Tech Nest

Linux - User and Groups

Deepak Kashyap's photo
Deepak Kashyap
·

4 min read

  • Any process or action performed in the RHEL has to be associated with an user
id #Command used to get information of logged in user
ls -l #Command which lists the user associated with the files
ps -au #Command to list all processes along with user association
  • User information is stored in /etc/passwd file in format as below: username:password:UID:GID:GECOS:/home/dir:shell
  1. username: Value provided for every uid
  2. password: Recent versions of RHEL has password saved in /etc/shadow
  3. UID: user id assigned by OS
  4. GID: group id associated
  5. GECOS: For comments or description about user
  6. /home/dir: Home directory of the user
  7. shell: A program which is to be run when user logs in
  • Local groups are defined in /etc/group and every user will have one primary group

Super user

  • root is the super user in RHEL and has highest privilege among users

  • su [-] command to change the user

su temporarily grants standard users root privileges and responsibilities but user should be aware of the root password

  • sudo allows users to run commands as root or another user, based on settings in /etc/sudoers

  • In RHEL, users in wheel group can use sudo

To Add Local Users

  • useradd username sets reasonable defaults for all fields in /etc/passwd

  • /etc/login.defs contains the default setting for new users when not explicitly mentioned while creating the user

  • usermod can be used to modify the existing user properties, use 'usermod --help' to know different options available

userdel username #To delete user
userdel -r username #to remove user along with user's home directory and files
#Always make sure to use -r to avoid conflicts or issues
  • If in case users were deleted without deleting directories associated with them then we could use below command:
#root can find unowned files and directories by running:
 find / -nouser -o -nogroup 2> /dev/null

  • To list current password setting of a user chage -l username

  • User needs account with password to authenticate to system, but does not need interactive shell, in this case Set user’s login shell to /sbin/nologin

nologin shell prevents interactive use of system, but does not prevent all access

Points to Remember:

  • UID identifies the user at the most fundamental level with a numeric identifier

  • Login shell provides the user's command line prompt

  • /etc/group is location for local group information

  • /etc/passwd is location of local user account information

  • GID is a number that identifies the group at the most fundamental level

  • su command allows you to become another user

  • In Red Hat Enterprise Linux 7, by default, members of wheel group can run sudo to run any command as any user

  • /etc/shadow stores local passwords in encrypted format

For Additional Reading: Red Hat Documentation

Linuxlinux for beginnerslinux-basics