5.1 Basic Security and Identifying User Types (Weight: 2)
📘Linux Essentials (LPI 010-160)
1. Root User
The root user is the most powerful account in a Linux system. It is also known as the superuser.
The root account has complete control over the entire system. It can perform any operation without restrictions.
Characteristics of the Root User
- User ID (UID) is 0
- Has full administrative privileges
- Can access all files and directories
- Can create, modify, and delete any file
- Can install or remove software
- Can manage users and groups
- Can control system services and processes
- Can modify system configuration
In Linux systems, many important administrative tasks require root privileges.
Examples of Tasks Performed by Root
In an IT environment, system administrators often use root privileges to:
- Install software packages
- Update the operating system
- Modify network configuration
- Add or remove users
- Change file permissions for system files
- Manage system services
- Configure security settings
Example command that requires root privileges:
apt install nginx
This command installs a web server package. Only root or a user with administrative privileges can perform this action.
Another example:
useradd student1
This command creates a new user account, which also requires administrative access.
Root Login and Security
Because root has complete control, using it carelessly can damage the system.
For example, the root user can:
- Delete critical system files
- Change security settings
- Stop important services
To reduce risk, administrators usually avoid logging in directly as root.
Instead, they use the sudo command.
Example:
sudo apt update
The sudo command temporarily allows a standard user to perform administrative tasks.
Advantages of using sudo:
- Better security
- Activity logging
- Reduced risk of mistakes
2. Standard Users (Regular Users)
A standard user is a normal user account created for everyday system usage.
These users have limited permissions compared to the root user.
Standard users cannot perform administrative tasks unless they are given permission.
Characteristics of Standard Users
- Used by people who operate the system
- Have limited access rights
- Cannot modify system files
- Cannot install system software (without permission)
- Can only access their own files
Each standard user has a home directory where personal files are stored.
Example:
/home/student1
Inside this directory, the user can:
- Create files
- Modify files
- Delete files
- Organize directories
But they cannot access sensitive system directories like:
/etc
/root
/boot
Example of Standard User Activity
In an IT environment, a standard user might:
- Log into a workstation
- Write documents
- Edit scripts
- Run applications
- Access shared resources
- Use development tools
Example command used by a standard user:
touch notes.txt
This creates a file inside the user’s directory.
If the same user tries to modify a system file:
nano /etc/passwd
The system will deny permission unless elevated privileges are used.
User IDs for Standard Users
In most Linux systems:
- Standard users usually start from UID 1000
Example:
student1 → UID 1000
student2 → UID 1001
These numbers help the system track permissions and ownership.
3. System Users
System users are special accounts created by the system or installed services.
These users are not meant for human login.
They exist so that services and applications can run securely.
Instead of running everything as root, Linux uses system users to limit the damage if a service is compromised.
Why System Users Are Important
If every service ran as root, a security vulnerability could give full system access to an attacker.
System users provide security isolation.
Each service runs under its own user account.
Examples of System Users
Many Linux services create their own system user.
Examples include:
- www-data → web servers
- mysql → database server
- mail → mail service
- daemon → background services
- nobody → minimal permission account
These accounts allow services to run with limited privileges.
Example in an IT Environment
Consider a web server such as Apache or Nginx.
The web server process runs as:
www-data
This means:
- The server can access website files
- It cannot modify system configuration files
- It cannot access other users’ data
If a website vulnerability occurs, the attacker only gains access to www-data privileges, not the entire system.
This protects the system from major damage.
System User ID Range
System users typically have lower UID numbers.
Common ranges:
0 → root
1–999 → system users
1000+ → standard users
These numbers may vary slightly depending on the Linux distribution.
Viewing Users in Linux
User accounts are stored in a system file:
/etc/passwd
You can view it using:
cat /etc/passwd
Example entry:
student1:x:1000:1000:Student User:/home/student1:/bin/bash
Explanation:
| Field | Meaning |
|---|---|
| student1 | Username |
| x | Password placeholder |
| 1000 | User ID (UID) |
| 1000 | Group ID (GID) |
| Student User | User description |
| /home/student1 | Home directory |
| /bin/bash | Default shell |
System users appear here as well.
Example:
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
Notice the shell:
/usr/sbin/nologin
This prevents interactive login.
Comparing Root, Standard, and System Users
| User Type | Purpose | Permissions | Login Capability |
|---|---|---|---|
| Root User | System administration | Full access | Yes |
| Standard User | Regular system usage | Limited access | Yes |
| System User | Run services and processes | Restricted | Usually No |
Security Best Practices
Understanding these user types is important for system security.
Common best practices include:
1. Avoid Using Root for Daily Tasks
Administrators should only use root when necessary.
2. Use sudo Instead of Root Login
This limits risks and records activity.
3. Use System Users for Services
Running services under dedicated accounts reduces security risks.
4. Apply Least Privilege Principle
Users should only have the permissions required for their tasks.
This prevents accidental or malicious changes to the system.
Key Points for the Linux Essentials Exam
You should remember the following:
- Linux uses different user types for security and access control.
- The root user has complete system control.
- Standard users are regular accounts with limited permissions.
- System users run services and applications.
- Root has UID 0.
- Standard users usually start at UID 1000.
- System users typically use lower UID values.
- User account information is stored in /etc/passwd.
- Many services run under dedicated system users to improve security.
- Administrators commonly use sudo instead of direct root login.
