Learn Linux User Management: Complete Guide

Q: What is the difference between a system user and a regular user?

System users (UID < 1000) are used for services and daemons. They typically have no login shell and no home directory. Regular users (UID ≥ 1000) are for human users.

Q: How do I list all users on the system?

cat /etc/passwd or getent passwd. For a cleaner list: cut -d: -f1 /etc/passwd.

Q: What is the root user?

The superuser with UID 0. Root has unrestricted access to the entire system. Never use root for daily tasks — use a regular user with sudo.

Q: How do I prevent a user from logging in?

Set their shell to /usr/sbin/nologin or /bin/false, or lock the account with usermod -L.

Linux Administration

Linux User Management: Complete Guide

DodaTech Updated Jun 19, 2026 6 min read

Linux user management is the practice of creating, modifying, and removing user accounts and groups on a Linux system — the foundation of access control, security, and accountability on any multi-user server.

What You’ll Learn

Creating and managing users with useradd, usermod, and userdel
Managing groups with groupadd and groupmod
Setting passwords with passwd and password aging with chage
Configuring sudo access via /etc/sudoers
Understanding /etc/passwd, /etc/shadow, and /etc/group files
Locking and unlocking accounts

Why User Management Matters

Every process on Linux runs as a user. If that user has too many permissions, a compromised process can destroy the system. Proper user management ensures the Principle of Least Privilege — each user and service gets exactly the permissions it needs, nothing more.

Durga Antivirus Pro creates dedicated system users for its scanning daemon, update service, and web dashboard, each with minimal permissions.

Learning Path

    flowchart LR
  A[Linux Basics] --> B[User Management<br/>You are here]
  B --> C[Permissions & ACLs]
  C --> D[Sudoers & PAM]
  D --> E[Security Hardening]
  style B fill:#f90,color:#fff

/etc/passwd, /etc/shadow, /etc/group

These three files store all user and group information:

/etc/passwd

Each line: username:password:UID:GID:comment:home:shell

alice:x:1001:1001:Alice Smith:/home/alice:/bin/bash
bob:x:1002:1002:Bob Jones:/home/bob:/bin/bash
www-data:x:33:33:Web Server:/var/www:/usr/sbin/nologin

x means the password hash is stored in /etc/shadow
UID 0 is root. System users (UID 1-999). Regular users (UID 1000+)
Shell /usr/sbin/nologin prevents login (used for service accounts)

/etc/shadow

alice:$y$j9T$...hash...:19876:0:99999:7:::

Format: username:password_hash:last_change:min_age:max_age:warn:inactive:expire

! before hash means locked account
* means no login allowed

/etc/group

developers:x:1003:alice,bob

Creating Users

# Basic user creation
sudo useradd alice

# Better: create with full details
sudo useradd -m -d /home/alice -s /bin/bash -c "Alice Smith" alice

# Set password immediately
sudo passwd alice

# Create with specific UID and groups
sudo useradd -u 1050 -G developers,www-data -m bob

# System user (no login, no home dir)
sudo useradd -r -s /usr/sbin/nologin scannerd

Expected output for `passwd`

New password:
Retype new password:
passwd: password updated successfully

Verify user creation:

id alice

Expected output:

uid=1001(alice) gid=1001(alice) groups=1001(alice),1003(developers)

Modifying Users

# Change shell
sudo usermod -s /bin/zsh alice

# Add user to supplementary group
sudo usermod -aG docker alice   # -aG appends, don't forget -a

# Change home directory
sudo usermod -d /new/home -m alice

# Change user's UID
sudo usermod -u 2000 alice

# Change user's primary group
sudo usermod -g developers alice

# Lock account (disable login)
sudo usermod -L alice

# Unlock account
sudo usermod -U alice

# Expire account immediately (forces password change on next login)
sudo chage -d 0 alice

Password Aging with chage

# View password aging info
sudo chage -l alice

# Force password change every 90 days
sudo chage -M 90 alice

# Warn user 7 days before expiration
sudo chage -W 7 alice

# Set account to expire on a specific date
sudo chage -E 2027-01-01 alice

# Disable password aging
sudo chage -M -1 alice

Expected chage -l alice output:

