Linux Tutorials - Herong's Tutorial Examples - v5.45, by Herong Yang
System Users and Groups
This section provides a tutorial example on how to add and manage system users and groups on Linux computers.
On Linux systems, some special users and groups are created to run system and service programs. They are called system users and groups.
For example, "mysql" is a system user that runs the MySQL database service. On my Linux computer, user "mysql" has a user id of 27 and in a group called "mysql".
herong$ sudo grep mysql /etc/passwd mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash herong$ sudo grep mysql /etc/group mysql:x:27:
System users and groups are separated from regular users and groups by their value ranges. Generally, system users and groups have lower id values than regular users and groups.
Most system users and groups are created automatically by software package installation scripts.
If you want to create a system user, you can use the "useradd -r -m" command. "-r" option indicates a system user, and "-m" option creates the "/home/{user}" directory. For example:
herong$ sudo useradd -r -m myservice
8 parameters are defined in the /etc/login.defs file to help "useradd/groupadd" command selecting correct id values:
herong$ sudo more /etc/login.defs ... # Min/max values for automatic uid selection in useradd # UID_MIN 1000 UID_MAX 60000 # System accounts SYS_UID_MIN 201 SYS_UID_MAX 999 # Min/max values for automatic gid selection in groupadd # GID_MIN 1000 GID_MAX 60000 # System accounts SYS_GID_MIN 201 SYS_GID_MAX 999 ...
You can use UID_MIN and UID_MAX values to extract regular users from the /etc/passwd file:
herong$ sudo awk -F: '($3>=1000) && ($3<=60000)' /etc/passwd herong:x:1000:1000:Herong Yang:/home/herong:/bin/bash guest:x:1001:1001::/home/guest:/bin/bash ...
By the way, system users are restricted by many applications. So don't use them to perform daily tasks.
Table of Contents
Cockpit - Web Portal for Administrator
Group Access Permissions on Files
"adduser/usermod/userdel" - Commands to Manage Users
SELinux - Security-Enhanced Linux
SSH Protocol and ssh/scp Commands
Software Package Manager on CentOS - DNF and YUM
vsftpd - Very Secure FTP Daemon