User Account Management
Complete guide for managing user accounts in NazDocker Lab.
👥 User Account Overview
| Username | Default Password | Sudo Access | Purpose |
|---|---|---|---|
admin | admin123 | ✅ Yes | Administrative tasks |
user1 | user123 | ❌ No | Regular development |
user2 | user123 | ❌ No | Regular development |
user3 | user123 | ❌ No | Regular development |
user4 | user123 | ❌ No | Regular development |
user5 | user123 | ❌ No | Regular development |
root | root123 | ✅ Yes | System administration |
➕ Adding New Users
Method 1: Container Shell (Recommended)
# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash
# Add new user
useradd -m -s /bin/bash newuser
echo "newuser:password123" | chpasswd
# Add to sudo group (optional)
usermod -aG sudo newuser
# Create home directory structure
mkdir -p /home/newuser/{Documents,Downloads,Projects}
chown -R newuser:newuser /home/newuser
Method 2: Environment Variables
# Add to .env file
USER_PASSWORD=newpassword123
# Restart container
docker-compose -f docker-compose.ubuntu.yml down && docker-compose -f docker-compose.ubuntu.yml up -d
Method 3: Dockerfile Modification
# Add to Dockerfile.ubuntu
RUN useradd -m -s /bin/bash newuser && \
echo "newuser:password123" | chpasswd && \
usermod -aG sudo newuser
➖ Removing Users
# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash
# Remove user and home directory
userdel -r username
# Remove from sudo group (if applicable)
gpasswd -d username sudo
📋 Listing Users
# List all users with shell access
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"
# List users with sudo access
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
getent group sudo
"
# List all users
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cut -d: -f1 /etc/passwd | sort
"
🔐 Password Management
Changing User Passwords
Method 1: Interactive (Recommended)
# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash
# Change passwords interactively
passwd admin
passwd user1
passwd user2
# ... etc
Method 2: Environment Variables
# Edit .env file
ADMIN_PASSWORD=newadminpass
USER_PASSWORD=newuserpass
ROOT_PASSWORD=newrootpass
# Restart container
docker-compose -f docker-compose.ubuntu.yml down && docker-compose -f docker-compose.ubuntu.yml up -d
Method 3: Command Line
# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash
# Change passwords non-interactively
echo "admin:newpassword" | chpasswd
echo "user1:newpassword" | chpasswd
# ... etc
🔑 SSH Key Authentication
Method 1: Mount SSH Keys
# In docker-compose.ubuntu.yml
volumes:
- ~/.ssh/id_rsa.pub:/home/admin/.ssh/authorized_keys:ro
- ~/.ssh/id_rsa.pub:/home/user1/.ssh/authorized_keys:ro
Method 2: Container Shell
# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash
# Add SSH key for admin
mkdir -p /home/admin/.ssh
echo "your_public_key_here" >> /home/admin/.ssh/authorized_keys
chown -R admin:admin /home/admin/.ssh
chmod 700 /home/admin/.ssh
chmod 600 /home/admin/.ssh/authorized_keys
Method 3: Dockerfile
# In Dockerfile
RUN mkdir -p /home/admin/.ssh && \
echo "your_public_key_here" >> /home/admin/.ssh/authorized_keys && \
chown -R admin:admin /home/admin/.ssh && \
chmod 700 /home/admin/.ssh && \
chmod 600 /home/admin/.ssh/authorized_keys
🛡️ Security Auditing
# Check for failed login attempts
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
grep 'Failed password' /var/log/auth.log
"
# Check SSH configuration
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/ssh/sshd_config | grep -E '(PasswordAuthentication|PermitRootLogin|PubkeyAuthentication)'
"
# Check user permissions
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
ls -la /home/
"
📁 Home Directory Management
Creating Home Directory Structure
