- Managing users is a critical aspect of server management.
- In Ubuntu, the root user is disabled for safety.
- Management tasks requiring root access can be completed by using the sudo command by a user who is in the “admin” group.
- When you create a user during installation, that user is added automatically to the admin group.
Adding and deleting users
To add a user:
sudo adduser username
The image below shows the next part of the command.
To delete a user (will retain the home directory):
Install the package:
sudo apt-get install unattended-upgrades
To disable a user:
sudo passwd -l username
To enable a user:
sudo passwd -u username
Creating and deleting groups
To create a group:
sudo addgroup groupname
To delete a group:
sudo delgroup groupname
To add a user to a group:
sudo adduser username groupname
By default, all new home directories can be accessed by everyone. You can enforce non-default access rights to new home directories by editing /etc/ adduser.conf:
Change “DIRMODE=0755”to “DIRMODE=0750”
The contents of this directory are modelled after the contents of /etc/skel.
You can enforce strong user passwords by editing the password policy file /etc/pam.d/common-password.
For example, if you want to enforce a password with minimum 8 characters and maximum 14 characters, edit the password line to look like this:
password required pam_unix.so nullok obscure min=8 max=14 md5
To see the password expiry value for a user, use the “chage” command:
The chage tool is for changing password expiration date.
sudo chage -l username
To make changes:
sudo chage username