User types in linux

Linux Users & Groups, Types and How to Setup Linux Users and Groups?

User groups play a significant role in managing the Linux users and the entire system. If you are new to Linux and Unix, this concept might seem a bit complicated. But this article will provide an easy way to understand each of the topics and concepts in detail. User groups help in selecting the group of users so that they can share files easily.

This concept of Linux also helps in managing user privileges since assign privileges to groups is important rather than individual users. Let us now first understand, what Linux users are and what are group?

Linux users and files accessing privileges:

All Linux & Unix platforms allow multitasking like most of the operating systems. However, there is a slight distinction between Linux and other operating systems. It comes under the concept of multiple users. As we all know, Linux allows accessing and using its systems resources to various users concurrently.

These are Linux users. Accessing multiple resources by different users brings some security concerns to Linux users. So, to keep the files secure and put security in its position, it is essential to understand groups and protection privileges.

What are groups in Linux?

Groups are nothing but a cluster of different Linux users. The system administrator will define the group to set the privileges like reading, writing, or executing permission on an assigned file that users can share among themselves elected within the group.

Almost every Linux and Unix comes with a GUI tool or graphical application that allows the system administrator to manage these groups. Experienced system administrators prefer command-line tools over graphical tools.

Types of groups in the Linux & Unix

There are two different varieties of groups available in Linux.

• The Primary Group: When any user creates a file, the group assigned to it by default is the primary group. When a primary group is formed, the group name becomes the same as the username. It contains all the relevant file data in the /etc/passwd file.

• The Secondary Group: This is a particular group for users who wishes to share explicitly defined files that are granted explicit permissions by the admins. The system admin can provide specific permissions and rights to any files for the users residing within such groups.

Read, Write, and Execute Permissions in Linux:

Every file in the Linux systems comes with specific permission that is access and usage rights given to a particular file or directory. There are three different types of file and directory permissions. These are

• Read permission: When a file contains read permission, it permits its users to open files for readable purposes only. This permission makes the users capable to view the data only without altering anything. When the directory has read permission, the user gets the power to see and list the directory content.
• Write permission: When a file gets the write permission, it permits its user to alter or reconstruct any content from within the file. Once the admin provides this same permission for a directory, it will authorize the user to update or change the directory path and its content.
• Execute permission: This is powerful permission that allows users to run any script or program. This right allows the user to run or operate any script or program within the OS. When this permission is given to the directory, users can shift to different directories and can make any directory his/her current directory.

View file Permission:

Now, before setting up Linux Users and Groups in your system, it is essential to know how to view file permissions. For a system admin, it is necessary to check the file or directory’s permission mode in Linux. To view or check the directory or file’s permission, the admin should use the command:

Adding User in Linux:

Here are the steps you can follow to setup or add any Linux user to a group.

• Log in to your account as root user.
• Use the useradd command followed by the «name of the user». For example, useradd karlos
• Use «su» (super user) along with the name of the user you added just now to log on.
• Finally, use the «Exit» command. It will log you out from your current account.

Deleting Linux users from a group:

To delete a Linux user from any group, perform the following steps.

• Use the command userdel followed by the “name of the user”. For example, userdel karlos).
• Next, we have to use the command -d for setting the home directory for the user (by default it is the /home/”user name”). The -d will set the home directory for the user but will not create any new user.
• Then, we have to use the -m command for creating the home directory.
• For adding the user only, the default directory is the /home/“user name” directory. The -m will help in creating one.
• Finally, we can apply the command -r in conjunction with the userdel command for deleting the user & the home directory.

Creating a group in Linux:

It is very simple to create a new group in Linux. We have to apply the ‘groupadd’ command with the name of the group.

Syntax:

Adding an Existing User in the Group:

There might be a circumstance where you need to add a user to a secondary group. Usually, the admin adds existing users to make the group work on a project that requires team collaboration. To add an existing user in a group, you have to implement the command ‘usermod -a -G’, and specify the group and username in which you want to add that user.

Syntax:

$ sudo usermod -a -G sec_group_name user-name

Example:

$ sudo usermod -a -G pentestProject karlosray

Adding an Existing User to different Groups at a time:

Linux admin can face a circumstance where they might have to include a specific user in some secondary groups. It is possible using a single command. To implement this, the ‘usermod’ command along with the -G option/attribute is used. Along with this command, the admin has to serve the group names separated by commas.

