Managing users and permissions in Linux is essential for maintaining system security and controlling access to resources. This guide walks you through the fundamental commands and concepts for creating users, managing groups, and setting file permissions on Linux systems.
How to do it
-
Step 1: Create and manage users
To add a new user to your system, use the
useraddcommand:sudo useradd johnAfter creating the user, set their password with
passwd:sudo passwd johnTo remove a user and their home directory, use
userdelwith the-rflag:sudo userdel -r johnYou can modify user properties like username, home directory, or primary group using the
usermodcommand. -
Step 2: Create and manage groups
Create a new group using
groupadd:sudo groupadd teamAdd a user to a group with
usermodand the-aGflags:sudo usermod -aG team johnCheck which groups a user belongs to:
groups johnRemove a group using
groupdel:sudo groupdel team -
Step 3: Understand and view permissions
Each file and directory in Linux has three sets of permissions for the owner, group, and others: read (
r), write (w), and execute (x).View permissions for a file or directory using
ls -l:ls -l /path/to/file -
Step 4: Change file permissions and ownership
Use
chmodto change permissions. For example, to add execute permission to a script:chmod +x script.shChange the owner and group of a file using
chown:sudo chown john:team file.txtThis changes the owner to user "john" and the group to "team".
-
Step 5: Set default permissions with umask
The
umaskcommand sets the default permissions for new files and directories created by users:umask 022 -
Step 6: Work with special permissions
Linux supports special permissions like Setuid, Setgid, and Sticky Bit that control file and directory behavior. These are represented by
s,S, andtrespectively in permission listings.
Next steps
This guide covers the fundamentals of user and permission management in Linux. As you become more familiar with these concepts, you can explore advanced topics such as ACLs (Access Control Lists) for finer-grained control over file permissions.