# Access container
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash
# Create standard directories for all users
for user in admin user1 user2 user3 user4 user5; do
mkdir -p /home/$user/{Documents,Downloads,Projects,.ssh}
chown -R $user:$user /home/$user
chmod 700 /home/$user/.ssh
done
Managing User Data
# Backup user data (Ubuntu)
tar -czf ubuntu-user-backup-$(date +%Y%m%d).tar.gz data/ubuntu/
# Backup user data (Alpine)
tar -czf alpine-user-backup-$(date +%Y%m%d).tar.gz data/alpine/
# Backup all user data
tar -czf all-user-backup-$(date +%Y%m%d).tar.gz data/
# Restore user data (Ubuntu)
tar -xzf ubuntu-user-backup-20231201.tar.gz
# Restore user data (Alpine)
tar -xzf alpine-user-backup-20231201.tar.gz
# Check disk usage per user
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
du -sh /home/* | sort -hr
"
🔧 User Management Scripts
Multi-Container User Management
#!/bin/bash
# multi-container-user-management.sh
ACTION=$1
USERNAME=$2
CONTAINER_TYPE=$3
case $ACTION in
"add")
if [ "$CONTAINER_TYPE" = "alpine" ]; then
docker-compose -f docker-compose.alpine.yml exec lab-environment-alpine bash -c "
adduser -D -s /bin/bash $USERNAME
echo '$USERNAME:password123' | passwd $USERNAME
echo 'User $USERNAME created in Alpine with password: password123'
"
elif [ "$CONTAINER_TYPE" = "ubuntu" ]; then
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
useradd -m -s /bin/bash $USERNAME
echo '$USERNAME:password123' | chpasswd
echo 'User $USERNAME created in Ubuntu with password: password123'
"
else
echo "Usage: $0 add <username> {alpine|ubuntu}"
fi
;;
"remove")
if [ "$CONTAINER_TYPE" = "alpine" ]; then
docker-compose -f docker-compose.alpine.yml exec lab-environment-alpine bash -c "
deluser -r $USERNAME
echo 'User $USERNAME removed from Alpine'
"
elif [ "$CONTAINER_TYPE" = "ubuntu" ]; then
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
userdel -r $USERNAME
echo 'User $USERNAME removed from Ubuntu'
"
else
echo "Usage: $0 remove <username> {alpine|ubuntu}"
fi
;;
"list")
echo "=== Alpine Users ==="
docker-compose -f docker-compose.alpine.yml exec lab-environment-alpine bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"
echo ""
echo "=== Ubuntu Users ==="
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"
;;
*)
echo "Usage: $0 {add|remove|list} [username] [alpine|ubuntu]"
echo "Examples:"
echo " $0 add newuser ubuntu"
echo " $0 remove olduser alpine"
echo " $0 list"
;;
esac
Status Check Script
#!/bin/bash
# user-status.sh
echo "=== User Account Status ==="
echo ""
echo "Users with shell access:"
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"
echo ""
echo "Users with sudo access:"
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
getent group sudo
"
echo ""
echo "Home directory usage:"
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
du -sh /home/* | sort -hr
"
User Management Script
#!/bin/bash
# user-management.sh
ACTION=$1
USERNAME=$2
case $ACTION in
"add")
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
useradd -m -s /bin/bash $USERNAME
echo '$USERNAME:password123' | chpasswd
echo 'User $USERNAME created with password: password123'
"
;;
"remove")
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
userdel -r $USERNAME
echo 'User $USERNAME removed'
"
;;
"list")
docker-compose -f docker-compose.ubuntu.yml exec lab-environment-ubuntu bash -c "
cat /etc/passwd | grep -E ':(/bin/bash|/bin/sh)$'
"
;;
*)
echo "Usage: $0 {add|remove|list} [username]"
;;
esac
🔗 Related Topics
- Password Management - Detailed password configuration
- SSH Key Setup - SSH key authentication setup
- Environment Variables - User configuration via environment variables
- Security Overview - Security best practices
- Container Management - Managing the container environment