Table of Contents
Understanding Users and Groups on Linux
Linux is a multiuser system. Even if you are the only person using your computer, the system treats you as one user among many, and it uses groups to organize permissions and access. To work safely and effectively on the command line you need a clear mental model of what a user is, what a group is, and how the system uses them together.
This chapter introduces these ideas and shows how to see who you are, which groups you belong to, and which accounts exist on the system. The details of changing permissions, ownership, and using sudo are covered in later chapters, so they will only be touched on when necessary here.
A user is an identity that can own files and run processes.
A group is a named collection of users that share certain permissions.
User Accounts and Identities
When you log in to a Linux system you do so as a user. That account has a username, an internal numeric identifier, a home directory, and a default shell. Together these define your identity in the system.
On the command line you can ask the system who you are with the whoami command.
whoami
This prints your current username, for example alice or bob. The username is what you type when you log in, but Linux cares just as much about your numeric identifier, called the user ID.
Each user has a user ID, usually written as UID. The UID is an integer. You can see your own UID with the id command.
idTypical output looks like this.
uid=1000(alice) gid=1000(alice) groups=1000(alice),27(sudo)
Here uid=1000 is the user ID that the kernel actually uses to decide what you can access. The name alice is just a readable label for humans. When you create more users the system assigns them different UIDs.
Linux uses numeric IDs (UIDs) inside the system, and maps them to usernames for humans.
The Root User
Linux has one special user account with complete control over the system. This is the root user. It has UID 0 and is not restricted by the usual file permissions, so it can read and modify almost anything, install or remove any software, and change any setting.
If you run id while logged in as root you will see.
uid=0(root) gid=0(root) groups=0(root)
Using root directly is powerful and also risky. In many distributions you will normally log in as a regular user and temporarily gain root privileges through sudo, which has its own chapter. Here the key point is to recognize that UID 0 is special.
System Users and Human Users
Not every user on a Linux system is a human. Many background services run under their own user accounts. These are called system users or service accounts. They exist to separate services from each other and from human users.
You can see all user entries by looking at the /etc/passwd file.
cat /etc/passwdYou will see lines like these.
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
alice:x:1000:1000:Alice:/home/alice:/bin/bash
Each line describes one account. System accounts usually have low UIDs, such as from 0 up to some distribution specific limit. Human users usually start at a higher UID such as 1000. The exact divisions and the detailed fields of /etc/passwd are discussed in later administration chapters. For now you just need to recognize that not every account is meant for interactive login.
Human users normally have higher UIDs, while system and service accounts use lower UIDs and often cannot log in interactively.
Home Directories
Every normal user has a home directory. This is the place where your personal files and configuration live. On most systems user alice has the home directory /home/alice. You start in your home directory when you open a terminal.
You can always refer to your home directory using ~. For example, cd ~ takes you to your own home directory, and ls ~ lists its contents. The actual path such as /home/alice is stored in your user account’s entry and is visible in /etc/passwd.
The root user has a separate home directory, usually /root, which is different from the system root directory /.
What Are Groups?
A group is a named collection of users. Groups provide a way to give several users access to the same files or resources without giving that access to everyone.
Each group has a name, such as alice, wheel, or sudo, and a numeric group ID, or GID. Like UIDs, GIDs are integers. The system stores group definitions in the /etc/group file. You can inspect it with.
cat /etc/groupA typical line might look like this.