Linux > More on USER ID, Password, and Group management

last updated in Categories FAQ, Howto, Linux, UNIX

In order login into Linux system (over ssh or other services ) you need a username and password.
Username and password stored in /etc/passwd and /etc/shadow file respectively. When you supplies password, it encrypts and compare with password stored in /etc/shadow, which is also in, encrypted format (it was stored when you or system administrator registers/updates it). If both are equal, you are in. Once logged in, you become the number to Linux kernel. You can obtain your user id and other information using id command:


$ id
uid=1002(vivek) gid=1002(vivek) groups=1002(vivek), 0(wheel)

=> Username = vivek
=> User numeric id (uid) = 1002

Numbers are uses to represent users and groups in Linux kernel because:
1) Simplified user and group management
2) Security management easy
3) Your UID applied to all files you create

It is always good idea to use the UID more than 1000 for all users for security reason.

Zero UID

The UID number 0 is special and used by the root user. The zero (0) UID enjoys the unrestricted/unlimited access to Linux system. Note that 0 UID assigned to name root; if you wish you can change this (poorly written program may fail) and assign different name.

Similarly, you have group id (GID). It is use by Linux to refer group names. Single user can be member of multiple groups. This result into very good flexibility for access the system and the sharing files. Many UNIX system uses wheel group as power user group. Like the UID value, zero GID value zero enjoys the unrestricted/unlimited access to Linux system.

Some time Linux and other UNIX like (FreeBSD, Solaris etc) uses EUID, RUID, and SUID concept.

The Effective User ID (EUID)

It is use to determine what level of access the current process has. When EUID is zero then the process has unrestricted/unlimited access. Following commands can be used to print Effective User ID under Linux:
$ whoami
$ id -un

The Real User ID (RUID):

It is use to identify who you actually are. Once it is setup by system (usually login program) it cannot be change till your session terminates. You cannot change your RUID. Only root (or person having zero UID) can change the RUID. Use the command id as follows to obtain Real user ID:
$ id –ru

The Saved User ID (SUID):

When new process / executable file such as passwd, started the effective user id that is in force at the time is copied to the saved user id. Because of this feature, you are able to update your own password stored in /etc/shadow file. Off course, executable file must have set-user-id bit on in order to setuid (system call). Before process ending itself it switches back to SUID.

In short,

  • RUID : Identify the real user, normal user cannot change it.
  • EUID : Decides access level, normal user can change it.
  • SUID : Saves the EUID, normal user cannot change it.
  • Real Group ID : Identify the real group
  • Effective Group ID and Supplementary group ID : Decides access level

Note that access level means kernel can determine whether you have access to devices, files etc.


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

19 comment

  1. hi ,

    I have created a user in the system other then root and I want to give it all the properties of can I do it.??????????????

    1. off-course, u may inter your computer,
      for this, u have to take some step.
      1. at first ,before starting booting Linux flavor just press up arrow key
      2.for going interactive mode press e,then 1 and press b
      3.after this u will be on interactive mode then u may change your password,
      #Passwd root
      then ask enter password….
      when u got successfully change your password
      #Init 5 after that you are able to access system.

  2. hlo evrybody
    i wanaa ask u about user &group management
    if any 1 know how can i manage them
    please send it to me at ((
    thank u

  3. I have mistakenly create some zero-long-named groups in my Linux based Nas. How can I access through Windows and delete them?

  4. can you please explain about SUID & SGID including all the command , Bcoz am trying to do from so many days am not able to give permission so please help me out of this

  5. If we want to create User ID in System, How can we assign the same user ID to different User.??????

    please answer me

    thanks in advance

  6. Hello! EveryOne,
    I have also few queries. Please find it below-
    1. Can we change uid of root user?
    2. Can we set a normal user’s uid as 0?
    3. If anyone trying to access my computer, How can I get log-in information of my system on my e-mail or mobile?

    Thanks in advance…

    1. 1. Yes, but why? usermod -ou root
      2. Yes, but why? usermod -ou 0
      3. That will depend on how you have your box set up. Someone could always disconnect your system while using it. A more certain manner though would be to have the time/date, etc spooled for later sending or reading once your home. Do you mean trying to access it remotely or from the console.

  7. Hi I m Kasim
    whenever u create a user or group os assign default user I’d ,group I’d , and others
    you can change the user I’d nd group I’d but u cant change the root user I’d
    remember root userid is 0 and others user start 1 to 499
    limit is 65535

  8. What is the Linux command for this?
    In windowsDOS I enter “Net user ecmadmin /DOMAIN” it returns the following
    The request will be processed at a domain controller for domain
    User name ecmadmin
    Full name ecmadmin
    Comments O: Moore, John (N57498) B: Galper, Michael (C44610)

  9. What is the Linux command for this?
    In windowsDOS I enter “Net user ecmadmin /DOMAIN” it returns the following
    The request will be processed at a domain controller for domain
    User name ecmadmin
    Full name ecmadmin
    Comments O: Moore, John (N57498) B: Galper, Michael (C44610)

    Have a question? Post it on our forum!