Accounts: passwd, shadow, groups
How Linux knows who you are.
Linux identifies every user by a number — the UID — and every group by a GID; the names you see are just a friendly mapping. UID 0 is special: it is root, the superuser, who bypasses all permission checks. Everyone else is a normal user, and system services run as their own dedicated low-privilege users (www-data, postgres) so that a compromised service is not a compromised machine. Understanding this account model is understanding who can do what.
$ id # who am I? my UID, GID, and groupsuid=1000(deploy) gid=1000(deploy) groups=1000(deploy),27(sudo),999(docker)$ id rootuid=0(root) gid=0(root) groups=0(root) # UID 0 = the all-powerful superuser$ whoamideploy
passwd and shadow
User accounts live in two files. /etc/passwd lists every account — username, UID, GID, home directory, and login shell — and is world-readable (it holds no secrets). The actual password hashes live in /etc/shadow, which is readable only by root, so ordinary users cannot even see the hashes to attack them. A service account that should never log in has its shell set to /usr/sbin/nologin, which quietly refuses interactive logins.
$ grep deploy /etc/passwddeploy:x:1000:1000:Deploy User:/home/deploy:/bin/bash# │ │ │ │ │ └ login shell# │ │ │ │ └ home directory# │ │ │ └ GID the "x" means the hash is in /etc/shadow# │ │ └ UID$ sudo grep www-data /etc/passwd | cut -d: -f7/usr/sbin/nologin # a service account that cannot log in interactively
Creating and managing accounts
You add users with useradd/adduser, put them in groups with usermod -aG, and remove or lock them when they leave. The security-relevant habits: give each human their own named account (never a shared login), add people to the sudo/wheel group only if they need admin rights, and disable or delete accounts promptly when someone leaves — a lingering active account is a standing way in.