Skip to main content
Hashnodekoderstorykoderstory

Command Palette

Search for a command to run...

👥 Managing Users and Groups on Linux: A Practical Guide

Security matters — and it often starts with something as simple as users and groups.

Updated
4 min read
👥 Managing Users and Groups on Linux: A Practical Guide
K
koderstory

In recent weeks, several high-profile security breaches have made headlines. While we won’t speculate on the technical causes, one thing is clear: mismanaged access and poorly controlled environments are often where real threats begin.

On Linux systems, user and group management is one of the most fundamental — yet overlooked — ways to strengthen security. It’s also essential for collaboration, organization, and scaling multi-user environments like ERP platforms.

In this guide, we’ll walk through essential commands and real-world use cases, including multi-tenant setups, team collaboration, and service isolation — all through the lens of user and group control.

Let’s get started.

🧑‍💻 User Management in Linux

✅ Create a New User

Use: sudo useradd testuser
Creates a user named testuser. However, it doesn’t create a home directory or set a password — it’s a low-level tool.

Use case:
Create a non-login service user to run system-level services like PostgreSQL or background daemons.

🔒 Set a Password

Use: sudo passwd testuser
Assigns a password to allow login for testuser.

Use case:
Secure access for an individual working on the system via SSH or SFTP.

❌ Delete a User

Use: sudo userdel testuser
Removes the user, but does not delete their home directory or files by default.

Use case:
Remove access for a former employee or contractor without removing their data immediately.

⚡ Automate User Creation

Use: sudo adduser testuser
More interactive and user-friendly than useradd. It creates the home directory and prompts for password and user info.

Use case:
Onboarding a new developer or team member with a ready-to-use home directory and shell.

🧹 Delete User and Their Files

Use: sudo deluser --remove-home testuser
Removes the user and deletes their home directory and personal files.

Use case:
Cleanup after a temporary user or intern finishes their assignment.

👥 Group Management in Linux

➕ Create a Group

Use: sudo groupadd urgroup
Creates a new group.

Use case:
Set up a devgroup for developers needing access to shared project directories.

➕ Add a User to a Group

Use: sudo usermod -aG urgroup testuser
Adds testuser to urgroup.

Use case:
Give a developer write access to files managed by the devgroup in /var/www/project.

➖ Remove a User from a Group

Use: sudo gpasswd -d testuser urgroup
Removes testuser from urgroup.

Use case:
Restrict access when a user changes roles or no longer needs specific permissions.

❌ Delete a Group

Use: sudo groupdel urgroup
Deletes the group from the system.

Use case:
Clean up old or temporary groups that are no longer needed.

🔐 Use Cases: Securing Your Linux Server with Users and Groups

Here are practical scenarios where user and group management enhances security and organization.

🔒 1. Limit SSH Access by Group

Modify SSH config in /etc/ssh/sshd_config:
AllowGroups sshusers

Then add users to the group:
sudo usermod -aG sshusers username

Use case:
Restrict SSH login only to authorized sysadmins — everyone else is denied by default.

📁 2. Create a Shared Folder for a Team

bashCopyEditsudo mkdir /srv/project  
sudo chown :devgroup /srv/project  
sudo chmod 2770 /srv/project

Use case:
Team members can collaborate on shared files without exposing them to others.

🏢 3. Isolate Tenants on a Shared Server

In a multi-tenant system, each tenant (client) should have access only to their data.

Steps:

  1. Create a group per tenant:
    sudo groupadd tenant_alpha

  2. Create users for that tenant:
    sudo adduser tenantuser1
    sudo usermod -aG tenant_alpha tenantuser1

  3. Create tenant folder:
    sudo mkdir /srv/tenants/alpha
    sudo chown :tenant_alpha /srv/tenants/alpha
    sudo chmod 2770 /srv/tenants/alpha

Result:
Only users in tenant_alpha can access their folder. Other clients (or tenants) remain completely isolated — perfect for ERP or SaaS setups on shared infrastructure.

🛠 4. Isolate Background Services

Services like PostgreSQL or NGINX run under their own user (e.g., postgres, www-data) with limited access.

Use case:
Minimize risk — if a service is compromised, it cannot affect unrelated files or users.

🧠 Why This Matters

  • Security: Reduce risk by following the principle of least privilege.

  • Efficiency: Save time managing permissions by assigning them to groups instead of individuals.

  • Scalability: Easily support more users and clients as your system grows.

  • Multi-Tenancy: Isolate and protect client data in shared environments like Odoo ERP or hosting setups.

🚀 Final Thoughts

User and group management isn’t just about Linux commands — it’s about building systems that are secure, scalable, and maintainable.

Whether you're hosting applications, managing a shared VPS, or implementing ERP systems like Odoo for multiple clients, this structure lays the groundwork for reliable long-term operations.

Click the link in our bio to see post detail.
We break this down in a full guide with commands and real-world use cases.

Building multi-tenant platforms or hosting ERP on Linux?
Start with strong user and group management.

#koderstory #linuxadmin #serversecurity #multitenant #usergroups #erpdeployment #odooindonesia

#linux

More from this blog

K

koderstory

8 posts

These are stories of our software development