Master Linux User Management: Create, Modify, and Delete Users via CLI

Linux User and Creation

User Types

Superuser (root)

Highest‑privilege account (uid: 0). The uid is the user’s identifier recognized by the system.

Regular User

Limited‑privilege accounts (uid: 1000‑60000).

System/User for Programs

Accounts used by programs, not for human login (uid: 1‑999).

Each user must belong to a primary group; additional groups are optional and can be multiple.

User Account Management

File Locations

/etc/passwd stores usernames, home directories, login shells, and basic information.

# ls /etc/passwd
/etc/passwd
# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
... (other system entries) ...
asdjkl:x:1000:1000:asdjkl:/home/asdjkl:/bin/bash

Fields in each line are: username, password placeholder, uid, gid, comment, home directory, login shell.

Use man 5 passwd for detailed format.

/etc/shadow stores encrypted passwords.

# head /etc/shadow
root:$6$1ErSmgzZVaTclNcr$TMSjtWrgcZXeE1lo2.SQyrRK4M.GKe/...::0:99999:7:::
... (other entries) ...

Adding Users

useradd command

Create a new user and set its attributes.

useradd -u 1234 -s /sbin/nologin -M aa   # uid 1234, shell /sbin/nologin, no home dir

Options:

-u: specify UID (must be unused)

-d: set home directory (ignored with -M)

-e: set account expiration date (YYYY‑MM‑DD)

-g: primary group name or GID

-G: supplementary groups

-M: do not create home directory

-s: login shell

Examples:

# useradd -u 1234 a
# cat /etc/passwd | grep a
a:x:1234:1234:/home/a:/bin/bash

# useradd -d /etc/data aa
# cat /etc/passwd | grep aa
aa:x:1001:1001:/etc/data:/bin/bash

# useradd -g asdjkl kk
# cat /etc/passwd | grep kk
kk:x:1236:1000:/home/kk:/bin/bash

Password Management

passwd command

Set or modify a user’s password.

# passwd asdjkl
Enter new password:
Retype new password:
passwd: all authentication tokens updated successfully.

Options:

-d: delete the password (login without a password)

-l: lock the account

-u: unlock the account

-S: display account status

# passwd -d qq
Password for qq removed.
passwd: operation successful

# passwd -l qq
Password for qq locked.
passwd: operation successful

# passwd -S qq
qq LK 2024-04-08 0 99999 7 -1 (Password locked)

# passwd -u qq
Password for qq unlocked.
passwd: operation successful

# passwd -S qq
qq PS 2024-04-08 0 99999 7 -1 (Password set, SHA512)

Modifying User Accounts

usermod command

Change existing user attributes.

usermod [options] username
-l   Change login name
-L   Lock account
-u   Change UID
-U   Unlock account
-d   Change home directory
-e   Set expiration date (YYYY‑MM‑DD)
-g   Change primary group
-G   Change supplementary groups
-s   Change login shell

Deleting Users

userdel command

Remove a user account.

# userdel qq          # removes account but keeps home directory
# userdel -r qq       # removes account and its home directory