Linux is a multiuser and multitasking operating system, ie, multiple users can work on the system simultaneously running several tasks at once. It is therefore, very important that the operating system allows the management and control of users.
Unix based systems organize all this by users and groups, where each user must be identified with a user name and password. During login, the password entered by each user, is encrypted and compared to the encrypted passwords that were previously stored in the system.
Groups are useful for grouping a number of special permissions on the system to a group of users, each user must belong to at least one group. In any system there must be a superuser (root), which will have all the permits and maximum privileges allowing to do any work on the system.
Here are some examples of the most common commands for managing groups, users and their respective permissions.
Users and Groups
groupadd group_name # create a new group groupdel group_name # delete a group groupmod -n new_group_name old_group_name # rename a group useradd user1 # create new user useradd -c full_name -g admin -d /home/user1 -s /bin/bash user1 # create a user user1 belonging to the admin group userdel -r user1 # delete a user and delete the home directory usermod -c “User FTP” -g system -d /ftp/user1 -s /bin/nologin user1 # change user attributes usermod -aG grupo1,grupo2 user1 # add the user1 user to existing groups passwd # change password passwd user1 # change password for user1 chage -E 2011-12-31 user1 # change the date in which a user password expires pwck # check the correct syntax format file /etc/passwd and the existence of users grpck # check the correct syntax format file /etc/group and the existence of groups
Permissions on files
ls -lh # show Permissions ls /tmp | pr -T5 -W$COLUMNS # terminal split into 5 columns chmod ugo+rwx dir1 # set permissions of read (r), write (w) and execute (x) to the owner (u), group (g) and other (o) on the directory dir1 chmod go-rwx dir1 # remove read permission (r), write (w) and execute (x) to the group (g) and others (o) on the directory dir1 chown user1 file1 # change the owner of a file chown -R user1 dir1 # change the owner of a directory and all files and directories contained within chgrp grupo1 file1 # change file group chown user1:grupo1 file1 # change user and group ownership of a file find / -perm -u+s # display all system files with SUID configured chmod u+s /bin/file1 # set the SUID bit on a binary file. The user running this file takes the same privileges as owner chmod u-s /bin/file1 # disable SUID bit on a binary file chmod g+s /home/public # set SGID bit on a directory, similar to SUID but for directory chmod g-s /home/public # disable SGID bit on a directory chmod o+t /home/public # set STIKY bit in a directory. Allows deletion of files only rightful owners chmod o-t /home/public # disable STIKY bit in a directory
Luis Sequeira is an IT professional with experience in cloud environments, quality of service and network traffic analysis, who loves looking for solutions to engineering challenges, share knowledge. At work, the main challenge is to integrate different network and software technologies to provide solution in a wide range of areas, e.g., virtual network functions, machine learning, autonomous driving, robotics and augmented reality.Website: https://www.luissequeira.com