Syntax:

$ sudo usermod -a -G group1, group2, group3 user_name

Example:

$ sudo usermod -a -G pentest, sudo, jenkins karlosRay

Remove a User from a Group:

When a project ends, Linux users are removed from groups to keep the data safe. To remove any user from the secondary group, the Linux user uses the ‘gpasswd’ command along with the -d option.

Syntax:

$ sudo gpasswd -d username group

Example:

$ sudo gpasswd -d karlos Jenkins

Conclusion:
Linux users and groups are two different concepts that intersect at some point. Linux is secure because of the access privileges. Setting the rights and access privileges requires proper knowledge of creating and removing users & groups. Almost all Linux distributions support the above commands mentioned in the article.

Источник

The 4 Main Types of User Accounts on Linux

Every user interacting with a Linux system has an account. But apart from standard users, there are a few other types of user accounts on Linux.

Readers like you help support MUO. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.

User accounts are a key concept on Linux. Primarily, they help you manage access control on your system. In addition, they allow multiple users to log in at any given time, and they are critical for the security of a system.

Without user accounts, it would be hard to control who has access to what part of a Linux system. Linux has four main types of user accounts. Here’s everything you need to know about them.

User Account Identifiers

A Linux system can have multiple user accounts, therefore, to be able to uniquely identify each account, Linux uses User Identifiers (UIDs) and Group Identifiers (GIDs). The very basis of any user account revolves around its UID.

Furthermore, each user account is associated with a specific group and is therefore assigned a GID. Of course, a user account can belong to several groups.

In addition to having user and group identifiers, every user account has its UID within a specific range that corresponds to the type of account it belongs to.

1. Superuser Account

On Linux, the superuser account is popularly known as the root, the default administrator of your system. Each Linux system must at a minimum have one root user account.

As part of the administrative privileges, the superuser account has unlimited access and control of a system, including other users. This is why you must always set a strong password for the root account.

The superuser account always has the UID 0 and is part of the group ID 0 too.

Unlike other accounts, the superuser has its home directory at the top-level directory, located at /root.

2. Regular Accounts

All other users that are later added to a Linux system are known as regular accounts or standard accounts. These types of accounts have limited access and control over the system but can gain administrative rights by using the sudo or su command.

On modern Linux systems, regular users have UIDs with a four-digit number starting from 1000. In fact, the first user account you create on your system will usually have the UID 1000.

By default, regular user accounts have their home directory within the /home directory. If you use the ls command to do a listing of the home directory, you’ll get a good picture of the current users on your system.

Another important attribute of regular accounts is that they have a default shell and on most Linux distros, this is the Bourne Again Shell (Bash). You can change your default shell if you prefer, for example, set it to the Z shell or C shell.

3. System Accounts

The operating system creates system accounts during its installation. System accounts are used for running operating system components but do not run with superuser privileges.

Most system accounts have their user identifiers in the range of 1 to 99, as a rule of thumb, two digits. In some cases, system accounts have three-digit UIDs between the numbers 500 and 999.

An example of a system account is the Apache web server, which has the UID and GID number 48.

System accounts don’t have a dedicated home directory nor do they have a shell, because there is never a need for login in their lifetime.

4. Service Accounts

Last but not least, let’s take a look at service accounts. Service accounts are a bit similar to system accounts: they are created whenever a service is installed onto your system.

For example, when you install a SQL server database, the system creates a corresponding account for managing activities related to the SQL server.

Just like system accounts, service accounts don’t have a home folder or a default shell. They are assigned /sbin/nologin to refuse logins.

Service accounts usually have a three-digit UID, between 100 and 999.

In some cases, service accounts may have a four-digit UID just like regular accounts.

Some prominent services that you will find on your system include systemd, GNOME Display Manager (GDM), CUPS printing service, etc.

User Accounts Are Key for Managing Users on Linux

There are four main user account types on Linux, and they are critical for managing users and the overall security of your system.

Since users are a key component of an operating system, every system administrator needs to learn how to manage users on Linux.

Источник