User Account Management

Complete guide for managing user accounts in NazDocker Lab.

👥 User Account Overview

Username Default Password Sudo Access Purpose
admin admin123 ✅ Yes Administrative tasks
user1 user123 ❌ No Regular development
user2 user123 ❌ No Regular development
user3 user123 ❌ No Regular development
user4 user123 ❌ No Regular development
user5 user123 ❌ No Regular development
root root123 ✅ Yes System administration

➕ Adding New Users

# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash

# Add new user
useradd -m -s /bin/bash newuser
echo "newuser:password123" | chpasswd

# Add to sudo group (optional)
usermod -aG sudo newuser

# Create home directory structure
mkdir -p /home/newuser/{Documents,Downloads,Projects}
chown -R newuser:newuser /home/newuser

Method 2: Environment Variables

# Add to .env file
USER_PASSWORD=newpassword123

# Restart container
docker-compose -f docker-compose.ubuntu.yml down && docker-compose -f docker-compose.ubuntu.yml up -d

Method 3: Dockerfile Modification

# Add to Dockerfile.ubuntu
RUN useradd -m -s /bin/bash newuser && \
    echo "newuser:password123" | chpasswd && \
    usermod -aG sudo newuser

➖ Removing Users

# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash

# Remove user and home directory
userdel -r username

# Remove from sudo group (if applicable)
gpasswd -d username sudo

📋 Listing Users

# List all users with shell access
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"

# List users with sudo access
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
getent group sudo
"

# List all users
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cut -d: -f1 /etc/passwd | sort
"

🔐 Password Management

Changing User Passwords

# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash

# Change passwords interactively
passwd admin
passwd user1
passwd user2
# ... etc

Method 2: Environment Variables

# Edit .env file
ADMIN_PASSWORD=newadminpass
USER_PASSWORD=newuserpass
ROOT_PASSWORD=newrootpass

# Restart container
docker-compose -f docker-compose.ubuntu.yml down && docker-compose -f docker-compose.ubuntu.yml up -d

Method 3: Command Line

# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash

# Change passwords non-interactively
echo "admin:newpassword" | chpasswd
echo "user1:newpassword" | chpasswd
# ... etc

🔑 SSH Key Authentication

Method 1: Mount SSH Keys

# In docker-compose.ubuntu.yml
volumes:
  - ~/.ssh/id_rsa.pub:/home/admin/.ssh/authorized_keys:ro
  - ~/.ssh/id_rsa.pub:/home/user1/.ssh/authorized_keys:ro

Method 2: Container Shell

# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash

# Add SSH key for admin
mkdir -p /home/admin/.ssh
echo "your_public_key_here" >> /home/admin/.ssh/authorized_keys
chown -R admin:admin /home/admin/.ssh
chmod 700 /home/admin/.ssh
chmod 600 /home/admin/.ssh/authorized_keys

Method 3: Dockerfile

# In Dockerfile
RUN mkdir -p /home/admin/.ssh && \
    echo "your_public_key_here" >> /home/admin/.ssh/authorized_keys && \
    chown -R admin:admin /home/admin/.ssh && \
    chmod 700 /home/admin/.ssh && \
    chmod 600 /home/admin/.ssh/authorized_keys

🛡️ Security Auditing

# Check for failed login attempts
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
grep 'Failed password' /var/log/auth.log
"

# Check SSH configuration
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/ssh/sshd_config | grep -E '(PasswordAuthentication|PermitRootLogin|PubkeyAuthentication)'
"

# Check user permissions
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
ls -la /home/
"

📁 Home Directory Management

Creating Home Directory Structure

# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash

# Create standard directories for all users
for user in admin user1 user2 user3 user4 user5; do
    mkdir -p /home/$user/{Documents,Downloads,Projects,.ssh}
    chown -R $user:$user /home/$user
    chmod 700 /home/$user/.ssh
done

Managing User Data

# Backup user data (Ubuntu)
tar -czf ubuntu-user-backup-$(date +%Y%m%d).tar.gz data/ubuntu/

# Backup user data (Alpine)
tar -czf alpine-user-backup-$(date +%Y%m%d).tar.gz data/alpine/

# Backup all user data
tar -czf all-user-backup-$(date +%Y%m%d).tar.gz data/

# Restore user data (Ubuntu)
tar -xzf ubuntu-user-backup-20231201.tar.gz

# Restore user data (Alpine)
tar -xzf alpine-user-backup-20231201.tar.gz

# Check disk usage per user
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
du -sh /home/* | sort -hr
"

🔧 User Management Scripts

Multi-Container User Management

#!/bin/bash
# multi-container-user-management.sh

ACTION=$1
USERNAME=$2
CONTAINER_TYPE=$3

case $ACTION in
    "add")
        if [ "$CONTAINER_TYPE" = "alpine" ]; then
            docker-compose -f docker-compose.alpine.yml exec lab-environment-alpine bash -c "
                adduser -D -s /bin/bash $USERNAME
                echo '$USERNAME:password123' | passwd $USERNAME
                echo 'User $USERNAME created in Alpine with password: password123'
            "
        elif [ "$CONTAINER_TYPE" = "ubuntu" ]; then
            docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
                useradd -m -s /bin/bash $USERNAME
                echo '$USERNAME:password123' | chpasswd
                echo 'User $USERNAME created in Ubuntu with password: password123'
            "
        else
            echo "Usage: $0 add <username> {alpine|ubuntu}"
        fi
        ;;
    "remove")
        if [ "$CONTAINER_TYPE" = "alpine" ]; then
            docker-compose -f docker-compose.alpine.yml exec lab-environment-alpine bash -c "
                deluser -r $USERNAME
                echo 'User $USERNAME removed from Alpine'
            "
        elif [ "$CONTAINER_TYPE" = "ubuntu" ]; then
            docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
                userdel -r $USERNAME
                echo 'User $USERNAME removed from Ubuntu'
            "
        else
            echo "Usage: $0 remove <username> {alpine|ubuntu}"
        fi
        ;;
    "list")
        echo "=== Alpine Users ==="
        docker-compose -f docker-compose.alpine.yml exec lab-environment-alpine bash -c "
            cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
        "
        echo ""
        echo "=== Ubuntu Users ==="
        docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
            cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
        "
        ;;
    *)
        echo "Usage: $0 {add|remove|list} [username] [alpine|ubuntu]"
        echo "Examples:"
        echo "  $0 add newuser ubuntu"
        echo "  $0 remove olduser alpine"
        echo "  $0 list"
        ;;
esac

Status Check Script

#!/bin/bash
# user-status.sh

echo "=== User Account Status ==="
echo ""

echo "Users with shell access:"
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"
echo ""

echo "Users with sudo access:"
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
getent group sudo
"
echo ""

echo "Home directory usage:"
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
du -sh /home/* | sort -hr
"

User Management Script

#!/bin/bash
# user-management.sh

ACTION=$1
USERNAME=$2

case $ACTION in
    "add")
        docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
            useradd -m -s /bin/bash $USERNAME
            echo '$USERNAME:password123' | chpasswd
            echo 'User $USERNAME created with password: password123'
        "
        ;;
    "remove")
        docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
            userdel -r $USERNAME
            echo 'User $USERNAME removed'
        "
        ;;
    "list")
        docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
            cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
        "
        ;;
    *)
        echo "Usage: $0 {add|remove|list} [username]"
        ;;
esac