1. Explain the complete process of creating, modifying, and deleting user accounts. Include commands, files involved, and best practices.
Create user with useradd: useradd -m -s /bin/bash -G sudo,docker -c 'Full Name' username creates user with home directory (-m), bash shell (-s), adds to groups (-G), and sets comment (-c). Set password immediately with passwd username for security. Verify creation with id username showing UID, GID, and groups. Modify users with usermod: usermod -aG newgroup username adds to supplementary group (append, doesn't remove existing), usermod -s /bin/zsh username changes shell, usermod -L username locks account (prevents login), usermod -U username unlocks. Change primary group with usermod -g groupname username. Rename user with usermod -l newname oldname, but manually rename home directory with mv /home/oldname /home/newname. Delete users with userdel: userdel username removes user but leaves home directory and files, userdel -r username removes user and home directory (use caution - data loss). Check for running processes with ps -u username before deletion. Find files owned by deleted users with find / -uid UID -ls, then reassign ownership or delete as appropriate. Best practices: use consistent UID ranges (1000+ for regular users), enforce strong passwords with PAM configuration, lock accounts rather than deleting for users who leave (preserves file ownership), audit user access regularly, document account purposes especially for service accounts, set account expiration dates with chage for temporary accounts, and maintain user provisioning/deprovisioning procedures. Security considerations: disable root SSH login (PermitRootLogin no in sshd_config), require key-based authentication, set password policies (minimum length, complexity, expiration), monitor for unauthorized accounts in /etc/passwd, and regularly review sudo access. Automate user management with configuration management tools like Ansible or Puppet for consistency across multiple systems.