Setting up users (Optional)

If you are the only person who will be using the computer in question, or you'll share it with others, but you don't worry a lot about sharing file storage, documents, and userspace in general, you can skip this bit.

If there will be more than one person accessing the PC however, you might want to set up a separate account for all of them. User accounts on Linux, work very similarly to how they would on most other operating systems, from a user's perspective anyway. Setting them up would not require any particular skill, but might be different from what you were used to.

There are three basic things you can do about a user, which will be discussed in somewhat greater detail (although not too great. We don't want your brain to overheat, and there is so much to do still):

Let's see how.

The best option in Linux is usually the command line, although this might not be obvious at first, especially if you come from a point-and-click style environment. The CLI will allow for greater control than anything, but user-friendliness is usually a tradeoff.

As this topic is quite complex, here's a mini ToC for easier navigation:

Adding a user

Adding a user is quite straightforward, regardless of what environment íou are doing it in. In most DEs you would have nice and easy to use graphical tools, although some of these might be somewhat limited in scope, or usability, while on the CLI, you would rely on different commands, to do a single task. Fortunately, there are shortcuts. There always are...

There are many ways to add a user n Linux, the two most common are the commands useradd and adduser. The former (useradd) fits nicely into a series of user manipulation commands, such as usermod (to modify users) and userdel (to delete users), while adduser might be simpler to use.

The first command will take many options which make it extremely flexible, but the second option would offer a nice questionnaire format, to fill in user information, which makes it a lot more user-friendly.

The problem with both approaches is that they do not assign the user to any of the usual groups on the system, and you will need to do this manually after adding them. The only group a user would be assigned to by default is its own private group.

Groups are basically a collection of permissions, really, although it might not be defined, or viewed like that from a strictly technical point of view. A group can have a specific permission set, such as accessing certain files (in reality files are owned by a user and a group, and the levels of access can be defined for user and group separately see the File Permissions chapter for a little more detail), but not others, run certain programs, but not others, access certain devices, but not others, etc. (Yes, you've guessed right, these are more often than not also file permissions. In Linux, "everything is a file".)

To check all the groups your user is member of, open a terminal, and type

groups

followed by Enter.

The result would look something like this:

test@debian-9-test:~$ groups
test adm cdrom sudo dip plugdev lpadmin sambashare
test@debian-9-test:~$

Each group is listed, delimited by spaces. One particular group sudo we have discussed earlier. The user must be the member of this group to be able to use the sudo command. Others often have descriptive names, e.g. cdrom is likely to have something to do with cd-roms (mount and read them), or sambashare allows a user to access Window$ Samba shares. Others like dip, or lpadmin can be quite obscure, and so they will remain for now. ;)

The problem is, these groups are often important. They would allow the user to mount usb pendrives, or cdroms, or access file shares, printers etc., but these groups will not be assigned by default. So what can you do about it?

One way of going about this is adding them manually with the usermod command, as discussed below. The smart way is to read this website, which you are already doing because right below this text is a download link to a super-duper shell-script, which will make your life so much easier!

Click here to donwload the create user from existing user script

To run this script, after downloading, just open a terminal, enter the Downloads folder (or your specific download location) by typing

cd ~/Downloads

and pressing Enter.

Once there, you need to unpack the tarball containing the script:

tar -xvf cloneuser.tar.gz

then become root via su and run the script:

bash cloneuser.bash

or if you use sudo:

sudo bash cloneuser.bash

and press Enter

  • First, the script will ask you to specify a username to clone from. This should be an existing user, whose groups you want to transfer to the new user you are about to create, probably the user you are logged in as. Type the username, and press Enter If you have made a mistake, the script will exit with an error message. You then have to start over again.
  • Next, you will be asked to provide a username for the user you want to create. Type it, and press Enter

Now the script will execute the adduser command with the username you've specified. The following prompts will come from that command. Answer the next prompts, or leave them empty if you don't want to specify them, pressing Enter after each answer:

  • Set password for new account (mandatory)
  • Confirm password
  • Full name of user (optional)
  • Room number (optional)
  • Work phone (optional)
  • Home phone (optional)
  • Other, (meaning any additional info, or note about the user -- optional)
  • Then you will be asked if the information given was correct. If you press N, you can start over, or you can accept and continue by pressing Y.

