User

From Linux Shell Scripting Tutorial - A Beginner's handbook
Jump to navigation Jump to search

Linux is a multi-user and multi-tasking operating system. Users and groups are used on Linux for access control and resource control on the serve.

User account

A user is nothing but any person who uses a Linux server or computer. There are two types of users:

  • The root user (superuser) - Privileged user. The root full access to the Linux operating system and its configuration. The root user account must be used for administrative purpose only.
  • Normal or unprivileged users - All other users are normal or unprivileged. They can only log in and store data in their home directory but do not have full access to the Linux operating system and its configuration. Unprivileged users can use the su and sudo command for controlled privilege escalation if permitted by the root user.


How to see a list of all user on Linux

/etc/passwd contains one line for each user account, with seven fields delimited by colons (":"). Type the following cat command

cat /etc/passwd

Sample outputs:

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false
systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false
systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false
systemd-bus-proxy:x:103:105:systemd Bus Proxy,,,:/run/systemd:/bin/false
syslog:x:104:108::/home/syslog:/bin/false
messagebus:x:105:109::/var/run/dbus:/bin/false
_apt:x:106:65534::/nonexistent:/bin/false
uuidd:x:107:112::/run/uuidd:/bin/false
rtkit:x:108:113:RealtimeKit,,,:/proc:/bin/false
avahi-autoipd:x:109:114:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false
usbmux:x:110:46:usbmux daemon,,,:/var/lib/usbmux:/bin/false
dnsmasq:x:111:65534:dnsmasq,,,:/var/lib/misc:/bin/false
whoopsie:x:112:119::/nonexistent:/bin/false
kernoops:x:113:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false
speech-dispatcher:x:114:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/false
avahi:x:115:120:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
saned:x:116:122::/var/lib/saned:/bin/false
pulse:x:117:123:PulseAudio daemon,,,:/var/run/pulse:/bin/false
colord:x:118:125:colord colour management daemon,,,:/var/lib/colord:/bin/false
hplip:x:119:7:HPLIP system user,,,:/var/run/hplip:/bin/false
geoclue:x:120:126::/var/lib/geoclue:/bin/false
gdm:x:121:127:Gnome Display Manager:/var/lib/gdm3:/bin/false
vivek:x:1000:1000:vivek gite,,,:/home/vivek:/bin/bash
sshd:x:122:65534::/run/sshd:/usr/sbin/nologin
lxd:x:123:65534::/var/lib/lxd/:/bin/false
libvirt-qemu:x:64055:130:Libvirt Qemu,,,:/var/lib/libvirt:/bin/false
libvirt-dnsmasq:x:124:131:Libvirt Dnsmasq,,,:/var/lib/libvirt/dnsmasq:/bin/false
nm-openvpn:x:125:132:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/bin/false

Groups

Users may be grouped into a "group," and users may be added to an existing group to utilize the privileged access it grants or access common directories for reading and writing files.

How to see a list of all groups on Linux

The /etc/group file is a text file that defines the groups on the system. There is one entry per line. Type the following cat command

cat /etc/group

Sample outputs:

root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog,vivek
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:vivek
floppy:x:25:
tape:x:26:
sudo:x:27:vivek
audio:x:29:pulse
dip:x:30:vivek
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:vivek
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
systemd-journal:x:101:
systemd-timesync:x:102:
systemd-network:x:103:
systemd-resolve:x:104:
systemd-bus-proxy:x:105:
input:x:106:
crontab:x:107:
syslog:x:108:
messagebus:x:109:
netdev:x:110:
mlocate:x:111:
uuidd:x:112:
rtkit:x:113:
avahi-autoipd:x:114:
bluetooth:x:115:
ssl-cert:x:116:
ssh:x:117:
lpadmin:x:118:vivek
whoopsie:x:119:
avahi:x:120:
scanner:x:121:saned
saned:x:122:
pulse:x:123:
pulse-access:x:124:
colord:x:125:
geoclue:x:126:
gdm:x:127:
vivek:x:1000:
sambashare:x:128:vivek
lxd:x:129:vivek
kvm:x:130:
libvirt:x:131:vivek
libvirt-qemu:x:64055:libvirt-qemu
nm-openvpn:x:132:

Important files related to users and groups on Linux

  • /etc/passwd - User account information
  • /etc/shadow - Secure user account information including password
  • /etc/group - Defines the groups to which users belong
  • /etc/gshadow - Contains the shadowed information for group accounts
  • /etc/sudoers - List of users who can run what by sudo command
  • /home/* - Home directories for all users