Author: Michael Devine

In Linux, user management involves creating, modifying, and deleting user accounts. User accounts are used to authenticate and authorize users to access resources on the system.

Here are some key concepts related to user management in Linux:

Root user: The root user is the superuser with complete control over the system. The root user can create, modify, and delete other user accounts.

User ID (UID): Each user account has a unique user ID. The root user has a UID of 0, while other users have UIDs greater than 0.

Group ID (GID): Each user account is associated with one or more groups, which have a unique group ID. A group can contain multiple users, and users can belong to multiple groups.

Passwords: User accounts can be password-protected to prevent unauthorized access. Passwords are stored in encrypted form in the /etc/shadow file.

Home directory: Each user account has a home directory where their personal files and settings are stored.

Some common commands used for user management in Linux include:

sudo: Sudo is a command in Linux and other Unix-based operating systems that allows users to perform actions with administrative or “root” privileges without logging in as the root user. The name “sudo” stands for “superuser do” or “substitute user do”.

The sudo command provides a way for authorized users to run specific commands as root or another user with elevated privileges. This helps to prevent accidental or malicious damage to the system by limiting the scope of what a user can do with administrative privileges.

useradd: Used to create a new user account. Create the user:

sudo useradd username

Set the password

sudo passwd username

Create a home directory for the new user using the mkdir command:

sudo mkdir /home/username

userdel: Used to delete a user account

sudo userdel username

usermod: Used to modify a user account (e.g., change the password, group membership, or home directory).add the new user to one or more groups using the usermod command. For example, to add the user to the “sudo” group (which grants administrative privileges), use:

sudo usermod -aG sudo username

passwd: Used to change a user’s password

sudo password username

groupadd: Used to create a new group

sudo groupadd groupname

getent: verify the group exists

getent group groupname

groupdel: Used to delete a group

sudo groupdel groupname

groups: Used to display groups that a current or specific user belongs too

groups
groups username

chown: Used to change the ownership of a file or directory

sudo chown username filename

You can also change the ownership of a directory and its contents using the -R (recursive) option:

sudo chown -R username directoryname

chgrp: Used to change the group ownership of a file or directory

sudo chgrp groupname filename

Change the group ownership of a directory and its contents using the -R (recursive) option:

sudo chgrp -R groupname directoryname

Here is a list of tools that can be used to get further information on a Linux operating system. Most of them should be available on the system by default.

uname – displays system information about the Linux kernel, such as the operating system name, release version, and processor architecture. For example, to display the system’s operating system name and kernel version, use:

uname -a

whoami – display the current username for both Linux and Windows.

id – The id command is a Linux/Unix command that is used to display the user and group information for the current user or for a specific user or group.

When you run the id command without any options, it will display the user ID (UID), group ID (GID), and the groups that the current user belongs to. For example:

$ id
uid=1000(username) gid=1000(username) groups=1000(username),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),116(lpadmin),126(sambashare)

Here, uid=1000 indicates the user ID of the current user, gid=1000 indicates the primary group ID of the current user, and groups=1000(username),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),116(lpadmin),126(sambashare) lists the additional groups that the user belongs to.

You can also use the id command to display the user and group information for a specific user or group by passing the username or group name as an argument. For example:

$ id someuser
uid=1001(someuser) gid=1001(someuser) groups=1001(someuser),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),116(lpadmin),126(sambashare)

$ id somegroup
uid=1002(somegroup) gid=1002(somegroup) groups=1002(somegroup),1003(someothergroup),1004(someadditionalgroup)

In addition to the default output, the id command also supports a number of options that can be used to customize the output or to display additional information. You can see the available options and their descriptions by running man id.

hostname – sets or prints the name of current host system.

pwd – returns working directory name.

ifconfig – is a used to configure and display information about network interfaces.

ip – is a powerful and versatile command-line tool for network configuration in Linux/Unix operating systems. It is used to configure and display information about network interfaces, routing tables, network address translation, and many other networking-related tasks.

neststat – used to display information about the network connections and network statistics. It can provide details on network interfaces, routing tables, open network connections, and much more. It can be used to diagnose and troubleshoot network problems, monitor network performance, and much more. Some common options for the netstat command include:

-a to display all active connections (both listening and non-listening).

