Everything for the Ubuntu Server Administrator

User Tools

Site Tools


Server Administration

Server Applications

At the Command Line


Copyright 2013 Applied Conscious Technologies, LLC

Terms of Agreement


submit to reddit


Server Administration


Ubuntu Server User Administration

see also: Groups, Public/Private Key Pairs, Monitoring Users, Bashrc

Add a User

Add rich as a new user and put him into the staff, admin and adm groups:

sudo useradd -m -s /bin/bash -G staff,admin,adm  rich
option description
-m create user home dir from /etc/skel
-s specify default shell, this this case bash
-G assign user to secondary groups

The user's home directory will be created from: /etc/skel

man page:

Set a User's Password

sudo passwd username

You will need to enter the new password twice.

man page:

Delete a User

Optionally also Remove the User's Home Directory

rm -rf /home/username
option description
-f ignore nonexistent files, never prompt
-r remove directories and their contents recursively

Remember the -rf options. Use this any time you want to remove an entire directory.

Log a User Out of the System

sudo skill -KILL -u username
option description
–KILL send kill signal to processes
-u specify a user name that owns the processes

Lock a User Account

If you need to disallow a user from logging into the system, lock the account.

sudo passwd -l username
option description
-l Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the password). Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod –expiredate 1 (this set the account's expire date to Jan 2, 1970).

Unlock a User Account

Reenable a user account that has been locked.

sudo passwd -u username

Set a User's Primary Group as "staff"

This sets “staff” as the primary group for rich.

Important: After this command is executed, rich with only belong to the staff group. All previous group memberships are lost.

sudo usermod -g staff rich
option description
-g The group name or number of the users new primary login group. All other group memberships are erased.

see also: Groups

Adding a User to a Secondary Group

sudo usermod -G groupname username

For instance, to edit www data, the user would need to be added to the staff group:

usermod -a -G staff fred
option description
-a Or –append. Add the user to the supplementary group(s). Use only with the -G option.
-G A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the -a option, which appends the user to the current supplementary group list.

see also: Groups

man page:

Allow a User to use Sudo

This example shows how to allow a single user to use the sudo command.

sudo visudo

Add a line for the user:

rich   ALL=(ALL) ALL

A better strategy is probably to add that user to the admin group and make sure the admin group is allowed to use sudo.

man page:

Who has Been Logged in?

The last command shows a list of the most recently logged in users:


man page:

Who's Logged in Now?

User either the “w” or “who” command. “w” is more detailed. Besides, “w” is shorter and that's better, right?


man page:

List of Users


List of users, organized into columns with each user's groups in the last column:

paste -d: /etc/passwd <(groups $(cut -d: -f1 /etc/passwd) | sed 's/.*: //') | column -nts: | sort

Simpler, without the groups:

column -nts: /etc/passwd | sort

Customize /etc/skel

The directory /etc/skel is copied to a new user's home directory when the user is created. If you modify files in the /etc/skel, those modifications will apply to all new users.


# /bin/bash
# show members of a specified group
# example: andrew
awk -F: -v group=$1 '
        NR==FNR && $1==group {
                for (i=1; i<=split($4,a,","); i++) print a[i]
        NR!=FNR && $4==gid { print $1 }
' /etc/group /etc/passwd | sort -u
awk -F: -v group=andrew '$4==gid { print $1 }' /etc/passwd

Print GID for andrew's primary group:

awk -F: -vgrp=andrew '$1 ~ grp {print $3}' /etc/group
program name description
adduser Adds a new user.
chage Change a user's password expiration.
chfn Change a user's full name and information.
chgrp Change the group ownership of files.
chown Change the owner of files.
chpasswd Update passwords in batches.
chsh Change the login shell.
faillog Displays entries in /var/log/faillog.
finger Display users currently logged in or display information about a specified user.
groups Print the groups a user is in.
id Print real and effective user and group IDs.
last Print login information for users last logged in.
lastb Prints the content of /var/log/btmp, which contains all the bad login attempts.
logname Print current user's login name.
newusers Update and create newusers in batch.
passwd Set a user's password.
pwck Verify integrity of password files.
pwconv Convert to and from shadow passwords and groups.
useradd Create a new user.
userdel Delete a user account and related files.
usermod Modify a user account.
users Print the user names of users currently logged in.
vipw Edit the /etc/passwd file.
w Display users logged in and what they are doing.
wall Send a message to everybody's terminal.
who Display the users logged in.
whoami Print effective user id.

users.txt · Last modified: 2015/05/31 21:20 (external edit)