This article is about users, groups and permissions in Linux. Post reading of this article, you will be able to:
- Manage users and groups
- Change permissions on files and folders for users, groups and others
Index
Managing Users and Groups
First, you will learn about the process of logging in and logging out of the Linux system. Although you may be the only user on your Linux system, you should know about user accounts and managing users. As you should have your own account (other than root) for your daily routines, you should know how to establish a user account. If your system allows access to other users, you should be able to create user accounts for every one who wants access.
Logging In
To begin your journey in the world of Linux, you must log in. By logging, you are basically introducing yourself to the system. To log in, you should enter a name, followed by a password.
The text mode login will appear as shown below:
- Red Hat Linux release 7.0
- Kernel 2.xx on an i686
- localhost login:root
- Password:yourrootpassword
The graphical mode login screen will appear as follows:
If you log in as root user, you must type the user login name and the password. The system authenticates the password and presents the desktop screen from where you can start working with the Red Hat Linux system.
Establishing User Accounts
Red Hat Linux system uses accounts to manage privileges and maintain security. To use the Linux system, you should have an account in the system. This account is known as a user account. All access to the Linux system is through the user account. The system administrator has the privilege to set up an account for each user, except the ‘root’ account. The ‘root’ account is created at the time of installation. Not all accounts are created equal; some accounts have fewer rights to access files or services than others.
Working as 'root'
The ‘root’ account is created at the time of installing Linux. The default name of the ‘root’ user is taken as root.
The ‘root’ is a special user account that is available on every Linux system. This special user has full access to the system.
Note : As the Red Hat Linux system creates the ‘root’ account during installation, some new users are tempted to use only this account for all their activities. This is a bad idea. Since the ‘root’ account is allowed to do anything on the system, you can easily damage your system by mistakenly deleting or modifying sensitive system files.
User Accounts
Every person using your system should have a unique account. By keeping separate accounts for each user, you can have a better idea of who is accessing your system. Every user account has a unique name and a password. The user information in the /etc/passwd is maintained in the following format:
username:password:user ID:group ID:comment:home directory:logincommand
Every entry in the /etc/passwd file comprises seven fields separated by colons. The fields contain the following values in a sequence:
- The username,
- The password,
- The user identification (UID),
- The group identification (GID),
- A comment (usually the user’s real name and other details),
- The home directory (the directory where the user is placed when he /she logs in,
- The login command – The command executed when the user logs in.
useradd - Create new user account
$useradd -d <home Directory> -s <defaultshell> -u <user id> -g <group id> -c <comment> <username>
<home Directory> – users home directory
Example:
/home/user1
<Default shell> – default shell on which user will log in
Example:
/bin/bash
<user id> – user’s unique id number
Example
1001
<group id> – user’s group id
Example
1001
<cmment> – some comment for the user
Example
“local user”
Example:
useradd -d /home/user1 -s /bin/bash -u 1001 -g 1001 -c “local user” user1
usermod - Modify user account
$usermod -d <home Directory> -s <default shell> -u
<user id> -g <group id> -c <comment> <username>
<home Directory> – change users home directory
Example:
/home/user2
<Default shell> – change default shell on which user will log in
Example:
/bin/csh
<user id> – change user’s unique id number
Example:
1002
<group id> – change user’s group id
Example:
1002
<comment> – change comments for the user
Example
“change local user”
Example:
usermod -d /home/user2 -s /bin/csh -u 1002 -g 1002 -c “change local user” user2
Some Useful Commands
cat – Sends file contents to standard output. This is a way to list the contents of short files to the screen. It works well with piping.
Example: cat .bashrc
Description: Sends the contents of the “.bashrc” file to the screen.
cd – Changes the current working directory to /home. The ‘/’ indicates relative to root. No matter what directory you are in when you execute this command, the directory will be changed to “/home”.
Example: cd httpd
Description: Changes the current working directory to httpd, relative to the current location which is “/home”. The full path of the new working directory is “/home/httpd”.
cd .. – Moves to the parent directory of the current directory. This command will make
the current working directory as “/home”.
Cd ~ – Moves to the user’s home directory which is “/home/username”. The ‘~’ indicates the users home directory.
