System Administration Guide, Volume 1

What Are User Accounts and Groups?

One of the basic system administration tasks is to set up a user account for each user at a site. A typical user account includes the information a user needs to log in and use a system (without having the system's root password). User account information consists of four main components:

Component	Description
User name	A name that a user uses to log in to a system (also known as a login name).
Password	A secret combination of characters that a user must enter with a user name to gain access to a system.
User's home directory	A directory that is usually the user's current directory at login. It typically contains most of the user's files.
User initialization files	Shell scripts that control how the user's working environment is set up when a user logs in to a system.

Also, when you set up a user account, you can add the user to predefined groups of users. A typical use of groups is to set up file and directory access only to users who are part of a group (using the group permissions on a file or directory).

For example, you might have a directory containing top secret files that only a few users should be able to access. You could set up a group called topsecret that include the users working on the top secret project, and you could set up the top secret files with read permission for the topsecret group. That way, only the users in the topsecret group would be able to read the files.

There is also a special type of user account called a role, which is used to give selected users special privileges. See "Role-Based Access Control" in System Administration Guide, Volume 2 for more information.