-n to display numerical IP addresses instead of hostnames.

-p to show the process or program associated with each connection.

-r to display the kernel routing table.

-l display a list of all listening TCP and UDP connections

-atp display a list of all active TCP connections, including the remote address and port, the local address and port, and the process ID (PID) of the associated process.

-i display a summary of network interface statistics, including the number of bytes and packets sent and received

-r display the kernel routing table, including information about the destination, gateway, and netmask of each route.

ss – used to display detailed information about network sockets, including TCP, UDP, and UNIX domain sockets. It is an alternative to the more traditional netstat command and provides more detailed and up-to-date information on active connections and network statistics. Some common options for the ss command include:

-a to display all active connections (both listening and non-listening).

-n to display numerical IP addresses instead of hostnames.

-p to show the process or program associated with each connection.

-t to show only TCP connections.

-u to show only UDP connections.

-x to show only UNIX domain sockets.

-e to display extended information about each connection, including the user and group ID of the process.

who – print information about users who are currently logged in.

env – used to display or set environment variables for a particular command or shell. Environment variables are special values that are available to any program or script running on the system, and they can be used to customize the behavior of programs, define system-wide settings, or pass information between programs. Some common options for the env command include:

-i to start with an empty environment.

-u to unset a particular environment variable.

-v to display the version of env.

To set a new environment variable for a particular command or script, use the following command:

env VAR=value COMMAND

For example, to set the MY_VAR environment variable to hello and run the echo command:

env MY_VAR=hello echo $MY_VAR

To unset a particular environment variable, use the following command:

env -u VAR COMMAND

For example, to unset the MY_VAR environment variable and run the echo command:

env -u MY_VAR echo $MY_VAR

In addition to these options, env has many other advanced options and uses, such as executing a command with a modified environment, setting environment variables from a file, and much more. You can learn more about these options and their usage by reading the env man pages.

lsb_release – displays information about the Linux distribution, including its name, release number, and code name. For example, to display the distribution name and version, type:

lsb_release -a

cat /proc/cpuinfo – displays detailed information about the system’s CPU, including the number of processors, clock speed, and cache size.

free -m – displays information about the system’s memory usage, including the total amount of memory, the amount of free memory, and the amount of memory used by the system’s processes.

df -h – displays information about the system’s disk usage, including the amount of disk space used and available on each mounted filesystem.

lspci – displays information about the system’s PCI devices, including the device ID, vendor, and subsystem ID.

lsusb – displays information about the system’s USB devices, including the device ID, vendor, and product ID.

lsblk – used to list information about all available block devices on a system, such as hard drives, USB drives, optical drives, and so on. It provides a detailed view of the block devices and their associated attributes, such as the device name, size, and mount point.

These commands can be very useful for troubleshooting and system administration tasks, as well as for general system monitoring and maintenance.

In the Bash shell, the help command is used to display the built-in help documentation for a specific command or shell feature. Here’s how to use the help command:

You can type help followed by the name of the command or feature that you want help with. For example, to get help for the cd command, type:

help cd

Man

In Linux, the man command is used to display the manual pages (or documentation) for a specific command or program. Here’s how to use the man command:

Open a terminal window and start the Bash shell.

You can type man followed by the name of the command or program that you want to get help with. For example, to get help for the ls command, type:

man ls

This will display the manual page for the ls command, including a description of the command, a list of available options and arguments, and other useful information.

Use the up and down arrow keys to scroll through the manual page, or press the spacebar to move down one page at a time. Press q to exit the manual page and return to the shell prompt.

Apropos

If you’re not sure of the exact name of the command or program you need help with, you can use the apropos command to search for relevant manual pages. For example:

apropos file management

This will search the system’s manual pages for any commands or programs related to file management and display a list of matching manual pages.

The shell is a command-line interface that allows users to interact with the Linux operating system. It is a program that interprets user commands and runs them on the operating system. The shell is the interface that sits between the user and the operating system, allowing the user to issue commands and receive responses.

