How to Fix Login Issues for New Users in Linux

Last updated: September 17, 2024

Reviewed by: Korbin Brown
Baeldung Pro – Linux – NPI EA (cat = Baeldung on Linux)
announcement - icon

Learn through the super-clean Baeldung Pro experience:

>> Membership and Baeldung Pro.

No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.

1. Overview

In Linux, creating a new user is a straightforward process. However, once we create the new user, they might encounter issues logging into their account. Incorrect permissions, misconfiguration, system settings, or missing files can cause these issues.

In this tutorial, we’ll explore how to troubleshoot and fix login issues for new users in Linux.

2. Verify User Account Creation

First, we need to ensure we created the user account correctly. We can verify this by checking the /etc/passwd file. To explain, this file stores information about all users on the system. We’ll use the grep command to filter the file for the specific user:

$ grep '^mark' /etc/passwd

Using the command above, we search for lines in the /etc/passwd file that contain the word mark. If any lines match, we’ll see an entry indicating the user exists:

mark:x:1001:1001::/home/mark:/bin/bash

However, if we don’t get an entry returned, this shows that the user account wasn’t created correctly and we may need to create the user again.

Now, to recreate the user, we’ll use the useradd command:

$ sudo useradd mark

This command creates a new user account named mark.

3. Verify Home Directory and Permissions

The home directory is crucial for a user’s login process. Furthermore, if the home directory doesn’t exist or has incorrect ownership and permissions, the user may be unable to log in.

By default, when we create a new user, their home directory is automatically created under the /home directory with a subdirectory matching the username.

First, let’s verify whether the user’s home directory exists. We’ll use the ls command:

$ ls -ld /home/mark
drwxr-x--- 14 mark mark 4096 Sep  1 20:45 /home/mark

The above command displays details about the /home/mark directory without showing its content. Additionally, the home directory should have read, write, and execute permissions for the user, and be owned by the user and the group associated with that user.

If the home directory doesn’t exist or the permissions are incorrect, we can manually create the directory and set the appropriate permissions and ownership:

$ sudo mkdir /home/mark

The above command creates a new directory named mark within the home directory.

Next, let’s set the correct ownership so the user owns the directory:

$ sudo chown mark:mark /home/mark

Above, we use the chown command to change the ownership of the /home/mark directory to the user mark and the group mark.

Finally, let’s set the appropriate permissions:

$ sudo chmod 755 /home/mark

Here, we use chmod to set the permissions of the /home/mark directory. The permissions allow read, write, and execute permissions for the owner, read and execute permissions for the group, and read and execute permissions for others.

4. Check User Password Status

If the new user has a missing or incorrectly configured password, this can prevent them from logging in. To check if the password for the new user was correctly set, we’ll check the /etc/shadow file. Furthermore, this file should contain an entry for the user with an encrypted password:

$ sudo grep '^mark' /etc/shadow
mark:$y$j9T$nUgFHcVbbROdVG/KG4rEq/$qrHxURqpAOZOc42fQkaIeMD5C0e9livdKsa6/EMwyp4:19967:0:99999:7:::

The above output indicates user mark has a password set. However, if the password field contains !!, the user doesn’t have a password set, which prevents them from logging in.

To fix this, we’ll go ahead and set a password for the user:

$ sudo passwd mark

Using the above command, we set a new password for the user mark.

Furthermore, we can verify that we’ve set the password correctly by trying to switch to the user account using the su command:

$ su - mark

When we switch to the user account without errors, we’ve set the password correctly. If not, we might need to reset the password or check for other issues.

5. Check Account Lock Status

When a new user can’t log in, one issue could be that their user account is locked. Furthermore, this can happen if incorrect login attempts exceed a certain limit or we manually lock the account.

To check the lock status of a user account, we’ll use the passwd command with the -S option:

$ sudo passwd -S mark
mark L 08/30/2024 0 99999 7 -1

In the example above, the value of L in the second field indicates the user account is locked. In addition, a locked account prevents the user from authenticating and accessing the system.

To unlock the account, we’ll use the passwd command with the -u option:

$ sudo passwd -u mark
passwd: password expiry information changed.

The above command unlocks the account for the user mark.

6. Check for Shell Issues

When we log into a Linux system, the shell specified in the user account profile is launched. However, if the shell isn’t available or is improperly configured, the user won’t be able to log in.

To verify the shell assigned to the user, we’ll inspect the /etc/passwd file:

$ grep '^mark' /etc/passwd | cut -d: -f7
/bin/bash

In the example above, we use grep to filter the /etc/passwd file and cut to extract the login shell field for the user mark. Here, the output /bin/bash indicates that the user mark is using the bash shell as their login shell.

However, if the user’s shell is incorrect or unavailable, we’ll need to update it to a valid one. We can change the user’s shell to a valid one using the chsh command:

$ sudo chsh -s /bin/bash mark

The above command changes the login shell for the user mark to Bash.

7. Check Account Expiration

In Linux, we can set an expiration date for user accounts. However, if the account expiration date is in the past, the user won’t be able to log in.

To check whether a specific user’s account has expired, we’ll use the chage command with the -l option:

$ sudo chage -l mark
Last password change					: Jun 01, 2024
Password expires					: never
Password inactive					: never
Account expires						: Sep 01, 2024
Minimum number of days between password change		: 0
Maximum number of days between password change		: 99999
Number of days of warning before password expires	: 7

In this example, we’ll focus on the Account expires field. If it shows a date that has already passed, the account has expired.

To reset the expiration date, let’s use the chage command with the -E option:

$ sudo chage -E -1 mark

The above command modifies the account expiration date to -1. This means the account will never expire.

8. Check Disk Space

A full disk can cause issues on a Linux system, such as preventing users from logging in. When we use up the disk space, the system may be unable to write critical files necessary for the login process.

Let’s use the df command to check the available disk space on our system:

$ df -h
Filesystem      Size  Used Avail Use% Mounted on
tmpfs           383M  2.0M  381M   1% /run
/dev/sda5        73G   58G   12G  84% /
tmpfs           1.9G  109M  1.8G   6% /dev/shm

The above command displays disk usage for all mounted filesystems. If the disk space for the root filesystem / is almost full, we’ll need to free up space by deleting unnecessary files.

9. Conclusion

In this article, we discussed possible issues for a new user that can’t log into their Linux account. Furthermore, we looked at different approaches we can use to troubleshoot the problems and fix them.