User and Group Accounts Overview

Linux controls resource access through user identities. Accounts are categorized in to user accounts and group accounts.

User Account Roles

• Superuser (root): UID 0 with full system privileges
• Regular Users: UID 1000+ (CentOS7) with restricted permissions
• System Users: UID 1-999 (CentOS7) for service operations without login capability

Group Account Types

• Primary Group: Each user's default group (GID same as UID)
• Supplementary Group: Additional groups for shared resource access

User Account Configuration Files

/etc/passwd

root:x:0:0:root:/root:/bin/bash

• Format: username:password_placeholder:UID:GID:comment:home_directory:login_shell
• Password stored in /etc/shadow

/etc/shadow

root:$6$TgG...:18983:0:99999:7:::

• Fields: username, encrypted password, last password change, min/max password age, warning period, inactivity period, expiration date

Password Policy Management

chage -m 7 -M 90 -W 7 testuser

Option	Description
-m	Minimum days between password changes
-M	Maximum password validity period
-W	Warning days before expiration

Group Management Commands

Group Creation

groupadd -g 1001 developers

Member Management

gpasswd -a testuser developers

User Account Operations

User Creation

useradd -m -u 1001 -g users -G wheel -s /bin/bash testuser

Account Configuration Files

• ~/.bash_profile: Executes at login
• ~/.bashrc: Runs for interactive shells
• ~/.bash_logout: Executes at logout

Account Modification

usermod -l newuser -d /home/newuser -s /bin/zsh testuser

File System Permissions

Permission Types

• Read (r): View content/list directory
• Write (w): Modify content/manage files
• Execute (x): Run programs/traverse directories

Permission Modification

chmod u=rw,g=r,o= file.txt
chown testuser:developers project/

UMASK Defautls

umask 022  # Default directory:755, file:644