The shell in Linux is a powerful tool that provides a wide range of features and capabilities, including:

Command Execution: The shell can execute commands entered by the user. These commands can be system commands, such as changing system settings or manipulating files, or custom scripts created by the user.

Input/Output Redirection: The shell allows users to redirect input and output to and from files or other programs. For example, users can redirect the output of a command to a file or another program, or read input from a file rather than the keyboard.

Environment Variables: The shell allows users to set and modify environment variables that control the behavior of the shell and other programs. Environment variables can be used to set default values for commands, control system settings, or provide information to scripts.

Command History: The shell maintains a history of commands entered by the user, allowing users to quickly recall and execute previously used commands.

Job Control: The shell allows users to run multiple commands at the same time, managing them as separate processes. Users can start, stop, and monitor jobs, and switch between them as needed.

Tab Completion: The shell provides a tab completion feature that allows users to quickly complete commands and file paths by pressing the tab key.

There are several different shells available in Linux, including the Bourne-Again Shell (bash), the Z Shell (zsh), and the Korn Shell (ksh). Bash is the most commonly used shell in Linux and is the default shell in most distributions.

BASH

The Bourne-Again Shell (BASH) is the most popular command-line shell for Unix-based operating systems, including Linux. It was developed as a free software replacement for the original Bourne Shell (sh) and provides a powerful and flexible environment for running command-line applications and scripts.

BASH also supports advanced scripting capabilities, including flow control, looping, and variable manipulation. This makes it a popular choice for writing complex shell scripts and automating system administration tasks.

BASH is the default shell in most Linux distributions and is widely used by developers, system administrators, and other advanced users who prefer to work in a command-line environment. It is also available on other Unix-based operating systems, including macOS and FreeBSD.

Bash Prompt

The Bash prompt is the text that appears on the command-line interface of the Bash shell, indicating that the shell is ready to accept commands from the user. It typically consists of a user@hostname string followed by a current working directory path and a $ or # symbol indicating the user’s permission level (regular user or root).

The Bash prompt is generated by the PS1 environment variable, which is a shell variable that controls the appearance and behavior of the prompt. The PS1 variable can be set by the user to customize the prompt according to their preferences.

The PS1 variable can contain special escape sequences that are replaced with dynamic information when the prompt is displayed. Some common escape sequences used in the PS1 variable include:

\u – replaced with the current user’s username

\h – replaced with the hostname of the system

\w – replaced with the current working directory

! – replaced with the history number of the current command

# – replaced with the command number of the current command

\n – creates a new line

For example, to set the Bash prompt to display the current user, hostname, and working directory, the following command can be used:

PS1='\u@\h:\w\$ '

This sets the PS1 variable to a string that includes the escape sequences for the username (\u), hostname (\h), and working directory (\w), followed by a $ symbol.

The Bash prompt is a powerful tool that allows users to customize the appearance and behavior of the command-line interface, making it easier to use and more productive.

Terminal Emulators

A terminal emulator is a program that allows users to interact with a computer system through a virtual terminal. It is a software application that emulates the functionality of a physical terminal and provides a way for users to enter commands and interact with the operating system.

A terminal emulator typically provides a text-based interface that allows users to enter commands and receive output from the system. It may also provide features like input and output redirection, job control, command history, and tab completion, similar to those provided by a physical terminal.

The terminal emulator communicates with the operating system through a terminal interface, such as the tty or pty interface in Unix-based systems. This allows the user to interact with the system as if they were using a physical terminal, even if they are accessing the system remotely over a network.

Terminal emulators are commonly used in Unix-based systems, including Linux, to provide a command-line interface to the system. They are often used by developers, system administrators, and other advanced users who prefer to work in a command-line environment. Some popular terminal emulators for Linux include Gnome Terminal, Konsole, xterm, and Terminator. To find what terminal emulator you are currently running you can use the command:

echo $TERM

History

The history of Linux begins in 1991 when a young student named Linus Torvalds at the University of Helsinki in Finland began developing a new operating system. Torvalds was interested in developing an operating system that was similar to the Unix operating system but was free and open-source.

