Module 4

Users and Groups

 Table of Content
In this section, we will learn:

❑ Linux Users

❑ Linux Groups

❑ File Permissions
 Linux Users

Linux Users

Every user is assigned a unique User ID number (UID).

• Root users are identified by a UID of 0.
• Normal users typically have User IDs (UIDs) greater
than 500.

Users' names and User ID numbers (UIDs) are stored in

the /etc/passwd file.

Users are assigned a home directory and a program that

runs when they log in, usually a shell.

Users cannot read, write, or execute each other's files

without permission.
 Linux Users
User Management
$ useradd USERNAME: adds users to the system.
$ usermod USERNAME: modify user’s attributes.
$ userdel [-r] USERNAME: deletes users.

Authentication information is stored in plain text files, such as: ​

/etc/passwd
/etc/shadow
/etc/group
/etc/gshadow
 Linux Users
Linux Groups
• Users are assigned to groups.

• Each group is assigned a unique Group ID number (GID).

• GIDs are stored in the /etc/group file.

• Each user is given their own secondary/primary group.

• Users can be added to other groups for additional

access.

• All users in a group can share files to which that group

has access.
 Linux Users
Changing File Ownership

• Only the root user can change a file's owner.

• Only the root user or the owner can change a file's group.

• Ownership is changed with “chown”:

• chown [-R] user_name file|directory

• Group ownership is changed with “chgrp”:

• chgrp [-R] group_name file|directory
 Linux Users
Adding Users to a Group

Overriding Secondary Groups:

$ usermod -G GROUP USERNAME

Adding a User to a Group

$ usermod -aG GROUP USERNAME

Viewing User’s Infomation:

$ id yahia
 Linux Users
Changing Identities

Changing User Password:

$ passwd
# passwd USERNAME

Switching to Another User:

$ su [-] USERNAME

The `sudo` command runs a command as root. However, it

requires prior configuration by a root or system
administrator.
 Linux Users
Linux File Security

Every file is owned by a UID and a GID.

Every process runs as a UID and one or more GIDs,

usually determined by who runs the process.

There are three access categories:

• processes running with the same uid as the file
(user),
• processes running with the same gid as the file
(group),
• and all other processes (other).
 Linux Users
Linux File Security

Permission Precedence

• If UID matches, user permissions apply.

• Otherwise, if GID matches, group permissions apply.
• If neither match, other permissions apply.

Permission Types

Four symbols are used when displaying permissions:

• r: permission to read a file or list a directory's contents.

• w: permission to write to a file or create and remove files from a
directory.
• x: permission to execute a program or change into a directory and do a
long listing of the directory.
• -: no permission (in place of the r, w, or x).
 Linux Users
Changing Permissions

Symbolic Method Numeric Method

To change access modes, we use: Uses a three-digit mode number:

chmod [-R] mode file • The first digit specifies the owner's
permissions.
• The second digit specifies group
Where mode is: permissions.
• u, g, or o for user, group, and other. • The third digit represents others'
• + or - for grant or deny. permissions.
• r, w, or x for read, write, and execute.
Permissions are calculated by adding:
Examples: • 4 for read,
❍ $ chmod ugo+r myflile.txt • 2 for write,
❍ $ chmod o-wx myfile.txt
• and 1 for execute.

Example:
$ chmod 640 myfile