Linux 113: Managing Users and Permissions

byAhmed Kira -
0

Linux 113: Managing Users and Permissions

Managing users and controlling access permissions are foundational tasks for securing and organizing a Linux system. This article covers the essential commands and concepts for creating users, setting permissions, managing groups, and using advanced tools like sudo, umask, and ACLs.

1. Understanding Users and Groups in Linux

  • Users: Each person or service accessing the system.
  • Groups: Collections of users with shared permissions.
  • User IDs (UIDs) and Group IDs (GIDs) uniquely identify users and groups.

View current user:


whoami

List all users:


cat /etc/passwd

List all groups:


cat /etc/group

2. Creating and Managing Users

Create a New User


sudo adduser alice

Set or Change Password


sudo passwd alice

Delete a User


sudo userdel -r alice

3. Creating and Managing Groups

Create a New Group


sudo groupadd developers

Add a User to a Group


sudo usermod -aG developers alice

Change a User’s Primary Group


sudo usermod -g developers alice

List User’s Groups


groups alice

4. File Permissions and Ownership

Every file and directory has:

  • Owner
  • Group
  • Permissions: Read (r), Write (w), Execute (x)

Check Permissions


ls -l

Example output:


-rw-r--r-- 1 alice developers 1234 May 10 09:00 file.txt

Change Ownership


sudo chown bob:developers file.txt

Change Permissions


chmod u+x script.sh   # Add execute for owner
chmod g-w file.txt    # Remove write for group
chmod o+r file.txt    # Add read for others

Numeric Permission Format

SymbolicNumeric
rwx7
rw-6
r--4
---0

Example:


chmod 755 script.sh

5. The sudo Command and Privilege Escalation

  • Grants temporary administrative privileges to a user.

Allow user alice to use sudo:


sudo usermod -aG sudo alice  # Debian/Ubuntu
sudo usermod -aG wheel alice # RHEL/CentOS

Configure permissions with:


sudo visudo

6. Default Permissions and umask

umask sets default file creation permissions.

Check current umask:


umask

Change it temporarily:


umask 027

Set default umask in /etc/profile or ~/.bashrc.

7. Using Access Control Lists (ACLs)

ACLs allow more fine-grained permissions than the standard owner/group/others model.

Install ACL Tools


sudo apt install acl       # Debian/Ubuntu
sudo yum install acl       # RHEL/CentOS

Set ACL Permissions

setfacl -m u:alice:rwx file.txt

View ACLs

getfacl file.txt

8. Disabling User Accounts

Temporarily disable a user:


sudo usermod -L alice

Re-enable:

sudo usermod -U alice

Expire a user account:

sudo usermod -e 2025-12-31 alice

9. Best Practices

  • Avoid using the root account directly.
  • Use groups to simplify permission management.
  • Regularly audit users and permissions.
  • Use sudo and visudo to restrict administrative actions.
  • Apply the principle of least privilege.

10. Conclusion

Proper user and permission management is key to maintaining system security and organization. With the right combination of users, groups, permissions, and tools like sudo and ACLs, you can maintain a secure and well-controlled Linux environment.

Next Steps:

  • Automate user creation with scripts.
  • Integrate Linux user management with LDAP or Active Directory.
  • Monitor user activity using tools like auditd.

Stay tuned for the next article in the series:
Linux 114: Package Management with APT, YUM, and DNF

Post a Comment (0)
Previous Post Next Post

ads