Cp – Copies files from one directory to another.
Example: cp myfile yourfileCopy
Description: The files “myfile” to the file “yourfile” in the current working directory. This command will create the file “yourfile” if it doesn’t exist. It will normally overwrite it without warning if exists.
Example: cp -i myfile yourfile
Description: With the “-i” option, if the file “yourfile” exists, you will be prompted before it is overwritten.
Example: cp -i /data/myfile
Description: Copies the file “/data/myfile” to the current working directory and names it “myfile”. It also prompts before overwriting the file.
Example: cp -dpr srcdir destdirCopy
Description: Copies all files from the directory “srcdir” to the directory “destdir” preserving links (-p option), file attributes (-p option), and copy recursively (-r option). With these options, a directory and all it contents can be copied to another directory.
dd – Disk duplicate. This command converts and copies a file.
Example: dd if=/dev/hdb1 of=/backup/
Description: “if” means input file, “of” means output file.
df – Shows the amount of disk space used on each mounted file system.
less – Allows the user to move page up and down through the file.
Example: less textfile
Description: Displays the contents of textfile.
ln – Creates a symbolic link to a file.
Example: ln -s test symlink
Description: Creates a symbolic link named symlink that points to the file test. Typing “ls -i test symlink” will show that the two files are different with different inodes. Typing “ls -l test symlink” will show that symlink points to the file test.
locate – A fast database driven file locator. This command builds the slocate database, taking several minutes to complete. It must be used before searching for files; however cron runs this command periodically on most systems.
Example: slocate -u whereis
Description: Lists all files whose names contain the string “whereis”.
logout – Logs the current user off the system.
ls – Lists files in the current working directory except those starting with ‘.’ and only shows the file name.
Example: ls -al
Description: Lists all files in the current working directory in long listing format, showing permissions, ownership, size, and time and date stamp.
more – Allows file contents or piped output to be sent to the screen, one page at a time.
Example: more /etc/profile
Description: Lists the contents of the “/etc/profile” file to the screen, one page at a time.
Example: -al |more
Description: Performs a directory listing of all files and pipes the output of the listing through more. If the directory listing is longer than a page, it will be listed one page at a time.
mv – Moves or renames files.
Example: mv -i myfile yourfile
Description: Moves the file from “myfile” to “yourfile”. This effectively changes the name of “myfile” to “yourfile”.
Example: mv -i /data/myfile
Description: Moved the file “myfile” from the directory “/data” to the current working directory.
pwd – Shows the name of the current working directory.
Example: more /etc/profile
Description: Lists the contents of the “/etc/profile” file to the screen, one page at a time.
shutdown – Shuts the system down.
Example: shutdown -h now
Description: Shuts the system down to halt immediately.
Example: shutdown -r now
Description: Shuts the system down immediately, and the system reboots.
whereis – Shows where the binary, source and manual page files are for a command.
Changing Permissions
It is possible to change file permissions, if you wish to grant or remove permissions from some users. You can change file permissions if you are:
- A ‘root’ user,
- The file owner.
You can change the file permissions using the command chmod. Permissions can be changed in two ways:
- Using letters with the chmod command. The letters represent –
- Permissions,
- Different users
- Using numbers that represent permissions, along with the chmod command.
Following is a list of options that can be used with the chmod command:
1. Identities:
a) u: the user who owns the file (the owner),
b) g: the group to which the user belongs
c) o: others (neither the owner nor the owner’s group)
d) a: everyone or all (u, g, and o)
2. Permissions:
a) r: read access
b) w: write access
c) x: execute access
3. Actions:
a) + : grants the permission
b) – : removes the permission
c) = : makes it the only permission
The existing file permissions of the file ‘sneakers.txt’ are as follows:
-rw-rw-r– 1 newuser newuser 150 Mar 19 08:08 sneakers.txt
Note : Another permission symbol is t, for the sticky bit. If a sticky bit is assigned to a file, a user who wants to remove or rename that file must own the file, own the directory, have write permission, or be root.
Hope this article will help you to understand the users, groups and permissions in Linux. For useful content related to Linux please click here.