Last password change                                    : Jun 19, 2026
Password expires                                        : Sep 17, 2026
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7

Deleting Users

# Delete user (keep home directory)
sudo userdel alice

# Delete user and home directory, mail spool
sudo userdel -r alice

# Force removal even if user is logged in
sudo userdel -f alice

Group Management

# Create a group
sudo groupadd developers

# Create with specific GID
sudo groupadd -g 1500 developers

# Add user to group (primary)
sudo usermod -g developers alice

# Add user to group (supplementary)
sudo usermod -aG developers alice

# Remove user from group
sudo gpasswd -d alice developers

# Delete group
sudo groupdel developers

Sudoers Configuration

The /etc/sudoers file controls who can run commands as root:

# Always edit with visudo (validates syntax)
sudo visudo

# /etc/sudoers
# User privilege specification
root    ALL=(ALL:ALL) ALL

# Allow alice to run any command with sudo
alice   ALL=(ALL:ALL) ALL

# Allow bob to run only specific commands
bob     ALL=(ALL) /usr/bin/systemctl, /usr/bin/journalctl

# Allow developers group to run any command
%developers ALL=(ALL:ALL) ALL

# Allow web team to restart nginx without password
%webteam ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart nginx

For complex configurations, use a drop-in file:

# /etc/sudoers.d/deploy
deploy ALL=(ALL) NOPASSWD: /usr/bin/systemctl restart myapp

Common Errors

1. Forgetting -a with usermod -G

usermod -G group user replaces all supplementary groups with just that one. Always use -aG to append.

2. Creating Users Without Home Directories

Users created without -m have no home directory. Many applications fail. Use useradd -m by default.

3. Editing /etc/sudoers Directly

A syntax error in sudoers can lock you out. Always use visudo, which validates syntax before saving.

4. Duplicate UIDs

Two users with the same UID are treated as the same user by the system. Check id -u before creating.

5. Not Locking Departed Users

When someone leaves, lock their account immediately: usermod -L username. Don’t just delete — preserve access logs for auditing.

6. Using Weak Passwords

Enforce password complexity with pam_pwquality.so and password aging with chage.

Practice Questions

What command creates a new user with a home directory and bash shell? sudo useradd -m -s /bin/bash username
What file stores encrypted passwords? /etc/shadow. /etc/passwd stores the user database, but password hashes are in shadow.
How do you grant a user sudo access? Add them to sudoers with visudo, or add them to the sudo group: usermod -aG sudo username.
What does usermod -L do? Locks the user account by adding ! before the password hash in /etc/shadow.
What is the UID range for regular users on most Linux distributions? 1000-60000. UIDs 0-999 are reserved for system accounts.

Challenge: Create a production-grade user management script that: (1) creates a new user with home directory and bash shell, (2) sets a password with 90-day expiry, (3) adds the user to the appropriate groups, (4) grants sudo access for specific commands only, (5) sets up SSH key authentication. Test each step.

FAQ

What is the difference between a system user and a regular user?

System users (UID < 1000) are used for services and daemons. They typically have no login shell and no home directory. Regular users (UID ≥ 1000) are for human users.

How do I list all users on the system?

cat /etc/passwd or getent passwd. For a cleaner list: cut -d: -f1 /etc/passwd.

What is the root user?

The superuser with UID 0. Root has unrestricted access to the entire system. Never use root for daily tasks — use a regular user with sudo.

How do I prevent a user from logging in?

Set their shell to /usr/sbin/nologin or /bin/false, or lock the account with usermod -L.

How do I see who is currently logged in?

Use who, w, or last commands.

What’s Next

Tutorial	What You’ll Learn
Linux Administration Basics	Foundational Linux administration skills
Systemd Service Management	Managing services that run under dedicated users
Cron Job Scheduling	Scheduled tasks and automation

Built by the developers of Doda Browser, DodaZIP, and Durga Antivirus Pro. Updated 2026-06-19.

Previous Linux System Administration — Users, Services, and Monitoring Next Linux Package Management — apt, yum, dnf, and pacman Guide

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro

Home Browse Linux Administration