Now the script will print a list of the groups that will be cloned, and exit with a constrained attempt at humour.

Unless you have been given an error message the new user account should now be created. You can log out from the current user and log in as the new user any time now.

Instead of using this standalone script, you can also just download the Way of Linux Admin console app, which provides a convenient collection of scripts, accessible through an easy-to-use menu in your terminal. You can get WLAdmin from the Downloads page

If you're interested how this script operates, you can find the whole code below. You can copy and paste it into an empty text file. Call it anything you like, only make sure you give it the extension .bash or .sh. Name it e.g. cloneuser.bash

To run it, you would need to open a terminal, and

  • either become root with su and type
    bash cloneuser.bash

    then Enter

  • or as your normal user, type
    sudo bash cloneuser.bash

    press Enter, give your user password, and press Enter again

The code:

#!/bin/bash

# Only proceed if running as root
if [[ "$(whoami)" != "root" ]]; then
    echo
    echo "You have to run this script as root."
    echo
    exit 69
fi

echo
echo "This script will create a new useraccount based on an existing one."
echo

# Need a user to clone gorups from
read -p "Username of account to clone, followed by [Enter]: " existinguser

# Only go on, if source user exists, otherwise, the whole thing is pointless
if [ -z "$(getent passwd $existinguser)" ]; then
    echo "No such user"
    exit 69  
fi

# Get a new username, and create that user
read -p "Username of new user, followed by [Enter]: " newuser
echo
echo "Creating user $newuser by cloning profile of $existinguser..."
adduser $newuser

# Get source user's groups, and truncate it to be useful
# The output of the groups command is prefixed by the username, 
# also the user is in a group named after itself, which should be omitted
prefix="$existinguser : $existinguser "
usergroups=$(groups $existinguser)
usergroups=${usergroups#$prefix}
echo
echo "Assigning $newuser to groups:"
echo "$usergroups"

# First, replace spaces with commas, then un the command
# to assign the new user to all the groups
usergroups=$(echo "$usergroups" | tr ' ' ',')
usermod -a -G $usergroups $newuser

# Say goodbye to the nice user now Scripty!
echo
echo "Done! All should be set now."
echo
echo "(Unless you saw an error message.)"
echo "(Can't do much about that at this point, can I?)"

Back to top

Modifying a user

A user account can have many settings. You can add a user to- or remove it from groups, set expiring passwords, move or relocate user's home directory, set/remove subordinate UIDs and GIDs, and so on. Below you'll find some options you're most likely to encounter.

Most user-modifying operations are accessible via one command, usermod. Typing this into a terminal as root, then pressing Enter can tell you all about this versatile command's capabilities. If you want or need greater control, however, some user operations have specifically designated commands using which you can be more detailed, or specific.

Back to top

Adding a user to a group

To add an existing user to an existing group, or groups, open a terminal, gain root privileges with su and type the following:

usermod -a -G group_name user_name

followed by Enter,

or to add the user to multiple existing groups, type

usermod -a -G group_name_1,group_name_2,group_name_3 user_name

followed by Enter.

This command, like all commands in Linux, is case-sensitive, so make sure you type -a with a small "a", and -G with a capital "G".

So basically, if you want to add the user john to the audio group, you would type

usermod -a -G audio john

followed by Enter.

If you would like to assign the userjohn to more than one group, e.g. to the audio, video, and family groups at the same time, you would type

usermod -a -G audio,video,family john

followed by Enter.

If you want to learn more about the various options offered by the usermod command, just type

usermod --help

into a terminal, followed by Enter.

For greater control, and more advanced options, you can also use the addgroup command. To learn how to use it, type

addgroup --help

into a terminal, then press Enter.

Back to top

Move, or relocate user's home directory

By default, the user's home directory will be placed in /home/username. So the home directory of our user john would be /home/john. You can either assign a new directory to act as the user home, or move the contents the original home directory to a new location, and assign the new location as the user home.

