Sunday, September 1, 2024

Linux 101: Part 4 - User and Permission Management in Linux



In the previous parts of our Linux 101 series, we covered the basics of Linux, the file system, and package management. Now, in Part 4, we will focus on user and permission management—essential for maintaining system security and access control.

Understanding Users and Groups

Linux is a multi-user operating system, meaning multiple users can access the system with different permission levels. Users are managed through:

  • User accounts: Each user has a unique ID (UID) and home directory.
  • Groups: A collection of users with shared permissions.
  • Root user: The superuser with full administrative privileges.

Managing Users

1. Adding a New User

To create a new user, use:

sudo adduser username

This command creates a home directory (/home/username) and sets a password.

2. Changing User Password

To update a user's password:

sudo passwd username

3. Deleting a User

To remove a user but keep their files:

sudo deluser username

To remove a user and their home directory:

sudo deluser --remove-home username

Managing Groups

1. Creating a New Group

sudo groupadd groupname

2. Adding a User to a Group

sudo usermod -aG groupname username

3. Viewing User and Group Information

  • Show current user:
    whoami
    
  • Show all users:
    cat /etc/passwd
    
  • Show all groups:
    cat /etc/group
    
  • Show which groups a user belongs to:
    groups username
    

File Permissions

Each file and directory in Linux has permission settings that define who can read, write, and execute it. You can check permissions using:

ls -l

Example output:

-rwxr-xr--  1 user group 4096 Jan 1 12:00 script.sh

Breakdown:

Symbol Meaning
r Read permission
w Write permission
x Execute permission
- No permission

Permissions are divided into three sections:

  1. Owner (user) - First three characters (rwx)
  2. Group - Next three characters (r-x)
  3. Others - Last three characters (r--)

Changing File Permissions

1. Using chmod

To change file permissions, use:

chmod 755 script.sh

Breakdown:

  • 7 (Owner: rwx = Read, Write, Execute)
  • 5 (Group: r-x = Read, Execute)
  • 5 (Others: r-x = Read, Execute)

Alternatively, you can add/remove specific permissions:

  • Add execute permission for owner:
    chmod u+x script.sh
    
  • Remove write permission for group:
    chmod g-w script.sh
    

2. Using chown

Change file ownership with:

sudo chown newowner:newgroup file.txt

3. Using chgrp

Change group ownership:

sudo chgrp newgroup file.txt

Special Permissions: SUID, SGID, and Sticky Bit

  1. SUID (Set User ID) – Allows a file to be executed with the permissions of the file’s owner.
    chmod u+s filename
    
  2. SGID (Set Group ID) – Ensures files created within a directory inherit the group.
    chmod g+s directory
    
  3. Sticky Bit – Ensures only the file owner can delete files in a directory.
    chmod +t directory
    

Conclusion

Understanding user and permission management is essential for securing a Linux system. In the next part, we will cover Networking and Security Essentials in Linux.

Stay tuned for Linux 101: Part 5 – Networking and Security Basics!

0 comments: