Managing Users in Linux: A Practical Guide for Beginners

Learn how to add, delete, and manage users using simple Linux commands

📜 Brief History

• Origin: The useradd, usermod, and userdel commands originate from UNIX System V (SVR4) and were later adopted into Linux distributions via the Shadow Suite (shadow-utils).

• Linux History:

  • First widely seen in early Linux distributions like Slackware (1993) and Red Hat Linux (1995).

  • Became a standard part of Linux account management tools, particularly when the /etc/shadow system (for storing encrypted passwords securely) became popular.

• Maintainer: Now maintained as part of the shadow-utils package, used in most Debian, Ubuntu, Red Hat, CentOS, Fedora, etc.

---

👤 Add User with useradd

The useradd command is a low-level command-line utility used to create new user accounts on Unix and Linux systems.

✅ What useradd Does:

• Requires Root Privileges: You must have root access (or use sudo) to run useradd, as creating or modifying user accounts is a privileged operation.

• Updates System Files: Adds entries to /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow.

• Creates a Home Directory: Automatically creates the user’s home directory (usually /home/username) if specified or enabled by default (with the -m flag).

• Creates a User Private Group: By default, also creates a group with the same name as the user.

• Sets UID, Shell, and Defaults: Assigns a unique user ID (UID), default shell (e.g., /bin/bash), and applies system-wide defaults from /etc/default/useradd.

• Handles Group Memberships: Can assign the user to one or more additional groups using the -G option.

💻 Usage

sudo useradd -m -s /bin/bash john

Explanation:

• -m: Create the user's home directory (e.g., /home/john)

• -s /bin/bash: Set the default shell to Bash

---

🛠️ Modify Users with usermod

The usermod command is a low-level command-line utility used to modify user accounts on Unix/Linux systems.

✅ What usermod Does:

• Root Privileges: You must have root privileges (or use sudo) to run usermod. Modifying user accounts is a privileged operation.

• ⚠️ Caution: Incorrect use of usermod can lock users out of their accounts or introduce security issues. Always double-check your changes before executing the command.

• Home Directory: Changing the home directory with usermod does not move existing user data unless used with the -m flag. Be cautious, as this can overwrite the new target directory if it already exists.

• Impact on Running Processes: Changing the UID (User ID) of a user while they have running processes can lead to unpredictable behavior. It's generally best to ensure the user is logged out before making such changes.

• Updates user-related entries in /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow.

💻 Usage

✏️ Rename the User john to johnny

sudo usermod -l johnny john

Explanation:

• -l, --login NEW_LOGIN: Changes the login name (username) from john to johnny.

• Note: This does not rename the home directory (you’ll need to move that manually if needed).

✏️ Optional: Rename the Home Directory Too

If you also want to rename the home directory and move contents:

sudo usermod -d /home/johnny -m johnny

• -d: New home directory path

• -m: Move the content from the old home to the new path

👥 ✏️Change the Primary Group of the User

sudo usermod -g marketing johnny

Explanation:

• -g, --gid GROUP: Sets the primary group of the user johnny to marketing.

👥 ✏️Add a User to Multiple Groups

sudo usermod -G developers,testers johnny

Explanation:

• -G, --groups GROUP1[,GROUP2...]: Sets the complete list of supplementary groups the user belongs to. Any groups the user was previously a member of that are not listed will be removed. Separate group names with commas.

👥 ✏️Add a User to a Supplementary Group (without removing existing ones)

sudo usermod -aG webmaster johnny

Explanation:

• -aG, --append: Adds the user to the specified supplementary group(s) without removing them from any existing ones.

• The group(s) must already exist.

• This is commonly used to grant additional access (e.g., to webmaster, developers, testers, etc.).

---

❌ Delete Users with userdel

The userdel command is a low-level utility used to delete existing user accounts on Unix/Linux systems.

✅ What userdel Does:

• Removes user entries from /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow.

• Optionally deletes the user's home directory (e.g., /home/alice) and mail spool (e.g., /var/mail/alice) when used with the -r flag.

• Does not remove manually created files owned by the user elsewhere on the system (e.g., files in /var/www, /tmp, etc.).

• Does not delete the user's primary group (the User Private Group), even if no other users are part of it.

• Fails if the user is currently logged in or has active processes (unless used with -f on some systems like Red Hat-based distros).

💻 Usage

sudo userdel -r johnny

Explanation:

• Delete the user johnny

• Remove his home directory and mail spool (if they exist)

---

🧾 Command Summary

Command Purpose Notes

---

useradd Add a new user Use -m, -s, -G for full setup

usermod Modify existing user accounts Rename, change groups/home directory

userdel Delete a user account Use -r to remove home and mail spool

🔍 Verify Changes

After making changes, you can verify them using:

You can verify changes with commands like id johnny, groups johnny, and getent passwd johnny.

id johnny
groups johnny
getent passwd johnny