Working as root makes it simpler but easily huge damages to the system could occur. So create a user and work when possible as user. A user belongs to a primary group and optionally to supplementary groups. Devices and demons are also defined as users and groups.

User account

useradd -m -G users,wheel,audio -s /bin/bash<username>

Creates the user account and its home directory where the files .bash_logout .bash_profile .bashrc and the empty directory .ssh get created.

It uses the file /etc/default/useradd for the defaults. However it also uses settings in /etc/login.defs that contains PASS_MAX_DAYS the maximum number of days a password may be used.

It also assigns a unique number to the user and assigns numbers for its belonging groups.

passwd <username> sets a password

Over time a lot of other directories and files are created in the user account. Most of them are hidden and start therefore with a . character. Some of them can be considered as garbage from no more installed programs or can even contain outdated incompatible data that might cause problems.

To delete a user userdel <username> or the same but including its data userdel -r <username>

User definition

/etc/passwd contains list of users

<user>:<password>:<UID>:<GID>:<comment>:<Home directory>:<Shell>

GID Group ID is the primary group of the user, if the user creates a file, then this is the group id given to the file.

  1. root =0

  2. system=1-99

  3. users=100

  4. own groups=101….


  1. root=0

  2. daemons=1-499 (daemons are programs running in background)

  3. users=500…

A file belongs to an owner and a group.


Users have numbers (UID). Not the user name but the UID is stored with files and directories. If you share data between computers make sure that your user has on all computers the same UID! The same applies for the primary GID.

In the past the passwords were in this file but now it contains just an x since /etc/passwd is to easy accessible and creates therefore a security risk, so the passwords got moved to /etc/shadow accessible just by root. See man 5 shadow. The file contains additional data defining as expiration date of a password.

Password * means nobody can log in. Nothing means no password and you will get prompted for one when you log in next time.

chown -R<my name> /home/<my name> to fix the user name.

Group definition

groups shows where a user belongs to.

usermod -a -G <group> <username> adds a user to a group.

For the groups /etc/group contains the configuration:

<group name>:<password>:<GID>:<list of users>

groups have a password and a group id. The password is usually not used it allowed users to add themselves to other groups knowing the password. This now commonly done by the administrator having root privileges.

Users belong to primary group but can also belong to a supplementary group. Users using this group as supplementary group are added here as well.

The supplementary groups are where the user has access rights, but just the primary group /etc/passwd is the group where files and directories are created. There are different philosophies how groups are assigned:

  1. every user has as primary group the group: users

  2. every user has as primary group a group with the same name as the <username> and has the secondary group: users

The first method is more open. Sensitive data should be kept in encrypted directories (as encfs).

The second method that has become the default is more restrictive and can block easily file read access between the users. /etc/login.defs sets this behavior when it contains


Manually changing the user number and group number afterwards is possible but obviously not the standard way to go. usermod is the way.

chgrp -R <primary group name = username> /home/<username> will assign to all files in the user accounts the group ownership

Resetting Linux passwords

Passwords can be reset by using a liveCD or mount the physical hard disk on an other computer and delete the passwords in /etc/shadow

Just make the password field empty since this means no password and next time you will be prompted to add a new password.

So change

root:<Some sting>:<some number>:0:::::


root::<some number>:0:::::

Resetting Windows Passwords

Maybe this is not necessary since Linux can read the Window disk (if not encrypted).

fdisk -l shows the disks

The disk must be writable so ntfs-3g /dev/sd<nm> /mnt/windows and repeat this for all the partitions.

cd <...>/Windows/System32/config

chntpw -l SAM shows all Windows users

chntpw -u <username> SAM modifies the user information as clearing the password and unlock the account

Working with different computers

Multiple computers on a network exchange usually files between them. To keep it simple make sure that:

  1. the user number assignments UID is consistent between the computers

  2. the primary group number assignment GID is consistent between the computers.

The numbers are more important than the names, since they are stored with the individual files. The names are just defined in /etc/passwd and /etc/group.

To fix the ownership edit /etc/passwd and /etc/group or use a tool for it.

For people that like it complicated NIS (Network information service) is used to coordinate user accounts and group data over a network.

Commands and behavior

/etc/login.defs contains behavior data of login as timeouts, retries, …

passwd is the command to change the password. passwd<username> can be used by root to reset/set a user password.

groups show groups where I’m member

groupadd creates new group

useradd -m -G users<username> Adds a new user

usrmod modifies a user

userdel deletes a user

grpmodmodifies a group

groupdel deletes a group

id<username> shows UID and to what group <username> belongs. id does the same with the current user

chown change file owner. The following command sets the <username> to all files in the users home directory: chown -R<username> /home/<username>

chgrp change the primary group ownership. The following command sets the <primarygroup> to all files in the home directory: chgrp -R <primarygroup> /home/<username>. In case <primarygroup> is the same string as <username> the command is chgrp -R <username> /home/<username>

Linurs Hosttech startpage