User accounts are a key concept on Linux. Primarily, they help you manage access control on your system. In addition, they allow multiple users to log in at any given time, and they are critical for the security of a system.
Without user accounts, it would be hard to control who has access to what part of a Linux system. Linux has four main types of user accounts. Here's everything you need to know about them.
A Linux system can have multiple user accounts, therefore, to be able to uniquely identify each account, Linux uses User Identifiers (UIDs) and Group Identifiers (GIDs). The very basis of any user account revolves around its UID.
Furthermore, each user account is associated with a specific group and is therefore assigned a GID. Of course, a user account can belong to several groups.
In addition to having user and group identifiers, every user account has its UID within a specific range that corresponds to the type of account it belongs to.
On Linux, the superuser account is popularly known as the root, the default administrator of your system. Each Linux system must at a minimum have one root user account.
As part of the administrative privileges, the superuser account has unlimited access and control of a system, including other users. This is why you must always set a strong password for the root account.
The superuser account always has the UID 0 and is part of the group ID 0 too.
Unlike other accounts, the superuser has its home directory at the top-level directory, located at /root.
All other users that are later added to a Linux system are known as regular accounts or standard accounts. These types of accounts have limited access and control over the system but can gain administrative rights by using the sudo or su command.
On modern Linux systems, regular users have UIDs with a four-digit number starting from 1000. In fact, the first user account you create on your system will usually have the UID 1000.
By default, regular user accounts have their home directory within the /home directory. If you use the ls command to do a listing of the home directory, you’ll get a good picture of the current users on your system.
Another important attribute of regular accounts is that they have a default shell and on most Linux distros, this is the Bourne Again Shell (Bash). You can change your default shell if you prefer, for example, set it to the Z shell or C shell.
The operating system creates system accounts during its installation. System accounts are used for running operating system components but do not run with superuser privileges.
Most system accounts have their user identifiers in the range of 1 to 99, as a rule of thumb, two digits. In some cases, system accounts have three-digit UIDs between the numbers 500 and 999.
An example of a system account is the Apache web server, which has the UID and GID number 48.
System accounts don't have a dedicated home directory nor do they have a shell, because there is never a need for login in their lifetime.
Last but not least, let's take a look at service accounts. Service accounts are a bit similar to system accounts: they are created whenever a service is installed onto your system.
For example, when you install a SQL server database, the system creates a corresponding account for managing activities related to the SQL server.
Just like system accounts, service accounts don't have a home folder or a default shell. They are assigned /sbin/nologin to refuse logins.
Service accounts usually have a three-digit UID, between 100 and 999.
In some cases, service accounts may have a four-digit UID just like regular accounts.
Some prominent services that you will find on your system include systemd, GNOME Display Manager (GDM), CUPS printing service, etc.
There are four main user account types on Linux, and they are critical for managing users and the overall security of your system.
Since users are a key component of an operating system, every system administrator needs to learn how to manage users on Linux.