He started by writing a kernel, which is the core component of an operating system that interacts directly with the computer’s hardware. He posted his work online and asked for feedback from other programmers. This early version of the kernel was the beginning of what would become the Linux operating system.

In the early years of Linux, Torvalds continued to develop the kernel, and other programmers around the world began contributing to the project. As more people became interested in the project, it grew rapidly, and by the mid-1990s, Linux had become a viable alternative to other operating systems like Unix and Microsoft Windows.

In 1998, several companies, including IBM, Red Hat, and SUSE, formed the Open Source Development Labs (OSDL) to promote Linux development and support. The OSDL was later renamed The Linux Foundation, and it continues to support the development and promotion of Linux and other open-source technologies today.

Today, Linux has become one of the most popular operating systems in the world, used on everything from smartphones and tablets to servers and supercomputers. It is renowned for its stability, security, and flexibility, and its open-source nature means that anyone can contribute to its development and use it without paying licensing fees.

Components

Linux is an operating system made up of several components that work together to provide users with a complete computing experience. Here are the main components of Linux:

Kernel: The kernel is the core component of Linux. It manages system resources, including the CPU, memory, and input/output operations. It also provides a platform for running applications and interacting with hardware.

Shell: The shell is the command-line interface that allows users to interact with the Linux operating system. It provides a way to run commands and scripts, manage files and directories, and configure system settings.

Graphical User Interface (GUI): The GUI is a user-friendly interface that provides an easy-to-use desktop environment. It allows users to manage applications, files, and settings with a mouse and keyboard.

System Libraries: The system libraries are collections of pre-written code that provide essential functionality to Linux applications. They include libraries for input/output operations, networking, and graphics.

Application Programs: Linux comes with a variety of application programs, including text editors, file managers, web browsers, and media players. These programs are often open-source and free to use.

Device Drivers: Device drivers are software programs that enable Linux to interact with hardware devices, such as printers, graphics cards, and input devices.

Utilities: Linux utilities are command-line tools that provide essential system functions, such as managing files and directories, monitoring system performance, and configuring system settings.

Together, these components provide a powerful and flexible operating system that can be customized to suit a wide range of computing needs.

Architecture

The architecture of Linux can be described in several ways, depending on the level of detail and abstraction. Here is a high-level overview of the architecture of Linux:

Kernel: The Linux kernel is the core component of the operating system. It interacts directly with the hardware and provides a platform for running applications. It includes several subsystems, including the process management, memory management, file system, networking, and device drivers.

System Libraries: System libraries are collections of pre-written code that provide essential functionality to Linux applications. They include libraries for input/output operations, networking, and graphics. The most important system libraries are the GNU C Library (glibc), which provides basic functions for programming in C, and the X Window System (X11), which provides a graphical user interface.

User Space: User space is where most applications and system tools run. Applications interact with the kernel through system calls, which are functions that allow user space processes to access kernel services, such as file operations or network communication.

Graphical User Interface: The graphical user interface (GUI) is the windowing system that provides a visual environment for running applications. It includes the X11 windowing system, window managers, and desktop environments.

File System: Linux uses a hierarchical file system that is organized in a tree-like structure. The root directory is the top-level directory, and all other directories and files are located within this directory.

Device Drivers: Device drivers are software programs that allow the Linux kernel to interact with hardware devices, such as printers, graphics cards, and input devices. They are part of the kernel and are loaded dynamically as needed.

Utilities: Linux utilities are command-line tools that provide essential system functions, such as managing files and directories, monitoring system performance, and configuring system settings.

File Structure

Linux is an open-source operating system that has a hierarchical file system structure. This is an overview of the main components of the Linux file system structure:

Root Directory (/): The root directory is the top-level directory in the Linux file system hierarchy. All other directories and files in the system are located within this directory.

Binaries (/bin): This directory contains the binary executable files that are essential for the system to function properly. These binaries include basic system utilities like ls, cp, rm, mv, etc.

Boot (/boot): This directory contains the files that are needed for the system to boot. This includes the Linux kernel and bootloader configuration files.

Device (/dev): This directory contains device files that represent all the physical and virtual devices on the system. These device files are used to communicate with the hardware components of the system.

