User Account Management in Linux
User Account Management in Linux

User Account Management in Linux

No comments

User Account Management RHCSA – In Linux, everything is represented by a file, all files are associated with a user. All users belong to a group with the

Today in this article about account management I will try to explain how Red Hat manages the users and group creation and management.

For instance, on Linux everything is represented by a file, all files are associated with a user. All users belong to a group with the same name as the username of the user, one user can be in many groups.

We have three different ways to create users by manually editing system files and using command line tools like useradd the last way is from GUI.

Users home directories are located at /home/username and are created automatically based on a skeleton located at /etc/skel .

RHCSA Exams Topics

  • User Account Management
  • Administrative Control
  • User and Shell Configuration
  • Users and Network Authentication
  • Special Groups

Account Management – Actions

In this mini tutorial, I will cover some basic actions on Linux Systems related to user management, as a system administrator there are some basic actions we can make like create, delete and modify users. You can check all options using the man command (man useradd).

  • useradd – Create User
  • userdel – Delete User
  • usermod – Modify User Account
  • passwd – Define User Password
  • User Configs & Home Directory

Account Management – Types of Users

Linux systems have three basic types of user accounts each one of them has a UID range associated with it. We will learn how to verify and change user UIDs on our system.

Root User

The root user is created when the system is installed, this user has the UID equal to Zero (0) and has permissions to access all services and files on the system. For instance, keep this account secure and avoid sharing the root password with anyone.

System Accounts

These types of accounts are used by system services like apache, mysql, squid, or email service They have UIDs between 1 and 999.

Regular Accounts

Regular accounts are users with limited permissions defined by the system administrator to execute standard procedures the UID range associated with them is between 1000 and 65535.

User TypeUID RangeDescription
root0
system1-999
regular+1000

System Accounts vs. Service Accounts

System accounts and service accounts are both important components of user management in an operating system, but they serve different purposes.

System accounts are created during the installation of the operating system and are used to manage essential system processes and services. These accounts have specific roles and are typically used by system daemons and processes to perform various system-related tasks. System accounts, such as root (superuser), bin, daemon, sys, adm, etc., have predefined functions and privileges that allow them to perform critical system operations.

On the other hand, service accounts are created for specific applications or services running on the system. These accounts are used to isolate and control access to resources required by the respective services. Service accounts are used to run background services, such as database servers, web servers, email servers, or any other applications that require their own dedicated accounts for security and access control.

The primary difference between system accounts and service accounts lies in their purposes and privileges. System accounts have broader and more elevated privileges to manage the overall system, while service accounts are created to provide restricted access and control for particular services or applications.

When managing system accounts and service accounts, it is crucial to follow best practices such as assigning appropriate permissions, implementing strong passwords, regularly reviewing and auditing account access, and adhering to the principle of least privilege to ensure the security and integrity of the system.

User Management – Create User

To create a new user on Linux we have two options, use the default options specified on /etc/skel directory and /etc/default/useradd or pass the specific configuration as a parameter to the useradd command. Before starting to add users to the system check all parameters with #man useradd command.

Create a user with the default options based on /etc/skel file properties.

# useradd poplab

Here we are passing the basic parameters to useradd command, -U creates a group with the same name as the user, -m creates the home directory for the user based on /etc/skel file rules, and last he -s /bin/bash attach the bash shell to the user permitting remote logins.

# useradd -D -U -m -s /bin/bash poplab

RHCSA Add User to Group

After creating a new user most of time we need to add it to a group or many groups, remember the parameter -a (Append).

# usermod -aG security,wheel poplab

RHCSA Define User Password

To define a username password we have the passwd command

# passwd poplab

RHCSA Delete User Account

If it is necessary to delete a user from the system, just run:

# userdel poplab

User Account Management – User Info Commands

Sometimes we need to troubleshoot or create a new specific account, being able to verify all account information related to a user or a file is a bonus.

Sometimes we ask a few questions ourselves in our daily work:

How to check the user and group ID?

Print logged user and user group IDs

# id
# id poplab

Verify all data about the ID command

# man id

How to check user information?

Display information about known users in the system
# lslogins

# lslogins poplab
  • /etc/passwd – User account information.
  • /etc/shadow – Secure user account information.
  • /home/username/.bashrc
  • /home/username/.bash_history
  • /home/username/.profile
  • /etc/default/useradd – Default values for account creation.
  • /etc/login.defs – Shadow password suite configuration.
  1. /home/username – User Home Directory
  2. /etc/skel/ – Directory Containing default files

In the context of the RHCSA (Red Hat Certified System Administrator) certification, knowledge of system accounts is essential. System accounts play a crucial role in managing user access and privileges on a Linux system.

Understanding system accounts is crucial for managing user access and securing the system. As an RHCSA, you should be familiar with creating and managing user accounts, assigning appropriate permissions, controlling user access, and understanding the role of system accounts.

It is also important to adhere to best practices, such as practicing the principle of least privilege and regularly reviewing and updating user and system account configurations for optimal security.

Test your Skills

Next Article – Red Hat Squid Proxy

Sources

Tagged with , , , , , ,

Leave a Reply