The former might be useful when you have swapped systems, but want to keep an old user profile. The latter makes sense if, for whatever reason, you want to keep the user's stuff on a separate partition, or a different hard-drive.

  • To assign a different, already existing location as the user's home directory, open a terminal, become root with su and type

    usermod -d /path/to/new/directory username

    the press Enter. So for example, if you want to make the directory at /some/silly/path/newdirectory the new user home for the user john, you'd do it with

    usermod -d /some/silly/path/newdirectory john

    When you assign a new location to become user home this way, the target directory must exist. If you assign a non-existing directory, the system will be updated with the new path, but as the directory itself is not there, it might leave the system in an inconsistent state. You can easily correct this by creating the directory afterwards, and assigning ownership to the user in question, but it's probably better to be prepared beforehand.

  • If you want to move the user's files to a new location, open a terminal, become root with su and type

    usermod -m -d /path/to/new/directory username

    the press Enter. So for example, if you want to make the directory at /some/silly/path/newdirectory the new user home for the use john, you'd do it with

    usermod -m -d /some/silly/path/newdirectory john

    When you move a user directory this way, the target directory should not exist, as it will be created during the moving process. If you attempt to move the user directory into an already existing location, you will be informed that the directory exists and the command will not complete.

Back to top

Change username

You can also change the username of any user account that is not logged in. If you want to change the username of the current user account, you have to log out and back in as a different user.

If you have no other user account, you can create one as a temporary account, just for this purpose, switch to it, do the below steps, log back in as your changed user, and delete the temporary account you've created.

  • To change the username of a logged out user, open a terminal, become root with su, and type the following command
    usermod -l new_name_current_name

    followed by Enter. So for example, if you want to change the john account's username to jane you'd type

    usermod -l jane john

    followed by Enter.

Then you can log in as your new username (e.g. jane)

Back to top

Change display name

A user can change its own display name quite easily with the chfn command.

  • To change your user's display name (the full name), open a terminal, become root via su and type the following command (alternatively you can prefix it with sudo)
    chfn -f "New Name" username

    followed by Enter. So for example, if you want to change the display name of the user john from John Smith to John Taylor, you'd type

    chfn -f "John Taylor" john

    followed by Enter.

The chfn command can be used to change some other information about the user as well. To learn more about its options type

chfn --help

into a terminal, then press Enter

There are of course a lot more you can do with an account, but these are the base options a home user might be interested in. For a comprehensive guide to what you can do with the usermod command and how, check out this Tecmint article

Back to top

Removing a user

Removing a user is a lot more straightforward. You have several options, depending on your preference, or the Desktop Environment you use (and the tools they might provide). As always, the most flexible option is using the command line. You will be using the userdel command.

To remove a user, just open a terminal, become root with su (or prefix the command with sudo) and type

useredel username_to_remove

followed by Enter.

Naturally, username_to_remove should be replaced by the literal username you want to remove. So if you want to delete the user john, you'd type

userdel john

followed by Enter.

This would remove the specified user, but leave their home directory, and all their files intact, so you would have to manually remove them later. This is good if you want to review, and probably re-assign a user's files. If you don't care about this, you can use the -r option, which would also remove a user's home directory:

useredel -r username_to_remove

followed by Enter.

so to remove the user john and also the user's home directory, you'd type (as root):

useredel -r john

followed by Enter.

If there are files in a user's directory that were not owned by that user, the above operation might fail. In that case, you can add -f, to force the removal, like this:

userdel -rf username_to_remove

Back to top

Out of the box KDE traditionally offered powerful tools to graphically administer your system, but the latest iterations of the desktop environment (more precisely since version 5 of Plasma), a lot of the old tools seem to be missing, and no intention of ever bringing them back is apparent. The standard user-settings app is quite limited in scope and capabilities.

The standard user tool

While the command line is always there, and in most cases is probably a better idea, if you are looking for a simple and convenient way to do things the KDE way, you will need to install additional software. Although kuser had been an integral part of KDE 4, and still is probably the most powerful user and group management GUI app ever created for Linux, it is sadly neglected and does not seem to be ported to the new Plasma at all. Fortunately, it's still available to install, and fully functional.

