Ugacomp

Ugacomp

A beginner’s guide to Linux User Management

Where necessary, you may need to have access to a VPS server so you can follow how to implement the steps in this article.  You can get a cheaper VPS Server from Contabo with 4vCPU cores, 8GM RAM, and 32TB Bandwidth for less than $5.50 per month. Get this deal here now

  • UPDATED: 3 months ago | Elijah Were

Table of Contents

Cloud VPS S

$5.50 Monthly
  • 4 vCPU Cores | 8GB RAM
Buy Now

CLOUD VPS M

$15.50 Monthly
  • 6 vCPU Cores | 16GB RAM
Buy Now

CLOUD VPS L

$17.50 Monthly
  • 8 vCPU Cores | 24GB RAM
Buy Now

Understanding user management, permissions, and authentication is crucial for any Linux user, especially beginners. In this guide, we’ll explore the fundamental concepts and provide practical command examples to help you navigate through the intricacies of Linux user management.

Who is a Linux user?

In the context of Linux and other Unix-like operating systems, a “Linux user” refers to an individual who has an account on a Linux system. Each user has a unique username and is assigned specific permissions and access rights within the system. Linux is a multi-user operating system, meaning that multiple users can simultaneously interact with and use the system’s resources.

Linux users can perform various tasks, such as running programs, accessing files, and configuring system settings, based on their assigned permissions. User accounts are crucial for maintaining security and ensuring that different individuals or processes can work independently and securely on the same system.

Users can be classified into different categories, such as regular users and administrators. Regular users have limited permissions and are typically assigned to specific groups, while administrators, often referred to as “superusers” or “root,” have elevated privileges and can perform system-wide changes.

Create Regular Linux user

To create and add a new user in Linux, you can use the adduser command. Replace <username> with the desired username.

sudo adduser username

Replace “username” with the desired username. After running this command, you should set a password for the new user using the passwd command:

sudo passwd username

Create Administrative Linux Users

To create an administrative Linux user with sudo privileges, begin by opening a terminal on your Linux system. Once in the terminal, use the following command:

sudo adduser username

Replace <username> with your desired administrative username. You will be prompted to set a password for the new user, and you can provide additional information such as full name and phone number, or simply press Enter to skip these details

After confirming the provided information, the user account will be created. To grant administrative privileges to this user, add them to the sudo group with the command

sudo usermod -aG sudo username

Ensure to substitute <username> with the precise username allocated during the creation process.

Create a Linux user with limited administrative privileges

Here are some examples of scenarios where a Linux user can have limited sudo privileges, along with corresponding command examples:

Allowing a user to restart a specific service

username   ALL=(ALL:ALL) /usr/sbin/service apache2 restart

This allows the user to restart the Apache web server using sudo.

Permitting a user to mount and unmount a specific device

username   ALL=(ALL:ALL) /bin/mount /dev/sdb1, /bin/umount /dev/sdb1

This allows the user to mount and unmount a specific device (e.g., an external hard drive).

Allowing a user to run a specific script as root

username   ALL=(ALL:ALL) /path/to/script.sh

This allows the user to execute a custom script with sudo privileges.

Granting a user permission to edit a specific system file

username   ALL=(ALL:ALL) /usr/bin/vim /etc/network/interfaces

This allows the user to edit the network configuration file using sudo.

Permitting a user to install and remove packages

username   ALL=(ALL:ALL) /usr/bin/apt-get install, /usr/bin/apt-get remove

This allows the user to install and remove packages using the APT package manager.

Allowing a user to manage printers

username   ALL=(ALL:ALL) /usr/sbin/lpadmin -p *

This allows the user to manage printers using the lpadmin command.

Permitting a user to run specific administrative commands

username   ALL=(ALL:ALL) /bin/systemctl restart service_name, /sbin/reboot

This allows the user to restart a specific service and reboot the system using sudo.

Allowing a user to view logs

username   ALL=(ALL:ALL) /usr/bin/cat /var/log/syslog

This allows the user to view the syslog using sudo.

Permitting a user to check disk space

username   ALL=(ALL:ALL) /bin/df -h

This allows the user to check disk space using sudo.

Granting permission to view system information

username   ALL=(ALL:ALL) /usr/bin/hostnamectl

This allows the user to view system information using sudo.

Allowing a user to change their password

username   ALL=(ALL:ALL) /usr/bin/passwd

This allows the user to change their password using sudo.

Permitting a user to run specific networking commands

username   ALL=(ALL:ALL) /sbin/ifconfig eth0, /usr/bin/ping -c 3 example.com

This allows the user to check network interfaces and ping a specific host using sudo.

Granting permission to modify the system time

username   ALL=(ALL:ALL) /usr/bin/date --set="YYYY-MM-DD HH:MM:SS"

This allows the user to set the system date and time using sudo.

Allowing a user to edit specific configuration files

username   ALL=(ALL:ALL) /usr/bin/vim /etc/nginx/nginx.conf

This allows the user to edit the Nginx configuration file using sudo.

