Ubuntu is a widely used multi-user operating system, especially in organizations where multiple users access the server simultaneously. Adding users and removing them when needed is one of the crucial tasks of a system administrator. On Ubuntu, a user can be added or removed using the CLI and GUI both. Moreover, the access of a user can also be limited and even blocked temporarily.

In this guide, I will walk you through methods for adding/removing a user on the latest Ubuntu and how to give a new user sudo privileges.

Note: To perform the operations like adding or deleting users, you must be a root user or user with sudo privileges.

Add a User on Ubuntu

To add a new user on Ubuntu, the adduser command is used, which creates users and assigns UIDs, the user’s home directory, and the default login shell.

There are two types of users:

• Normal Users
• System Users

A normal user is an account created by a system admin for a normal human user to perform tasks like using applications, accessing files, and modifying them through sudo privileges. While system users administrate background processes and services.

To add a normal user, use the adduser command with the username.

sudo adduser [username]

For example, to add a user james, replace the [username] with james.

Note: if you are a root user, then you don’t need to use sudo in the commands.

The above command will create a user and a group with the same username. The new user will be added to the group, created with its own username. However, a user can be moved to any group using the usermod command.

Moreover, a home directory will also be created at the path /home/username. The /etc/skel directory plays a crucial role in setting up an environment for the new user. It creates a default skeleton of files and directories for the new user.

Then, you will be asked to set the password for the new user and other information. These details will be placed in the /etc/passwd file.

After adding the required details, a user will be created.

Note that, the UID range of normal users typically starts from 1000 to any number greater than 1000, typically to 60000. The maximum and minimum UIDs are defined in the /etc/login.defs file.

To create a system user, use the –system option with the adduser command and the user’s name.

sudo adduser --system [username]

The UID range of the system users is from 0 to 999.

The above output is from the /etc/passwd files in which users above UID 1000 are system users while normal users, like sam and james are underneath them with UIDs 1000 and 1001 respectively.

By default, the new user will not have any sudo privileges, it can only perform the limited tasks. However, the user can be given sudo privileges by adding it to the sudo group.

Giving Sudo Privileges to a Normal User

If you want to give sudo privileges to the new user, then the usermod command is used with -aG options. The usermod command is used to modify the user’s account. This command essentially moves the user to the sudo group.

sudo usermod -aG sudo [username]

In the above command, the new user is being added to a group called sudo. The -a is used to append the user to a group, and it will always be used with the -G option, which indicates the groups.

As discussed earlier, new users on Ubuntu by default are added to the group created with the same name as the user. However, to make it a superuser, it has to be added to the sudo group.

The above command will not explicitly tell whether a user has been added to the sudo group or not. To verify it, use the groups command with the user’s name.

groups [username]

The groups command prints the groups that the specified user belongs to. If no username is specified after the command, the groups of current users will be printed.

Alternatively, a new user can also be given sudo access by adding it to the /etc/sudoers file with the desired permissions. Open the file using the nano editor and add the following line under the root user line.

[username] ALL=(ALL:ALL) ALL

Save the file to apply the changes.

To test, switch the user using the su [username] command and run any command using sudo.

Delete a User on Ubuntu

To remove a user from Ubuntu, the deluser command is used with the user’s name.

sudo deluser [username]

This command essentially only removes the user without removing the associated data like the home directory and files.

To remove the home directory, use the deluser command with the –-remove-home option.

sudo deluser --remove-home [username]

The –remove-all-files is another option that can be used with the deluser, as it will delete every file, including the home directory associated with the user.

If you have added the user to sudoers through the /etc/sudoers file, remove the added line from the file.

To avoid the accidental removal of the root user, use the –force option.

sudo deluser --force [username]

This option ensures that the user that going to be deleted is not the root user with UID 0.

How to Lock a User

A user on Linux can be locked temporarily using the usermod and the passwd commands. For example, to lock a user, use the usermod command with the -L option and the user’s name.

sudo usermod -L [username]

To verify, use the switch user (su) command with the user’s name.

To unlock the user, use the -U option with the usermod command and the user’s name.

Similarly, the passwd command can also be used to lock a user. To lock a user using the passwd command, use the -l option with the user’s name.

sudo passwd -l [username]

And to unlock a user using the passwd command, use the -u flag.

sudo passwd -u [username]

How to Fix: Unable to Delete a User on Ubuntu

While deleting the user, you may encounter errors; such as being unable to delete the user.

The manual page of the deluser command contains all the error codes. The error code 8 means the that admin requires the perl package to proceed with the desired operation.

If you are still unable to remove the user, then it means that the user is potentially using system processes and resources. To list the process associated with the use ps aux command and grep the user that you want to delete.

ps aux | grep [username]

And kill the process using the kill command and signal -SIGKILL.

sudo kill -SIGKILL [pid]

Note: Restarting the system automatically kills the linked processes of the user. If you don’t want to reboot the system, proceed with the following troubleshooting commands.

In my case, the user (james) is connected to the system with PID 987.

After killing the process or any processes linked to the user, execute the deluser command to delete it from the system.

Conclusion

To add a user on Ubuntu, use the adduser command with a user’s name. A normal user will be added and a group with the same username will be created in which the new user will be moved. However, to add a user to the sudo group, use the usermod command with the -aG option and the user’s name.

To delete the user, the deluser command is used with the user’s name. In some cases, the user does not remove with the deluser command. In that case, restart the system and try to delete the user or troubleshoot whether the user is still using some system processes or not. If it is using a system process, kill the process and proceed with the removing user procedure.