Manage Users and Groups

Manage Users and Groups

Use GUI and command-line tools to add, remove, and modify users and groups on the system.

So you have used your Ubuntu desktop for some time, and it has started to attract attention from the other members of your household. They all want in on the action, but you may not necessarily want them to be able to edit your files. The solution is to create new accounts for each person that wants to access your system. That way, everyone will have their own login, password, and home directory to store files. Under Ubuntu, you have a number of options to edit users and groups, both with GUI and command-line tools.

Use the User Administration Tool

Ubuntu provides a GUI tool that makes user and group management relatively easy. Click SystemUsers and Groups to start the user administration tool (Figure). The interface is split into two tabs, the first for users and the second for groups, and has buttons on the right side to add, edit, and delete users and groups. By default, only the users and groups you most likely want to edit are displayed, but you can toggle the "Show all users and groups" checkbox at the bottom of the window to see everything.

Ubuntu user administration tool

To add a new user, click the Add User button. A new window will appear with a number of fields to fill out (Figure). The Username and Password fields are the most crucial to fill out. You can choose a password or you can have Ubuntu generate a random password for you. If you are a more advanced administrator, click on the Advanced tab to change the default group, shell, home directory, and user ID. Ubuntu also provides three user profiles to choose from. The Default profile has no extra privileges; the Desktop profile will give the user access to audio, video, and other peripheral devices; and the Administrator profile will allow the user to become root (despite its name, Default is not the default choice; Desktop is). All of these settings, including user access, can be changed later on; just select a particular user and click Properties. To remove a user, select it and click Delete. Note that none of these changes will be applied until you click OK and close the program.

User Account Editor configuration window

The Groups tab lets you configure group membership on the system. Group membership dictates who can sudo to root (members of the admin group) and who can administer printers, scanners, and other devices. To see the members of a particular group, select it and then click Properties (Figure). You can select new users to add to the group from the list on the left side of the window. To create a new group, click the Add Group button and fill out the fields in the window that appears.

Ubuntu group account editor

Manage Users and Groups from the Command Line

You can also add, change, and remove users and groups with command-line tools. To add a new user to the system, type:

$ sudo adduser 
               
                  username
               
            

You will be prompted for the user's real name, along with other optional information, and, finally, you will be asked to enter the user's password. The adduser script will automatically create the user's home directory and a group for the user. You can change the user ID, default home directory, and shell with the --uid, --home, and --shell options, respectively. Later on, to tweak the user's settings, open the /etc/passwd file with your preferred text editor as root (read "Edit Configuration Files" [Hack #74] for a primer on editing text files from the command line).

If you create a user at the command line, the new user will not be assigned to the correct groups (such as audio) needed for the full desktop experience. You can use sudo to edit the /etc/group file and give the new user the appropriate group memberships, using the first user you created as a guide.

To delete a user, use the deluser command:

$ sudo deluser 
               
                  username
               
            

By default, this will remove only the user from the system, not any of the user's files. To remove the user's home directory and mail spool, add the --remove-home option. To remove all files on the system owned by the user no matter where they are, use the --remove-all-files option.

There are similar command-line commands to add and remove groups from the system. To add a group to the system, use the addgroup command:

$ sudo addgroup 
               
                  groupname
               
            

You can use the --gid option to specify which group ID number to use. All system groups are found in the /etc/group file, so you can edit this file as root if you want to tweak group membership or other settings. If you want to add a current user to a current group, instead of editing /etc/group, you can type:

$ sudo addgroup 
               
                  username
                
               
                  groupname
               
            

To remove a group from the system, use delgroup:

$ sudo 
               delgroup 
               
                  groupname
               
            

Be careful when deleting users or groups, particularly any users or groups you did not explicitly create. Accounts created by Ubuntu when it was installed, or when certain packages were installed, should generally stay as they are. Leave them be unless you know what you are doing.