Linux offers versatile user/group structures. In this article, we will explore how to create and add users to a group.
Note: These instructions work when using Red Hat Enterprise Linux, Fedora, and CentOS. They have also been verified on Fedora.
Users
In Linux, every process has an associated user, which tells you who initiated the process. Every file/directory is owned by a user and a group. Users who are associated with a file/directory can tell which user has access to that file and what they can do with it. A user who is associated with a process determines what that process can access.
Groups
Groups are collections of users. Groups determine the specific access rights users have to files, directories, and processes. As shown below, a user can be part of more than one group at a given time.
To see what user you are logged in as and what groups you are in, run the id
command:
For example, uid=1000(kkulkarn)
shows that I am logged in as kkulkarn
(my username) and my user id is 1000
.
gid=1000(kkulkarn)
tells what primary group I am in, and groups=...
tells what other groups I am in. These other groups are known as supplementary groups.
Creating a user
Run the command shown below to create the user alice
. sudo
is required as a prefix if you get a Permission denied
error.
Since we did not set a password when we created the user alice, to switch users and become alice, we need to run following command:
sudo passwd alice
It will prompt: New password
and Retype new password
. I set the password as demo,
and the system responded: BAD PASSWORD
because it is too short and therefore vulnerable to attacks. But I continued, and the password was set; here is the following message output:
passwd: all authentication tokens updated successfully.
Now let’s switch to the new user, alice, by using su - alice,
as shown below. Enter the password demo
when prompted.
As you can see, the prompt shows that now we are working as alice@localhost.
Check pwd
(the present working directory) and you will see we are in the home
directory for the user alice.
Note: To use sudo,
you need to be part of a supplementary group called wheel
; otherwise you may see an error: <username> is not in sudoers file. This incident will be reported
:
Here’s how to fix that situation.
How to add alice to the group ‘wheel’ to give sudo access
Run:
id alice
and you will see the following output:
That tells us what primary and supplementary groups alice is part of.
Let’s modify alice to be part of group wheel
using the following command:
Using the command usermod
and options -aG,
tells the system to add alice to the supplementary group wheel
. Note that the usermod
command will not show any output if you run it correctly. If you then run id alice
, you should see this output:
Since alice is now part of the group wheel
, we can switch the user to alice, and she should be able to create the directory dir1
as sudo user:
If you run ls -la
, you can see that dir1
has both the user and the group as root
user, as we ran mkdir
command as sudo
user. But if you run it without sudo
, dir1
would be owned by the user
and the group alice
.alice
Now that you've seen a user and a group in Linux, how do you create a user and modify it to add it to a group? The last thing you might want to do is delete the user you created for this demo. I won’t explain how to do that, but I will leave you with the commands below; run it and see the output yourself:
id alice
sudo userdel -r alice
id alice
For more information, check the help for these commands by using the --help or -h option, or run man
to
2 Comments