID called uid. (positive integer)
- Each group has a name and a group ID called gid. (positive integer)
- Each user belongs to at least one group.
- One of the group the user belongs to is called his primary group.
- The default admin user is named “root”, and its uid is 0.
Listing {user, group}, Finding {uid, gid}
How to show a user's uid?
# show a user's uid id myLoginName
How to list all users?
It's stored in the file /etc/passwd.
# list all users on a machine cat /etc/passwd | awk -F\: '{print $1}'
Here's a sample passwd file:
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh …
Each line is a colon separated field. The values mean these:
- login name
- optional encrypted password
- numerical user ID
- numerical group ID
- user name or comment field
- user home directory
- optional user command interpreter (shell path)
For detail, type man 5 passwd.
How to show a group's gid?
It's stored in the file /etc/group.
# list all group names cat /etc/group
Here's a sample group file content:
root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4:jane tty:x:5: disk:x:6: lp:x:7: mail:x:8: news:x:9: uucp:x:10: man:x:12: proxy:x:13: kmem:x:15: …
Each line is a colon separated field. The values mean these:
- group name
- password (not really used in practice)
- group id (gid)
- list of users that belongs to this group, separated by comma.
See man 5 group.
How to list all groups?
cat /etc/group
How to find the primary group of a user?
id user_name
Sample output:
uid=1000(jane) gid=1000(jane) groups=1000(jane),4(adm),20(dialout),24(cdrom),46(plugdev),116(lpadmin),118(admin),124(sambashare)
The “gid=1000(jane)” is the primary group the user belongs to. In this example, my user name is “jane”, uid is 1000, and there's a group also named “jane” with gid 1000, and it's primary group jane belongs to.
The “groups=…” are all the groups the user belongs to.
Creating/Modifying {user, group}
How to create a new user?
useradd new_name. The “useradd” is a low-level command. On Debian based Linuxes, there's a higher-level command adduser you can use.
When you create a user, several other things must happen too. For example, creating a home dir for the user, specify the user's login shell path, specify the user's primary group.
Use useradd -D to see the defaults.
jane@jane-VirtualBox ◆ 2012-10-13 ◆ 04:00 ◆ ~ useradd -D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/sh SKEL=/etc/skel CREATE_MAIL_SPOOL=no
How to create a new group?
groupadd new_name, or addgroup.
See their man page for detail.
How to change the primary group for a user?
sudo usermod -g new_group_name user_name
The group for all files of user's home dir will be changed too. But for other files, you'll need to change yourself.
How to add a user to a group?
sudo usermod -a -G new_group_name user_name
The user needs to re-login for his new group to have effect.
How to remove a user from a group?
First, find out all the groups the user belongs, by id user_name, then use
sudo usermod -G comma_separated_group_names user_name. The “-G” option take a list of all the groups the user should belong to.
How to create multiple users in batch?
newusers users_data_file. The users_data_file is a text file containing user info. Each line should have the same format as the /etc/passwd file. See: man newusers.