The 6 Linux commands you need to know for user management
Linux is a multi-user operating system. What does that mean? Like all good operating systems, you can have multiple user accounts on one machine. You can also have more than one user logged in at once.
You could have one user logged in directly to the machine, one user logged in via the desktop remotely, another user logged in via Secure Shell. The only limitations are that you can only have one user logged into the desktop directly and the number of users logged in remotely (especially when they're viewing their desktop with an app for remote desktop viewing) will be heavily influenced by system resources.
Also: The first 5 Linux commands every new user should learn
Or you might have a desktop machine with only you at the helm and you still might find yourself in a situation where user management can be necessary. If you have any intention of getting the most out of Linux, you'll want to know a few commands.
Let me introduce you to the six commands I depend on for keeping things humming for either myself or other users on a Linux system.
1. adduser
Simply put, the adduser command allows you to add a new user to a Linux machine. Let's say you have a family member named Olivia and you want to give her an account on your machine. For that, you'd issue a command like this:
sudo adduser olivia
You'd be prompted for your sudo password and then be required to fill out the necessary information (full name, room number, work phone, home phone, others). The information is optional, but I would at least suggest adding a full name.
The adduser command creates the new user's home directory and all the other bits they'll need to log in, with one exception…their password.
Also: 5 reasons why desktop Linux is finally growing in popularity
These are the very basics of using the adduser command, but it's all you need to get up and running. To find out more about what the command can do, read the manual page with the command:
man adduser
2. passwd
Once you've added a user with useradd, you'll want to give them a password. Let's stick with our olivia example. To give that user a login/sudo password, run the command:
sudo passwd olivia
You will first be prompted for your sudo password and then be prompted to type/verify a password for the user.
You can probably already see the problem here. If you give the user their password, you'll know the password and that's not ideal for security and privacy. The good news is you can create the password and set it to expire immediately (which will then prompt the user to change the password when they first log in). To do that, you'll have to make use of another command.
3. chage
When you want to create a temporary password for a new user, you create that user as you did above (using adduser and passwd) and then set it to immediately expire with the chage command like this (sticking with our olivia example):
sudo chage -d 0 olivia
You'll be prompted for your sudo password and then the user will be required to change their password on their next login attempt.
4. usermod
If you ever need to modify a user, this is the command you use. I often use this to add a user to a group, but usermod allows you to change things like a user's comment field in /etc/passwd, the user's home directory, the user account expiration date (if needed), set the user to inactive, and more. You can also lock a user, which places an "!" at the beginning of their password to effectively disable the account.
As I said, I use this command mostly for adding a user to a group, which can be done like this:
sudo usermod -aG GROUP USER
Where GROUP is the group name and USER is the username. The a option is for append and G is for group.
5. chown
If you ever need to change ownership of a file or folder from one user to another, chown is the command to use. Ownership is a simple way of managing who has access to files and folders. For example, if you have a folder named /data and you want to give the editors group access to the folder (and its contents within), you could change the group ownership like so:
chown -R :editors /data
First off, the -R option means recursive, so not only the folder will have its group ownership changed but all files and folders within will as well. As to the :editors, when you use chown, you can change the ownership for the owner and the group, which is in the form owner:group. If you only want to change the group, you leave the left side of the : blank.
You will then run into an issue which can be resolved with the next command.
6. chmod
The chmod command modifies the permissions of a file or folder. In the example above, I've changed the ownership of the folder /data to that of editors. The problem is, you also have to change the permissions such that the group can modify the contents within the folder. Say, for example, we have our /data folder. When you created it, it was own by root and the permissions were probably something like this:
- owner - read, write, execute (rwx)
- group - read, execute (r-x)
- other - read, execute (r-x)
In order for our editors group to make any changes, we have to use the chmod command to add write permissions, which is done like so:
sudo chmod -R g+w /data
Now, anyone in the editors group will have write permissions in /data.
And those are the first commands you'll want to know for user management in Linux. To learn more about each, you'll want to read the manual pages (such as man passwd, man chage, man usermod, man chown, and man chmod). Other than that, you should be ready to go.