This tutorial is coming much later than i wanted because i have been trying to think of a good way to approach this and what to cover since there is alot to cover while keeping it compact enough to not overwhelm the user.
Root is user identifier 0 or other wise known as UID 0. It is the highest privileged user in linux and has direct access to all hardware and software on the system. Most of the time on a terminal root mode is specified with a # instead of a $. We will get into hardware when we cover /dev and disk management in the next tutorial. You can access stuff like the memory and processes directly in /proc but i wont go into detail about that in this tutorial.
Lets go over some very basic commands with root
sudo foo | runs foo as root.
sudo -i | logins in as root
sudo su | same as the command above
sudo -s /bin/bash su | logins in as root and uses the /bin/bash
sudo !! | will run the previous command and append sudo to the front of it check below for a video about shell expansion
sudo -u dje4321 bash | runs bash as user dje4321
Note that sudo means supstitute user do. This is useful as some commands will require root to prevent stuff like privilege escalation from happening.
Lets move onto users. Users on linux may be a person using the computer or a service running on the computer. Some of these services may include stuff like sshd, ftp, etc. You can find out what users are on the system by reading /etc/passwd. The layout for /etc/passwd is simple though you should never edit it by hand.
dje4321:x:1000:1000:Jane Doe:/home/dje4321:/bin/bash
here is a example of what a entry in /etc/passwd should look like. Each part of the entry is separated by a : and has simple formatting to it.
dje4321 - specifys the username
x - specifys that the user has a encrypted password stored in /etc/shadow
1000 - the UID of the user
1000 - the primary GID of the user
Jane Doe - The comment of the user. In this case it is used to specify a name
/home/dje4321 - the home directory of the user
/bin/bash - what to shell to use when the user logs in
As you can see the /etc/passwd format is simple and has a clear layout. Logging into a user from a terminal is easy. Note that a password needs to set and you need to know that password to login most of the time.
su dje4321 | attempts to log you in as dje4321
su -c firefox dje4321 | runs firefox as dje4321
sudo su dje4321 | logins into dje4321 as root. will bypass the password for dje4321. This is that one case where you dont need the password
Lets move onto some commands to manage users. First command will be how to add users
useradd -G wheel -m -s /bin/bash -c "test account" foo
-G | specifies what groups to add the user too. In this case it is wheel which allows the user access to sudo
-m | sets the users home directory to /home/username. In this case the username is foo
-s | specifies what shell to use when logging into the user. It is /bin/bash in this case. The shell must be specifed in /etc/shells to allow the user to login
-c | can be used to specify a comment
foo | the name of the user you wish to create
usermod | allows you too mod a user account
usermod -s /bin/sh -a ssh -c "edited account" foo
-s | changes the shell to use when logging in
-a | will add a user to a group without changing what groups the user is in
-c | changes the comment of the user
foo | the user to modify
userdel | removes a user
userdel -r foo
-r | removes the users home directory and files
foo | what user to remove.
Time to cover groups and its respective files. Groups on linux are used to limit access to files and services. You can find out what groups you have on your system by reading /etc/group. the format of /etc/group is very similar to /etc/passwd.
wheel:x:10:dje4321
wheel | specifies the name of the group
x | specifies a encrypted password in /etc/gshadow
10 | the GID of the group
dje4321 | the users that are apart of the group
Now we can move onto the group management commands
groupadd | add a group to the system
groupadd foo | adds group foo to the system
groupmod| modify a group
groupmod -n boo foo | changes the name of foo to boo
groupdel | removes groups from a system
groupdel foo | removes the group foo
that covers the basic stuff about users and even some of the more advanced stuff. This should allow you too understand how the users and groups work in linux. I did not cover /etc/shadow and /etc/gshadow on purpose as 99.9% of people do not have a need to be messing with these files. If you want to know what these files do then the man page is a great resource for it as usual.
feel free to leave a comment if you have any comments, questions, concerns, etc.
In the next section we will go over /dev and disk management and all of those commands
Also to address some concerns ive had about not covering every command or missing some basic ones. This tutorial series is designed to allow users to understand what the command is doing and how the system works under the hood without just copying the documentation. So i will not cover certain commands until i covered how that part of the system works.
Also @wendell has a great tutorial about shell expansion with bash