Ubuntu User Accounts
Introduction
User account management is a fundamental aspect of any operating system, and Ubuntu is no exception. In multi-user environments like Ubuntu, understanding how user accounts work is essential for system security, resource sharing, and maintaining a well-organized computing environment.
In this guide, we'll explore everything you need to know about Ubuntu user accounts - from creating and managing users to understanding the underlying permission structure that keeps the system secure and organized.
Understanding Users and Groups in Ubuntu
The Concept of Users
In Ubuntu (and other Linux distributions), a user is an entity that can interact with the system and own files. Each user has:
- A unique username
- A unique numeric user ID (UID)
- A home directory (typically
/home/username) - A login shell
- Password authentication
- Membership in one or more groups
The Concept of Groups
Groups in Ubuntu are collections of users that share similar access permissions. Key points about groups:
- Each group has a unique name and group ID (GID)
- Every user belongs to at least one group (their primary group)
- Users can belong to multiple groups
- Groups simplify permission management for multiple users
Let's visualize the relationship:
Types of User Accounts in Ubuntu
Ubuntu has three main types of user accounts:
- Root User: The superuser (UID 0) with unlimited privileges
- System Users: Created by the system for running services
- Regular Users: Normal user accounts for people using the system
Viewing Existing Users and Groups
Listing Users
To see all users on your system:
cat /etc/passwd
Output example:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
...
ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash
For a cleaner list of just usernames:
cut -d: -f1 /etc/passwd
Output example:
root
daemon
bin
...
ubuntu
Listing Groups
To see all groups:
cat /etc/group
Output example:
root:x:0:
daemon:x:1:
bin:x:2:
...
ubuntu:x:1000:
To check which groups a specific user belongs to:
groups username
Output example:
ubuntu : ubuntu adm cdrom sudo dip plugdev lpadmin sambashare
Creating User Accounts
Using adduser (Recommended for Beginners)
The adduser command provides an interactive way to create users:
sudo adduser newusername
Output example:
Adding user `newusername' ...
Adding new group `newusername' (1001) ...
Adding new user `newusername' (1001) with group `newusername' ...
Creating home directory `/home/newusername' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for newusername
Enter the new value, or press ENTER for the default
Full Name []: New User
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y
Using useradd (More Control, Less Interactive)
The useradd command gives more control but requires more specific parameters:
sudo useradd -m -s /bin/bash -G sudo,adm newusername
sudo passwd newusername
In this command:
-mcreates a home directory-s /bin/bashsets the default shell-G sudo,admadds the user to the sudo and adm groups
Managing User Accounts
Modifying User Properties
To modify existing user properties, use the usermod command:
# Add a user to a group
sudo usermod -aG groupname username
# Change a user's shell
sudo usermod -s /bin/zsh username
# Change a user's home directory
sudo usermod -d /newhome/username username
Changing Passwords
Users can change their own passwords:
passwd
Administrators can change any user's password:
sudo passwd username
Deleting Users
To remove a user account:
# Keep the home directory
sudo deluser username
# Remove the home directory as well
sudo deluser --remove-home username
# Remove all user files across the system
sudo deluser --remove-all-files username
User Permissions and Ownership
Understanding File Permissions
In Ubuntu, every file and directory has three permission sets:
- Owner permissions
- Group permissions
- Other (everyone else) permissions
Each set can have read (r), write (w), and execute (x) permissions.
To view permissions:
ls -l filename
Output example:
-rw-rw-r-- 1 ubuntu ubuntu 1234 Apr 15 14:30 example.txt
Breaking this down:
-rw-rw-r--: Permissions string- First character
-indicates a regular file - Next three characters
rw-are owner permissions (read, write, no execute) - Next three characters
rw-are group permissions (read, write, no execute) - Last three characters
r--are other permissions (read only)
- First character
ubuntu ubuntu: Owner and group names1234: File size in bytesApr 15 14:30: Last modification dateexample.txt: Filename
Changing Permissions
To modify file permissions:
# Using symbolic notation
chmod u+x filename # Add execute permission for owner
chmod g-w filename # Remove write permission for group
chmod o=r filename # Set other permissions to read-only
# Using numeric notation
chmod 755 filename # rwxr-xr-x
chmod 644 filename # rw-r--r--
Changing Ownership
To change file ownership:
# Change owner
sudo chown newowner filename
# Change group
sudo chgrp newgroup filename
# Change both owner and group
sudo chown newowner:newgroup filename
Sudo and Administrative Privileges
Understanding Sudo
The sudo command allows regular users to execute commands with administrative (root) privileges.
sudo command
When you run a command with sudo, the system will:
- Ask for your password
- Check if you're in the sudo group
- Execute the command with elevated privileges if authorized
Adding a User to Sudo Group
To give a user sudo privileges:
sudo usermod -aG sudo username
Configuring Sudo Settings
Sudo's behavior is controlled by the /etc/sudoers file. Always edit this file using:
sudo visudo
Example of granting specific permissions:
# Allow user to run apt commands without password
username ALL=(ALL) NOPASSWD:/usr/bin/apt
Working with the Root User
Root Account in Ubuntu
By default, the root account in Ubuntu has no password set, which means direct login is disabled. Instead, Ubuntu encourages using sudo for administrative tasks.
Switching to Root (Not Recommended for Regular Use)
If you need a root shell temporarily:
sudo -i
This will give you a root shell after entering your password.
Enabling/Disabling the Root Account
To enable direct root login (not recommended):
sudo passwd root
To disable it again:
sudo passwd -l root
Multi-User Best Practices
When managing a system with multiple users, follow these best practices:
- Principle of Least Privilege: Give users only the permissions they need
- Regular Audits: Periodically review user accounts and remove unused ones
- Strong Passwords: Enforce strong password policies
- Group Organization: Create logical groups based on roles or departments
- Shared Directories: Use group permissions for collaboration spaces
Creating Shared Directories
# Create a shared directory
sudo mkdir /shared/projects
# Set appropriate ownership and permissions
sudo chown root:developers /shared/projects
sudo chmod 2775 /shared/projects
In this example:
- The
developersgroup owns the directory - The permissions
2775include the SGID bit (2) which makes new files inherit the directory's group
User Management GUI
Ubuntu Desktop provides a graphical interface for user management:
- Open "Settings"
- Select "Users"
- Click the "Unlock" button and enter your password
- Use the interface to add, remove, or modify user accounts
Summary
Managing user accounts in Ubuntu is a foundational skill that enables secure multi-user environments. We've covered:
- Understanding the concept of users and groups
- Creating, modifying, and deleting user accounts
- Managing permissions and ownership
- Using sudo for administrative tasks
- Best practices for multi-user systems
By mastering these concepts, you'll be able to manage Ubuntu systems efficiently while maintaining proper security.
Exercises
- Create a new user account and add it to the sudo group.
- Create a shared directory for a group of users with appropriate permissions.
- Modify file permissions to allow a specific group to edit a file, but others only to read it.
- Find all files owned by a specific user using the
findcommand. - Create a new group and add several users to it.
Additional Resources
- Ubuntu Community Help Wiki: Users and Groups
- Ubuntu Server Guide: User Management
- The
manpages for commands likeadduser,usermod,chmod, andchown - Run
man 5 passwdandman 5 groupto learn about user and group file formats
If you spot any mistakes on this website, please let me know at [email protected]. I’d greatly appreciate your feedback! :)