5.2 Creating Users and Groups (Weight: 2)
📘Linux Essentials (LPI 010-160)
1. Understanding User IDs (UID)
In Linux, every user account is identified by a User ID (UID).
The UID is a unique number assigned to each user by the system.
Although users log in with a username, internally Linux uses the UID to identify the user.
Example
When a user named admin logs in, the system actually recognizes the user by a numeric ID such as:
UID: 1001
The username is mainly used for human readability, while the UID is used by the operating system.
2. Why User IDs Are Important
User IDs are essential because Linux uses them to:
- Identify users
- Control file ownership
- Manage permissions
- Track system processes
- Apply security rules
For example, if a user creates a file, the file is owned by the UID of that user.
You can check file ownership using:
ls -l
Example output:
-rw-r--r-- 1 admin admin 500 Mar 10 report.txt
Here:
adminis the file owner- The ownership internally corresponds to that user’s UID.
3. Types of User IDs
Linux divides UIDs into different ranges.
1. Root User
The root user is the system administrator.
UID: 0
Characteristics:
- Has full control over the system
- Can read, modify, or delete any file
- Can create or remove users
- Can install or remove software
Example command showing root:
id root
Output example:
uid=0(root) gid=0(root) groups=0(root)
2. System Users
System users are accounts used by services and background processes.
Typical UID range:
1 – 999
Examples:
daemon
syslog
www-data
mysql
These users:
- Run system services
- Usually cannot log in interactively
- Improve system security by isolating services
Example:
A web server service may run as user www-data.
3. Regular Users
Regular users are normal accounts created for people who use the system.
Typical UID range:
1000 and above
Example:
UID: 1000 -> first regular user
UID: 1001 -> second user
These users:
- Can log in to the system
- Have personal home directories
- Have limited permissions
Example home directory:
/home/alex
4. Viewing User IDs
You can view user IDs using several commands.
id command
Displays UID, group ID, and groups.
id username
Example:
id john
Output:
uid=1001(john) gid=1001(john) groups=1001(john)
whoami command
Shows the currently logged-in user.
whoami
Example output:
john
/etc/passwd file
Linux stores user information in:
/etc/passwd
Example entry:
john:x:1001:1001:John User:/home/john:/bin/bash
Field explanation:
| Field | Description |
|---|---|
| john | username |
| x | password stored in shadow file |
| 1001 | UID |
| 1001 | GID (primary group) |
| John User | comment field |
| /home/john | home directory |
| /bin/bash | login shell |
5. Password Management in Linux
Passwords protect user accounts from unauthorized access.
Linux stores password information securely and allows administrators to manage passwords.
Password management includes:
- Setting passwords
- Changing passwords
- Locking accounts
- Expiring passwords
- Enforcing password policies
6. Password Storage
Passwords are not stored in plain text.
They are stored as encrypted hashes.
Modern Linux systems store password hashes in:
/etc/shadow
Only the root user can read this file.
Example entry:
john:$6$Kds9sdf93k...:19400:0:99999:7:::
Fields include:
| Field | Description |
|---|---|
| username | account name |
| encrypted password | password hash |
| last password change | days since Jan 1, 1970 |
| minimum password age | minimum days before change |
| maximum password age | password expiration |
| warning period | warning before expiry |
| inactive period | account inactive time |
| expiration date | account expiration |
| reserved | future use |
7. Setting or Changing Passwords
Passwords are managed using the passwd command.
Changing your own password
passwd
The system asks for:
Current password
New password
Confirm password
Changing another user’s password (root only)
sudo passwd username
Example:
sudo passwd john
8. Password Locking and Unlocking
Administrators can lock or unlock user accounts.
Locking a user account
sudo passwd -l username
Example:
sudo passwd -l john
This prevents the user from logging in.
Unlocking a user account
sudo passwd -u username
Example:
sudo passwd -u john
9. Password Expiration
Administrators can force users to change passwords periodically.
This improves system security.
Password expiration settings can include:
- Minimum password age
- Maximum password age
- Warning period
These settings are configured using the chage command.
View password aging information
chage -l username
Example:
chage -l john
Example output:
Last password change : Mar 10, 2026
Password expires : Jun 10, 2026
Password inactive : never
Account expires : never
Minimum days between password change : 0
Maximum days between password change : 90
Warning period : 7 days
Force password change at next login
sudo passwd -e username
Example:
sudo passwd -e john
The user must change the password at the next login.
10. Password Policies
Organizations often enforce password rules to improve security.
Common password policies include:
- Minimum password length
- Combination of letters and numbers
- Use of special characters
- Password expiration
- Password history restrictions
Example policy:
- Minimum length: 8 characters
- Must include numbers
- Must include uppercase and lowercase letters
These policies may be configured using PAM (Pluggable Authentication Modules).
Configuration files are usually located in:
/etc/pam.d/
11. Password Security Best Practices
In IT environments, administrators usually follow these practices:
Use strong passwords
Passwords should contain:
- Uppercase letters
- Lowercase letters
- Numbers
- Symbols
Example:
S3cure!Linux2026
Change passwords regularly
This reduces the risk of long-term access if credentials are compromised.
Disable unused accounts
Old or unused accounts should be locked.
Example:
sudo passwd -l olduser
Avoid sharing passwords
Each user should have an individual account.
Shared accounts make auditing difficult.
12. Example of User and Password Workflow
Example scenario in an IT environment:
- A system administrator creates a user.
sudo useradd developer1
- The administrator assigns a password.
sudo passwd developer1
- The user logs in and changes the password.
- The system records the UID and manages permissions based on it.
13. Exam Tips (Linux Essentials)
For the LPI Linux Essentials exam, remember these key points:
- UID uniquely identifies a user
- UID 0 is the root user
- Regular users usually start at UID 1000
- User information is stored in /etc/passwd
- Password hashes are stored in /etc/shadow
- Passwords are managed using the passwd command
- Password aging can be checked with chage
- Accounts can be locked with passwd -l
✅ Summary
User IDs and password management are fundamental parts of Linux security.
Key ideas:
- Each user has a unique UID
- The root user (UID 0) has full system control
- User data is stored in /etc/passwd
- Password hashes are stored in /etc/shadow
- Passwords are managed with passwd
- Password aging is controlled with chage
These mechanisms allow Linux systems to identify users, control access, and maintain system security.
