4.1. Introduction to UNIX Users and Groups

On Linux and other UNIX operating systems, a user is a person who can login to the system via SSH, telnet, FTP or at the console. Users can also receive email and own files on the server's local filesystems. Each user has a login name, a password, and a home directory in which all its files are stored. Users also have several additional attributes, such as a real name, shell (the program that is run when the user logs in), and expiry date.

Each user is a member of at least one group, called a primary group. In addition, a user can be a member of an unlimited number of secondary groups. Group membership can be used to control the files that a user can read and edit. For example, if two users are working on the same project you might put them in the same group so they can both edit a particular file that other users cannot access.

Every system will have several standard user accounts like root and nobody that are created when the system is installed—although most of these (except for root) cannot be used to login. If your server will be used by more than one person, you will need to create an additional user account for each person to keep their files and email separate. Even if you are the only person who uses your machine, it is a good idea to create a user account for yourself that you use to login with instead of using the root account.

Depending on your operating system, user and group information will be stored in different files in the /etc directory. On modern versions of Linux, /etc/passwd and /etc/shadow are used to store user details, and /etc/group for group details. The Users and Groups module works by directly editing those files, not by calling any external programs or functions. This means that if you are using NIS or storing users in an LDAP server, this module is not for you.