Chapter 4. User, Group and Permission

Managing users, groups, and permissions is a key aspect of administering Linux systems. In this chapter, we’ll cover how to set up and manage users, assign them to appropriate groups, and configure file permissions to control access. Whether you're a beginner or looking to solidify your understanding, this chapter will provide the foundational knowledge necessary for system administration tasks. By the end of this chapter, you’ll be able to effectively manage users and their permissions on your Linux system.

What We Cover in This Chapter

The following topics are covered in this chapter:

What Are User, Group, and Permission in Linux?

In this section, we'll explain the fundamental concepts of users, groups, and permissions in Linux. We’ll look at the differences between the superuser and normal users, how users are grouped together, and how file access is managed based on user status.

Permission (Access Mode) by Owner Status

We’ll cover how file permissions are set based on file ownership. You’ll learn about the three types of users: Owner, Owner Group, and Others, and how their permissions differ when accessing files and directories.

Superuser (Root User) vs. Normal User

This section explains the distinction between the superuser (root) and normal users. It clarifies the permissions and privileges of each type and shows how they affect system operations.

sudo (Run Command with Superuser Privileges)

We will introduce the sudo command, which allows normal users to execute commands with superuser privileges. You will also learn about the configuration of sudoers and the visudo command to manage sudo access.

su (Switch User)

The su command allows users to switch to another user account temporarily. In this section, we’ll explore how the su command works for switching between user accounts, including switching to the superuser account.

useradd (Add User)

The useradd command is used to create a new user, and in this section, we’ll show you how to add users, manage user data, and check the user information stored in the /etc/passwd file.

passwd (Set Password)

We’ll demonstrate how to set up passwords for users using the passwd command. We’ll also show you how to manage user passwords, including resetting, changing, and locking accounts.

userdel (Delete User)

Learn how to safely delete users and their home directories using the userdel command.

Group – Primary Group and Secondary Group

Understanding the roles of Primary and Secondary groups is essential for managing user permissions efficiently. We’ll dive into how groups affect file and directory access.

groupadd (Add Group)

The groupadd command lets you create new groups in the system. We'll explore how to manage groups and check group information using commands like cat /etc/group and grep.

usermod (Modify User Account Information)

The usermod command is used to modify user account details, including adding users to groups and changing user IDs.

gpasswd (Add and Delete Users to Group)

In this section, we’ll show you how to manage group memberships using the gpasswd command to add or remove users from groups.

groupdel (Delete Group)

Learn how to delete unnecessary groups from your system using the groupdel command and understand the implications of removing groups.

chown (Change Owner of File and Directory)

The chown command is used to change the ownership of files and directories. This section demonstrates how to change ownership of individual files as well as entire directories recursively.

chgrp (Change Group of File and Directory)

We’ll explore how to change the group ownership of files and directories using the chgrp command, and when to use the -R option to apply changes recursively.

chmod (Change Access Mode)

Learn how to control file permissions using the chmod command. This section covers both symbolic and numeric methods for changing file access permissions.

chmod Command with Numbers

Here, we'll discuss how to use numeric values (like 755, 644, etc.) to represent file permissions, making it easier to manage permissions for multiple files and directories.

w and who (Check Current User Login Status)

The w and who commands allow system administrators to check the login status of users and view their current activities on the system.

id and groups (Check User ID and Group)

The id and groups commands provide detailed information about a user’s groups and user ID, helping you verify current user settings.

getent (Display User and Group Data)

The getent command can be used to query various databases, including user and group data, allowing you to check user and group information efficiently.

Learn offline for better focus!
A book for this course is available on Amazon.

Linux Visual Guide

Step-By-Step Manual for Complete Beginners to Mastering Linux Basics, Vim Editor, Command Management, Remote Server Operation, and More.

Get the Book Now