Permitting a user to run specific backup commands

username   ALL=(ALL:ALL) /usr/bin/rsync -av /source /destination

This allows the user to perform backups using rsync with sudo.

Create a Linux user with access to one folder only

To create a Linux user with access to only one folder, you can use the following command to create a new user. Replace “username” with the desired username.

   sudo useradd username

Use the passwd command to set a password for the newly created user.

   sudo passwd username

Create the folder to which you want to grant the user access. In this example, we’re creating a folder named example_folder:

   sudo mkdir /path/to/example_folder

Grant read and write permissions to the folder for the user.

   sudo chown username:username /path/to/example_folder
   sudo chmod 700 /path/to/example_folder

The chown command changes the ownership of the folder to the specified user and group, and chmod 700 gives read, write, and execute permissions only to the owner (the newly created user).

Switch to the new user and try accessing the folder.

   su - username
   cd /path/to/example_folder

The user should be able to access only the specified folder.

Deleting Users

If you need to remove a user, the userdel command is handy. Be cautious, as this will permanently delete the user account.

sudo userdel -r <username>

The -r flag removes the user’s home directory and mail spool along with the account.

RECOMMENDED READING: How to delete Linux Users using the Terminal

Modifying User Information

To change user details like the password or full name, use the usermod command.

sudo usermod -c "New Full Name" <username>

This example updates the user’s full name associated with the account.

Understanding Linux Users and Groups

Linux simplifies user management by organizing users into groups. Each user belongs to a primary group and can be a member of multiple secondary groups. The groups command displays group memberships for a user.

groups <username>

Creating Linux user Groups

To create a new group, use the addgroup command.

sudo addgroup <groupname>

Adding Users to Groups

Adding a user to a group involves the usermod command.

sudo usermod -aG <groupname> <username>

The -aG flags ensure the user is appended to the specified group without affecting other group memberships.

RECOMMENDED READING: How to create a new user group in Linux

Linux User groups with limited administrative privileges

When granting limited sudo privileges to a Linux user group, you can specify commands that the members of the group are allowed to run with elevated permissions. Here are various scenarios with command examples where a Linux user group has limited sudo privileges:

Allowing a group to install and update packages

%groupname   ALL=(ALL:ALL) /usr/bin/apt-get install, /usr/bin/apt-get update

This allows members of the group to install and update packages using the APT package manager.

Permitting a group to restart a specific service

%groupname   ALL=(ALL:ALL) /usr/sbin/service apache2 restart

This allows members of the group to restart the Apache web server.

Granting permission to mount and unmount devices

%groupname   ALL=(ALL:ALL) /bin/mount /dev/sdb1, /bin/umount /dev/sdb1

This allows members of the group to mount and unmount a specific device.

Allowing a group to edit specific system files

%groupname   ALL=(ALL:ALL) /usr/bin/vim /etc/network/interfaces

This allows members of the group to edit the network configuration file.

Permitting a group to manage printers

%groupname   ALL=(ALL:ALL) /usr/sbin/lpadmin -p *

This allows members of the group to manage printers using the lpadmin command.

Granting permission to view logs

%groupname   ALL=(ALL:ALL) /usr/bin/cat /var/log/syslog

This allows members of the group to view the syslog.

Allowing a group to check disk space

%groupname   ALL=(ALL:ALL) /bin/df -h

This allows members of the group to check disk space.

Permitting a group to run specific administrative commands

%groupname   ALL=(ALL:ALL) /bin/systemctl restart service_name, /sbin/reboot

This allows members of the group to restart a specific service and reboot the system.

Permissions and File Ownership

Linux uses a robust permission system to control access to files and directories. The chmod command is used to modify permissions.

chmod <permissions> <filename>

Here, <permissions> can be specified as a combination of letters (e.g., “rwx”) or numeric values (e.g., 755).

RECOMMENDED READING: How to add and edit file permissions in Linux

Hire us to handle what you want

Hire us through our Fiverr Profile and leave all the complicated & technical stuff to us. Here are some of the things we can do for you:

  • Website migration, troubleshooting, and maintenance.
  • Server & application deployment, scaling, troubleshooting, and maintenance
  • Deployment of Kubernetes, Docker, Cloudron, Ant Media, Apache, Nginx,  OpenVPN, cPanel, WHMCS, WordPress, and more
  • Everything you need on AWS, IBM Cloud, GCP, Azure, Oracle Cloud, Alibaba Cloud, Linode, Contabo, DigitalOcean, Ionos, Vultr, GoDaddy, HostGator, Namecheap, DreamHost, and more.
 

We will design, configure, deploy, or troubleshoot anything you want. Starting from $10, we will get your job done in the shortest time possible. Your payment is safe with Fiverr as we will only be paid once your project is completed. 

HIRE US
HIRE US

Further Reading

Facebook Twitter Youtube Reddit Linkedin Quora Instagram Medium

Privacy Policy

© 2024 Ugacomp Technologies