Linux > More on USER ID, Password, and Group management

by on March 23, 2005 · 16 comments· LAST UPDATED January 4, 2007

in , ,

In order login into Linux system (over ssh or other services ) you need a username and password.
Username and password stored in /etc/passwd and /etc/shadow file respectively. When you supplies password, it encrypts and compare with password stored in /etc/shadow, which is also in, encrypted format (it was stored when you or system administrator registers/updates it). If both are equal, you are in. Once logged in, you become the number to Linux kernel. You can obtain your user id and other information using id command:

$ id
uid=1002(vivek) gid=1002(vivek) groups=1002(vivek), 0(wheel)

Where,
=> Username = vivek
=> User numeric id (uid) = 1002

Numbers are uses to represent users and groups in Linux kernel because:
1) Simplified user and group management
2) Security management easy
3) Your UID applied to all files you create

It is always good idea to use the UID more than 1000 for all users for security reason.

Zero UID

The UID number 0 is special and used by the root user. The zero (0) UID enjoys the unrestricted/unlimited access to Linux system. Note that 0 UID assigned to name root; if you wish you can change this (poorly written program may fail) and assign different name.

Similarly, you have group id (GID). It is use by Linux to refer group names. Single user can be member of multiple groups. This result into very good flexibility for access the system and the sharing files. Many UNIX system uses wheel group as power user group. Like the UID value, zero GID value zero enjoys the unrestricted/unlimited access to Linux system.

Some time Linux and other UNIX like (FreeBSD, Solaris etc) uses EUID, RUID, and SUID concept.

The Effective User ID (EUID)

It is use to determine what level of access the current process has. When EUID is zero then the process has unrestricted/unlimited access. Following commands can be used to print Effective User ID under Linux:
$ whoami
$ id -un

The Real User ID (RUID):

It is use to identify who you actually are. Once it is setup by system (usually login program) it cannot be change till your session terminates. You cannot change your RUID. Only root (or person having zero UID) can change the RUID. Use the command id as follows to obtain Real user ID:
$ id –ru

The Saved User ID (SUID):

When new process / executable file such as passwd, started the effective user id that is in force at the time is copied to the saved user id. Because of this feature, you are able to update your own password stored in /etc/shadow file. Off course, executable file must have set-user-id bit on in order to setuid (system call). Before process ending itself it switches back to SUID.

In short,

  • RUID : Identify the real user, normal user cannot change it.
  • EUID : Decides access level, normal user can change it.
  • SUID : Saves the EUID, normal user cannot change it.
  • Real Group ID : Identify the real group
  • Effective Group ID and Supplementary group ID : Decides access level

Note that access level means kernel can determine whether you have access to devices, files etc.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 16 comments… read them below or add one }

1 devil January 31, 2007 at 9:09 pm

hi ,

I have created a user in the system other then root and I want to give it all the properties of root.how can I do it.??????????????

Reply

2 nixCraft February 1, 2007 at 9:58 pm

Devil,

Use as follows in sudo file
username ALL=(ALL) ALL

Reply

3 vipul kania March 23, 2007 at 7:24 am

i forget my fedora password can u tell me how i can find it in proper manner

Reply

4 hong dao September 20, 2007 at 7:51 am

i forget my user name and password, please help me to log-in my computer

Reply

5 sumit chatterjee September 16, 2010 at 11:02 pm

off-course, u may inter your computer,
for this, u have to take some step.
1. at first ,before starting booting Linux flavor just press up arrow key
2.for going interactive mode press e,then 1 and press b
3.after this u will be on interactive mode then u may change your password,
as
#Passwd root
then ask enter password….
when u got successfully change your password
then
#Init 5 after that you are able to access system.

Reply

6 franklindoss September 10, 2008 at 10:03 am

redht linx has permi cmd chmod then why need suid and sgid

Reply

7 salah January 1, 2009 at 2:22 pm

hlo evrybody
i wanaa ask u about user &group management
if any 1 know how can i manage them
please send it to me at ((al_thamdi111@hotmail.com))
thank u

Reply

8 Kiran June 14, 2010 at 10:21 am

Any one can explain me abt set UID GID and sticky and hw it works…the permissions i know

Reply

9 Panos February 9, 2012 at 4:03 pm

I have mistakenly create some zero-long-named groups in my Linux based Nas. How can I access through Windows and delete them?

Reply

10 Manjunath March 11, 2012 at 6:26 am

can you please explain about SUID & SGID including all the command , Bcoz am trying to do from so many days am not able to give permission so please help me out of this

Reply

11 sekar September 28, 2012 at 7:18 am

If we want to create User ID in System, How can we assign the same user ID to different User.??????

please answer me

thanks in advance

Reply

12 sekar September 28, 2012 at 7:19 am

If I am not able to boot my Linux system? What are the Steps to resolve it.

thanks in advance…

Reply

13 rohit badgujar March 13, 2013 at 10:45 am

very good

Reply

14 Reetesh Chauhan April 6, 2014 at 8:34 pm

Hello! EveryOne,
I have also few queries. Please find it below-
1. Can we change uid of root user?
2. Can we set a normal user’s uid as 0?
3. If anyone trying to access my computer, How can I get log-in information of my system on my e-mail or mobile?

Thanks in advance…

Reply

15 WooHoo September 21, 2014 at 5:18 pm

1. Yes, but why? usermod -ou root
2. Yes, but why? usermod -ou 0
3. That will depend on how you have your box set up. Someone could always disconnect your system while using it. A more certain manner though would be to have the time/date, etc spooled for later sending or reading once your home. Do you mean trying to access it remotely or from the console.

Reply

16 ustad kasim November 15, 2014 at 6:42 pm

Hi I m Kasim
whenever u create a user or group os assign default user I’d ,group I’d , and others
you can change the user I’d nd group I’d but u cant change the root user I’d
remember root userid is 0 and others user start 1 to 499
limit is 65535

Reply

Leave a Comment

Previous post:

Next post: