Linux is a multi-user environment. Not only does it mean you can have multiple accounts on a single system, but it also means multiple users can be logged in at the same time. You can have a user on the desktop, and users logging in via SSH or FTP.
As an administrator of Linux, you're going to need to know how to manage users on servers and desktops. You might have to add a new user to a system or create a new group and add users to it for more efficient permission/ownership management. Either way, it's important that you understand how to take care of this task from the command line. Although there are certainly GUI tools that make the process easier, when you remote login to your Rocky Linux servers, you might not have access to a GUI (or the server is headless, so there is no GUI to be had).
Either way, the command line is your friend, and managing users and groups isn't nearly as hard as you might think.
Let's examine these two tasks so you can see just how easy it is.
Adding and managing Linux users from the command line
The first thing we're going to do is add a new user from the command line. Even better, we're going to add the user so that they will be forced to set a new password upon their first (or next) login.
First, let's add a new user named olivia with the command:
sudo useradd olivia
This will not only create the user olivia but will also create /home/olivia, where all the user's data will be stored.
The next step is to add a password for the user, which is done with the command:
sudo passwd olivia
You will be required to type and verify a new password for the user.
This, of course, is problematic, as you would know the password for every user on your system. That may not be a liability you want to deal with. In other words, you'll want to force the new user to change the default password when they first log in. For example, you might set the user's initial password to p@$$w0rd. You certainly don't want to allow that user to keep that password, so you can force them to change it by expiring the password with the command:
sudo passwd --expire olivia
The above command will expire their password. Upon the user's first (or next) login, they'll be required to type the initial password and then set a new one.
To delete that user from your system, issue the command:
sudo userdel olivia
The above command will remove the user but leave behind their home directory (and the files within). If you want to remove the files and directory, you'd add the -r option like this:
sudo userdel -r olivia
Remember to substitute the username you want to delete.
Adding groups from the command line
Groups come in very handy, as they make it possible for you to manage access to files, folders, and even system accounts. For example, you might have the /data directory, and you want to be able to give certain users full read/write access to it. Instead of trying to accomplish that on a per-user basis, why not create a group and then add users to the group?
Let's walk you through that.
First, create the directory with:
sudo mkdir /data
Now, let's create a group called editors with the command:
sudo groupadd editors
Next, let's give the editors group ownership of the /data directory with:
sudo chown -R :editors /data
Using R is recursive, which means it applies the changes not just to the current directory but all child directories (and the files contained within).
Now, we'll give the group read/write access to /data with:
sudo chmod -R g+rw /data
Add olivia to the editors group with the command:
sudo usermod -aG editors olivia
An explanation of the options:
- a - append the new group to the list of groups already associated with the user.
- G - what follows is a group (or list of groups) to be added to the user.
If the user is already logged in, they'll need to log out and log back in for the changes to take effect. Once the user successfully logs in, they'll be able to access the /data directory with both read and write permissions.
To remove olivia from the editors group, the command would be:
sudo gpasswd -d olivia editors
Notice the group and username is reversed in the two commands.
Once you've removed olivia from the editors group, the user will no longer have write access to the directory.
And that's how easy it is to add users and groups from the command line in Rocky Linux. Consider this a must-know admin task that you'll use on almost every server you manage.