{{Header}}
{{title|title=
User Management
}}
{{#seo:
|description=Guide to managing users, including creating new users, assigning permissions, and switching between user accounts in {{project_name_short}}.
|image=User-management12312.jpg
}}
{{passwords_mininav}}
[[File:User-management12312.jpg|thumb]]
{{intro|
This guide provides step-by-step instructions for managing user accounts in {{project_name_short}}, enhancing system security and facilitating multi-user environments.
}}
= Add a New User =
Optional!
To create a new user account named user2
, execute the following command:
Note: Replace user2
with the desired username for the new account.
{{CodeSelect|code=
sudo adduser user2
}}
This command will prompt you to set a password and fill in additional information for the new user. Ensuring each user has a unique account helps maintain system security and organizes user-specific configurations.
= Allow New User to Login to Virtual Console =
Optional!
This step is necessary only if the new user account should have access to the [[Desktop#Virtual_Consoles|Virtual Console]] for direct system interaction without a graphical interface. This can be useful for users that will also be members of the sudo
group for purposes of [[recovery]].
(This is related to security feature [[Dev/Strong_Linux_User_Account_Isolation#Console_Lockdown|Console Lockdown]].)
{{CodeSelect|code=
sudo adduser user2 console
}}
= Allow New User Sudo Access =
Optional!
If you want user2
to perform administrative tasks with elevated privileges, add them to the sudo
group.
See also [[Root|Safely Use Root Commands]] for best practices when executing commands as root.
{{CodeSelect|code=
sudo adduser user2 sudo
}}
Adding user2
to the sudo
group enables them to execute commands with root privileges by prefacing commands with sudo
. Use this responsibly to prevent unintended system changes.
= Switch User =
To switch to the new user account, follow these steps:
Start menu → Log Out
or Switch User
→ login
* '''Username''': user2
* '''Password''': The password set during the creation of user2
.
See also:
* [[Login]]
* [[Root#Substitute_User_.28su.29_Command|Substitute User (su
) Command]]
= User Restrictions =
TODO: document topics not covered yet
* restricted shell (any secure available?)
* libpam-chroot (might be weak?)
* /etc/security/limits.conf
* file system quotas
* snoopy
* Logging off idle users
= Attribution =
{{sdebian
|link=https://www.debian.org/doc/manuals/securing-debian-manual/ch04s11.en.html#user-limits
|text=Limiting resource usage: the limits.conf file
}}
{{sdebian
|link=https://www.debian.org/doc/manuals/securing-debian-manual/ch04s11.en.html#user-restrict
|text=Restricting users's access
}}
{{sdebian
|link=https://www.debian.org/doc/manuals/securing-debian-manual/ch04s11.en.html#idm1440
|text=User auditing
}}
{{sdebian
|link=https://www.debian.org/doc/manuals/securing-debian-manual/ch04s17.en.html
|text=File system limits and control, Using quotas
}}
{{reflist|close=1}}
{{Footer}}
[[Category:Documentation]]