Author: Madhan Gopalakrishnan | Published on : 11-02-2025
User management and permissions are fundamental concepts in Linux, ensuring system security and controlled access to files and resources. In this guide, we’ll cover user accounts, groups, permissions, and essential commands in a structured and beginner-friendly manner. 🚀
🆔 Understanding Users & Groups
Linux is a multi-user operating system, meaning multiple users can operate simultaneously with different permission levels.
🧑💻 Types of Users
| User Type | Description |
|---|---|
Root User (root) | The superuser with full system control. |
| Regular User | Standard user with limited privileges. |
| System Users | Used by system processes (e.g., www-data, daemon). |
👥 Understanding Groups
Groups allow multiple users to share permissions for specific files or directories.
| Group Type | Description |
| Primary Group | Assigned to a user upon creation (same name as the user). |
| Secondary Group | Additional groups a user can be part of. |
🔑 User Management Commands
🏗️ Creating & Managing Users
| Command | Description |
whoami | Show the current logged-in user. |
who | List all logged-in users. |
id username | Display user ID and group ID. |
adduser username | Create a new user. |
userdel username | Delete a user account. |
usermod -aG groupname username | Add a user to a group. |
passwd username | Change user password. |
su - username | Switch to another user. |
🏷️ Managing Groups
| Command | Description |
groupadd groupname | Create a new group. |
groupdel groupname | Delete a group. |
groups username | Show groups a user belongs to. |
gpasswd -a username groupname | Add user to a group. |
gpasswd -d username groupname | Remove user from a group. |
🔐 Linux File Permissions Explained
Linux follows a permission-based security model, where every file and directory has permissions that determine who can read, write, or execute them.
📜 Understanding Permission Levels
| Symbol | Permission Type | Numeric Value | Description |
r | Read | 4 | View the contents of a file. |
w | Write | 2 | Modify or delete a file. |
x | Execute | 1 | Run the file as a program. |
Permissions are assigned to three categories:
- User (u) – Owner of the file.
- Group (g) – Users in the file’s group.
- Others (o) – Everyone else.
🔍 Checking File Permissions
| Command | Description |
ls -l | List files with detailed permissions. |
stat filename | Show detailed file information. |
Example output:
-rw-r--r-- 1 user group 1234 Jan 1 12:00 file.txtrw-(user) → Read & Writer--(group) → Read-onlyr--(others) → Read-only
🛠️ Changing File Permissions & Ownership
🏗️ Modifying Permissions with chmod
| Command | Description |
chmod 777 file | Grant all permissions to everyone. |
chmod 755 file | Allow owner full access, others read/execute only. |
chmod u+x file | Add execute permission for user. |
chmod g-w file | Remove write permission for group. |
chmod o-r file | Remove read permission for others. |
📌 Numeric Permission Format:
777→ Full access to everyone (rwxrwxrwx)755→ Owner full access, others read & execute (rwxr-xr-x)644→ Owner can read/write, others read-only (rw-r--r--)
👑 Changing Ownership with chown
| Command | Description |
chown user file | Change file ownership to a user. |
chown user:group file | Change file ownership and group. |
chown -R user:group directory | Recursively change ownership for a directory. |
🎯 Changing Group Ownership with chgrp
| Command | Description |
chgrp group file | Change group ownership of a file. |
🛡️ Special Permissions (Advanced)
🔷 SetUID & SetGID
These permissions allow files to be executed with the owner’s or group’s permissions.
| Symbol | Description |
s | SetUID (run file as owner) |
S | SetGID (run file as group) |
t | Sticky Bit (prevents deletion by non-owners) |
| Command | Description |
chmod u+s file | Enable SetUID. |
chmod g+s file | Enable SetGID. |
chmod +t directory | Enable Sticky Bit. |
📌 Example:
/usr/bin/passwduses SetUID so normal users can change their passwords.
🏆 Best Practices for User Management & Security
✅ Always use least privilege principle – grant only necessary access. ✅ Use sudo instead of logging in as root. ✅ Regularly audit users with cat /etc/passwd and groups with cat /etc/group. ✅ Apply strong passwords and disable unused accounts. ✅ Restrict file permissions to prevent unauthorized access.
🎯 Conclusion
Understanding user management and file permissions is key to securing and managing a Linux system efficiently. With these concepts and commands, you can control who can access, modify, and execute files on your system. 🚀
Next Steps:
- Practice these commands in a Linux environment.
- Learn about ACLs (Access Control Lists) for advanced permission management.
- Explore sudoers file to manage administrative privileges.
Happy Learning! 🎉