Libraries (/lib and /lib64): These directories contain the shared library files that are needed for running the binaries in the /bin and /sbin directories.

System (/sbin): This directory contains system-level binaries that are used for system maintenance tasks. These binaries require root privileges to run.

Configuration (/etc): This directory contains system-wide configuration files that are used by various applications and services on the system.

Home (/home): This directory contains the home directories for each user on the system.

Temporary (/tmp): This directory contains temporary files that are created by various applications and services on the system.

Var (/var): This directory contains variable files such as log files, spool files, and temporary files that are used by various applications and services on the system.

In addition to these directories, there are other directories and files in the Linux file system structure that are used for various purposes. Understanding the structure of the Linux file system is essential for effectively managing and administering a Linux system.

Importance of a Search

It can be crucial to be able to find the different files and folders in Linux efficiently. We do not have to manually browse through every single folder and check as there are multiple tools we can use to make this work easier.

Which

One of the common tools is which. This tool returns the path to the file or link that should be executed. This allows us to determine if specific programs, like curl, netcat, wget, python, gcc, are on the operating system. Below is an example for curl.

└─$ which curl
/usr/bin/curl

If the program that we search for does not exist, no results will be displayed.

Find

Another handy tool is find. Besides the function to find files and folders, this tool also contains the function to filter the results. We can use filter parameters like the size of the file or the date. We can also specify if we only search for files or folders.

$ find <location> <options>

Let us look at an example of what such a command with multiple options would look like.

$ find / -type f -name *.conf -user root -size +20k -newermt 2020-03-03 -exec ls -al {} \; 2>/dev/null
-rw-r--r-- 1 root root 34498 Dec 1 13:01 /usr/share/drirc.d/00-mesa-defaults.conf
-rw-r--r-- 1 root root 195027 Aug 23 2020 /usr/share/alsa/topology/hda-dsp/skl_hda_dsp_generic-tplg.conf
-rw-r--r-- 1 root root 66635 Aug 23 2020 /usr/share/alsa/topology/sklrt286/skl_i2s.conf
-rw-r--r-- 1 root root 74488 Aug 23 2020 /usr/share/alsa/topology/bxtrt298/bxt_i2s.conf
-rw-r--r-- 1 root root 30436 Jan 8 2021 /etc/cups/cups-browsed.conf

Now let us take a closer look at the options we used in the previous command. If we hover the mouse over the respective options, a small window will appear with an explanation. These explanations will also be found in other modules, which should help us if we are not yet familiar with one of the tools.

Option	Description
-type f	Here, we define the type of the searched object. In this case, ‘f‘ stands for ‘file‘.
-name *.conf	With ‘-name‘, we indicate the name of the file we are looking for. The asterisk (*) stands for ‘all’ files with the ‘.conf‘ extension.
-user root	This option filters all files whose owner is the root user.
-size +20k	We can then filter all the located files and specify that we only want to see the files that are larger than 20 KiB.
-newermt 2020-03-03	With this option, we set the date. Only files newer than the specified date will be presented.
-exec ls -al {} \;	This option executes the specified command, using the curly brackets as placeholders for each result. The backslash escapes the next character from being interpreted by the shell because otherwise, the semicolon would terminate the command and not reach the redirection.
2>/dev/null	This is a STDERR redirection to the ‘null device‘, which we will come back to in the next section. This redirection ensures that no errors are displayed in the terminal. This redirection must not be an option of the ‘find’ command.

Locate

It will take much time to search through the whole system for our files and directories to perform many different searches. The command locate offers us a quicker way to search through the system. In contrast to the find command, locate works with a local database that contains all information about existing files and folders. We can update this database with the following command.

$ sudo updatedb

If we now search for all files with the “.conf” extension, you will find that this search produces results much faster than using find.

$ locate *.conf
/etc/GeoIP.conf
/etc/NetworkManager/NetworkManager.conf
/etc/UPower/UPower.conf
/etc/adduser.conf
<SNIP>

However, this tool does not have as many filter options that we can use. So it is always worth considering whether we can use the locate command or instead use the find command. It always depends on what we are looking for.