For now, kuser is still functional, and available to install, but this might change in the future. Expect GUI tools for user management to slowly die, as evidenced by both kuser and Gnome System Tools' demise. Command line for the win!

To get kuser, open a terminal, gain root privileges with su, and type the following command

apt update && apt -y install kuser

followed by Enter

When the installation finishes, return to your normal user, by typing

exit

and pressing Enter.

Or, if you use sudo (mind you need to use it twice):

sudo apt update && sudo apt -y install kuser

followed by Enter.

The graphical user management tool needs to run as root. Generally speaking it is not the best of ideas to run graphical tools as root, but fortunately, Linux still allows us to screw up our system in a visual manner if we like. You have two options here, depending on how root access is configured.

  • If you have installed sudo and added your user to the sudo group, type into a terminal (as a normal user)

    kdesudo kuser

    then press Enter. Type your user password into the pop-up prompt, and press Enter again.

  • If you access the root account via su, type
    /usr/lib/kde4/libexec/kdesu kuser

    as a normal user, and press Enter. Type your root password into the pop-up prompt, and press Enter gain.

kuser in action

You might have noticed that kdesudo is a lot simpler than kdesu. This is because kdesudo is supposedly replacing kdesu for good, but the transition is not smooth. As of today, things are a little inconsistent in Debian. kdesudo needs the user to be in the sudo group, but this is not the default behaviour, so it cannot fully replace kdesu, which in turn is no longer properly linked to be used as a command, so you need to use the full path (/usr/lib/kde4/libexec/) to access it.

You will notice that the icons at the top bar will look slightly different than in other KDE apps. That is because this an older app from KDE 4.

From the main screen, you can access a number of things. You can add a new user (1), edit (2), or delete an account (3), manage groups (4), and do so much more.

kuser with numbers

Adding a new user

To add a new user

  • Click Add

  • Type a username into the pop-up prompt. (Not the user's full name, but the login name)

Username prompt

  • Uncheck Account Disabled in the next window, and optionally fill out all the missing user info, give the user a password, set up password expiry on the Password Management tab, and assign the user to groups in the Groups tab (This window can be accessed with the Edit option later.)

New user details

  • Click OK when finished, and the new user account should be created.

Managing users

Messing with user settings can easily render your system unusable, and graphical tools make this just a little too easy to do. Change anything at your own risk, or better yet, don't touch anything unless you're absolutely certain you know what it will do. If you mess stuff up, it's your own fault and/or responsibility.

When you click on a username, the User Properties window will open. Here you can access the same options you've had when adding a new user, minus some specific options, that do not apply.

Edit user details

The Password Management tab will allow you to fine-tune password expiry,

Edit user details 2

...while the Groups tab will allow you to see, or change what groups the user is assigned to

Edit user details 3

Deleting a user

When you delete a user, you are offered to also remove the user's home directory (leave it unchecked, if you want to have access to the user's files later), and its mailbox. On a home system, you will not be using the mailbox anyway, so it makes little difference if you leave it unchecked, but checking it might free up a few bytes of disk space...

Delete user

Out of the box Gnome, or and DEs offer quite limited tools to graphically administer your system (while some might not even have user management tools by default). When present, the standard user-settings app is somewhat limited in scope and capabilities.

The standard user tool

While the command line is always there, and in most cases is probably a better idea, if you are looking for a simple and convenient way to do things the Gnome way, you will need to install additional software. Although it has (had?) been a part of GNOME since version 2.8, gnome-system-tools is not installed by default and does not appear to be actively maintained since about least 2011.

For now, GST is still functional, and available to install, but this might change in the future. Expect GUI tools for user management to slowly die, as evidenced by both GST's and KDEkuser's demise. Command line for the win!

To get GST, open a terminal, gain root privileges with su and type the following command

apt update && apt -y install gnome-system-tools

followed by Enter

When the installation finishes, return to your normal user by typing

exit

and pressing Enter.

