๐Ÿง User Management & File Permissions in Linux: A Comprehensive Guide ๐Ÿš€

#Day5ofDevOpsBlog

ยท

4 min read

๐Ÿง User Management & File Permissions in Linux: A Comprehensive Guide ๐Ÿš€

Managing users and groups is a fundamental aspect of Linux system administration. Effective user management ensures the security and efficiency of the system. Lets deep Dive in it !!!


1. User Management Commands ๐Ÿ‘ค

Adding a New User:

sudo useradd <username>

Creates a new user account.

sudo useradd -m <username>

Creates a new user account and also creates a directory with the name of user.

Setting a Password for a User:

sudo passwd <username>

Sets or changes the password for a user.

To see the list of Users:

cat /etc/passwd

Deleting a User:

sudo userdel <username>

Deletes a user account.

Modifying a User:

sudo usermod -option username

Modifies user account attributes, such as the home directory or shell. For exploring options use the command "usermod --help"

Viewing User Information:

id <username>

Displays user ID (UID), group ID (GID), and group memberships.

Switching User :

su <username>

2. Group Management Commands ๐Ÿ‘ฅ

Adding a New Group:

sudo groupadd <groupname>

Creates a new group.

To see all groups:

cat /etc/group

Deleting a Group:

sudo groupdel <groupname>

Deletes a group.

Adding a User to a Group:

sudo usermod -aG groupname username #Here in flag -a G, a is for add user 
                                    # and G is for grp.

Adds a user to a group.

Removing a User from a Group:

sudo gpasswd -d <username> <groupname>

Removes a user from a group.


3. File Ownership and Permissions ๐Ÿ“‚

To list down all permissions of a File or Directory:

ls -ltr

Changing Ownership (chown):

sudo chown owner:group <filename>

Changes the owner and group of a file or directory.

Changing Group (chgrp):

sudo chgrp groupname filename

Changes the group ownership of a file or directory.

Changing Mode (chmod):

chmod <permissions> <username/groupname>

-> Special Permissions: SUID, GUID, and Sticky Bit ๐Ÿ”’

SUID (Set User ID): When the SUID bit is set on an executable file, the file runs with the permissions of the file owner instead of the user executing the file.

sudo chmod u+s filename

GUID (Set Group ID): When the GUID bit is set on a directory, files created within the directory inherit the group of the directory, not the primary group of the user.

sudo chmod g+s directory

Sticky Bit: When the sticky bit is set on a directory, only the file owner, the directory owner, or root can delete or rename files within that directory.

sudo chmod +t directory

Viewing Special Permissions:

ls -l

The output will show s for SUID, s for GUID, and t for the sticky bit in the permission field.


4. Access Control Lists (ACLs) ๐Ÿ“œ

ACLs provide more granular permissions than traditional Unix file permissions.

Viewing ACLs (getfacl):

getfacl filename

Displays the ACL of a file or directory.

Setting ACLs (setfacl):

setfacl -m u:username:rwx filename

Sets the ACL for a user on a file or directory.

Removing ACLs:

setfacl -x u:username filename

Removes the ACL for a user on a file or directory.

Default ACLs:

setfacl -d -m u:username:rwx directory

Sets the default ACL for new files created within a directory.


Examples and Use Cases ๐Ÿ› ๏ธ

  1. Creating a User and Adding to a Group:

     sudo useradd john
     sudo passwd john
     sudo usermod -aG developers john
    
  2. Changing File Ownership and Setting SUID:

     sudo chown root:developers /usr/bin/someprogram
     sudo chmod u+s /usr/bin/someprogram
    
  3. Setting ACLs for a Shared Directory:

     sudo mkdir /shared
     sudo setfacl -m u:john:rwx /shared
     sudo setfacl -m u:jane:rwx /shared
     sudo setfacl -d -m u:john:rwx /shared
     sudo setfacl -d -m u:jane:rwx /shared
    

Conclusion ๐ŸŽ‰

Understanding user and group management in Linux is crucial for maintaining a secure and efficient system. By mastering these commands, you can effectively control access to resources and ensure proper permissions are set for users and files.

๐Ÿ” Happy administering! ๐Ÿง


Feel free to reach out or connect with me if you have any questions or need further clarification on any of these topics.

ย