We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6
DevOps Shack
User/Group & Permissions/Ownership
Click Here To Enrol To Batch-6 | DevOps & Cloud DevOps User and Group Management in Linux Linux is a multi-user operating system, allowing multiple users to access the system simultaneously. User and group management is essential for maintaining system security and controlling access to files and resources. Users Types of Users 1. Root User: The root user is the superuser with unrestricted access to the system. The root user's home directory is /root. 2. Regular Users: These are non-privileged users created by the root user or system administrators. Each regular user has a unique username and a home directory located in /home/username. Creating Users To create a new user, use the useradd command followed by the username: sudo useradd john After creating a user, set the password using the passwd command: sudo passwd john User Configuration Files • /etc/passwd: Contains user account information. Each line represents a user. plaintext john:x:1001:1001:John Doe,,,:/home/john:/bin/bash • /etc/shadow: Contains encrypted user passwords and account expiration information. Only readable by the root user. john:$6$abcd1234$abcdefghijklmnopqrstu:/home/john:/bin/bash • /etc/group: Contains group information. developers:x:1002:john Groups Groups allow administrators to manage permissions for multiple users simultaneously. Each user can belong to one or more groups. Creating Groups To create a new group, use the groupadd command: sudo groupadd developers Adding Users to Groups To add a user to a group, use the usermod command: sudo usermod -aG developers john
User and Group Management Commands
• useradd: Adds a new user. sudo useradd username • passwd: Sets or changes a user's password. sudo passwd username • usermod: Modifies a user account. The -aG option adds the user to a group. sudo usermod -aG groupname username • groupadd: Adds a new group. sudo groupadd groupname • groups: Displays the groups a user belongs to. groups username • deluser: Deletes a user. sudo deluser username • delgroup: Deletes a group. sudo delgroup groupname Permissions and Ownership Linux uses a permission model to control access to files and directories. Each file and directory has an owner, a group, and permissions set for the owner, group, and others. File Ownership • Owner: The user who owns the file. • Group: The group that owns the file. To change file ownership, use the chown command: sudo chown user:group filename File Permissions Permissions are represented by a string of characters and divided into three groups: owner, group, and others. plaintext Copy code -rwxr-xr-- • The first character indicates the file type (- for a regular file, d for a directory). • The next three characters represent the owner's permissions. • The following three characters represent the group's permissions. • The last three characters represent the others' permissions. Each set of permissions includes: • r: Read • w: Write • x: Execute Changing File Permissions To change file permissions, use the chmod command. Permissions can be set using symbolic or numeric modes. Symbolic Mode: • u: Owner • g: Group • o: Others • a: All (owner, group, and others) • +: Add permission • -: Remove permission • =: Set permission Examples: chmod u+rwx filename # Add read, write, and execute permissions for the owner chmod g-w filename # Remove write permission for the group chmod o=rx filename # Set read and execute permissions for others Numeric Mode: Permissions can also be represented using octal numbers: • r=4 • w=2 • x=1 Examples: chmod 755 filename # Sets rwxr-xr-x (owner: rwx, group: r-x, others: r-x) chmod 644 filename # Sets rw-r--r-- (owner: rw-, group: r--, others: r--) Example Scenarios Scenario 1: Create a New User and Assign to a Group 1. Create a new user named john: sudo useradd john 2. Set the password for john: sudo passwd john 3. Create a new group named developers: sudo groupadd developers 4. Add john to the developers group: sudo usermod -aG developers john 5. Verify that john is a member of the developers group: groups john Scenario 2: Change File Ownership and Permissions 1. Create a file named example.txt: touch example.txt 2. Change the ownership of example.txt to john and the group to developers: sudo chown john:developers example.txt 3. Set the permissions of example.txt to rwxr-xr-- (owner: rwx, group: r-x, others: r--): chmod 754 example.txt 4. Verify the ownership and permissions of example.txt: ls -l example.txt Output: -rwxr-xr-- 1 john developers 0 Aug 6 10:00 example.txt Detailed Example with Commands # Create a new user named alice sudo useradd alice # Set the password for alice sudo passwd alice # Create a new group named engineers sudo groupadd engineers
# Add alice to the engineers group
sudo usermod -aG engineers alice
# Verify that alice is a member of the engineers group
groups alice
# Create a file named project.txt
touch project.txt
# Change the ownership of project.txt to alice and the group to engineers
sudo chown alice:engineers project.txt
# Set the permissions of project.txt to rw-rw-r--
chmod 664 project.txt
# Verify the ownership and permissions of project.txt
ls -l project.txt Output: -rw-rw-r-- 1 alice engineers 0 Aug 6 10:00 project.txt Summary User and group management in Linux allows administrators to control access to system resources securely. The permission and ownership model provides a robust way to manage file access, ensuring that users can only perform actions they are authorized to do. Understanding these concepts and commands is essential for effective system administration.