Or, if you use sudo (mind you need to use it twice):

sudo apt update && sudo apt -y install gnome-system-tools

followed by Enter.

Then to access the graphical user-management tool, just type

users-admin

and press Enter.

The non-standard user tool

Do not close the terminal window from which you've started the admin tool!

If you want to start the tool without the terminal, you have to open the application menu of your DE and search for Users and Groups

From the main screen, you can access a number of things. You can add a new user (1), delete an account (2), manage group access (3), change display name (4), change the account type (5), change a user's password (6), or access a lot more settings under Advanced Settings (7)

The non-standard user tool with numbers

Most of the options offered here will require administrative privileges. When clicking on e.g. Add, Delete, or Advanced Settings, you will be prompted to provide a password.

Authentication prompt

The password you should give here will depend on your setup. If you have an active root account, you should give the root password. If you have sudo set up for your user, you should give the user password. If you have both, go back to the Configuring Root Access Chapter , and fix this because you should not really have both.

Authentication is time-sensitive. This means that if you do not provide a password soon enough, you will get an error message, and you'll have to start all over.

Adding a user

Adding a user is straightforward.

  • Click the Add button

  • Provide password when prompted

  • Give the user a name (full name, not the username)

  • The username will be pre-populated, based on the name you've specified. You'll also find some more suggestions when clicking on the drop-down button, or you can type one of our own.

Add a user

  • When you click OK, you'll be asked to give a password for the new user you've just created. Passwords must be minimum 5 characters long.

Change password

  • Click OK, and your new user is ready to log in.

Removing a user

  • To remove a user, first select it from the user list on the left-hand side, then click Delete

  • When asked to authenticate. give the appropriate password.

  • You will then be asked what you want to do with the user's files.

    • Keep Files -- will remove the user, but least their files and home directory intact,
    • Don't Remove Account -- will allow you to change our mind (equivalent to a Cancel button in any sane graphical UI), and
    • Delete Files -- will remove the user along with its home directory and all the files in it.

Remove user

  • Select one, and be done with it.

Configuring groups

Unfortunately, the group management is not based on the user account. When you click Manage Groups, all the groups in your system will be listed.

Groups list

Selecting one, and clicking Properties will let you assign a user to that group. It's not very ergonomic and makes it difficult to properly set up a user. (In other words, it makes as little sense as a lot of other things in Gnome 3, so it perfectly fits into the overall setup.)

Change group settings

As an added bonus, you can actually change the group ID here

Modifying a user

Messing with user settings can easily render your system unusable, and graphical tools make this just a little too easy to do. Change anything at your own risk, or better yet, don't touch anything unless you're absolutely certain you know what it will do. If you mess stuff up, it's your own fault and/or responsibility.

  • To change a user's display name, just click the Change... button next to the user's display name, and change the name in the pop-up window. (Yes, it is a button, but this only becomes obvious, when you hover your mouse over it.)
  • You can change the account type from the current Custom to either Administrator or Desktop User by clicking the badly designed text-link-looking button next to it, which also says Change.... The user is fine-tuned in Debian to offer a mixture of privileges, so only change these if you know what you are doing. (It will not be explained here, so if you thought you'd know after reading this bit, you were wrong.) This setting works best for new users when left alone.
  • Changing the user password is as self-explanatory as it gets. You would actually have an option to set-up passwordless login here, by selecting a check-box... but said check-box is greyed out with no apparent way to make it work. By the time you'd figure out how to do this here, you might be able to set up passwordless login elsewhere easier (See the Further reading chapter for more on that.), so best just leave it alone.
  • The Advanced Settings option offers some interesting settings after authentication. Here you can fine-tune user privileges (pictured), change the user's main group, shell, contact information, etc. Again, only mess with these settings, if you know what you are doing.

Advanced settings

Gnome System Tools is a collection of system administration utilities that make it easier to administer a GNOME or GTK based system. Besides the user administration front-end, it also includes utilities for administering

  • Date and time
  • Network configuration
  • Runlevels
  • Shared Folders through Samba or NFS

You can learn more (although not a lot more) from the GST official website