👥 User & Permission Management

Master Linux users, groups, and the powerful permission system

💻 Practice While You Learn!

Click the green 💻 Terminal button in the bottom-right corner to open an interactive terminal. You can practice all the commands on this page in real-time!

  • The terminal stays open as you navigate between pages
  • Try commands immediately after reading about them
  • Use ↑/↓ arrows for command history, Tab for auto-complete

Understanding Linux Permissions

Linux is a multi-user operating system with a robust permission system. Every file and directory has an owner, a group, and a set of permissions that determine who can read, write, or execute it.

File Permissions Overview

{When you run ls -l, you see detailed information about files and directories:}

ls -l

Expected Output:

-rw-r--r-- 1 user user 4096 Dec 03 10:30 README.txt
drwxr-xr-x 2 user user 4096 Dec 03 10:30 documents/

Let's break down what this means:

Permission String Breakdown

The first 10 characters show the type and permissions:

  • 1st character: File type (- = file, d = directory, l = link)
  • 2nd-4th characters: Owner permissions (read, write, execute)
  • 5th-7th characters: Group permissions
  • 8th-10th characters: Others permissions

Permission Types

Understanding r, w, x

  • r (read): View file contents or list directory contents
  • w (write): Modify file or add/remove files in directory
  • x (execute): Run file as program or access directory

Changing Permissions (chmod🔐 chmod - Change File Mode/PermissionsModifies file or directory permissions to control who can read, write, or execute.Symbolic Mode$ chmod u+x script.sh▸ Give owner execute permissionNumeric Mode$ chmod 755 file.txt▸ rwxr-xr-x (owner: rwx, group: r-x, others: r-x)Common Pattern$ chmod 644 document.txt▸ rw-r--r-- (owner: rw, group/others: r))

Using Symbolic Mode

Command: chmod [who][+/-][permissions] filename

  • who: u (user/owner), g (group), o (others), a (all)
  • +/-: Add or remove permissions
  • permissions: r, w, x

Examples:

# Give owner execute permission
touch script.sh
chmod u+x script.sh
ls -l script.sh

# Remove write permission for others
touch document.txt
chmod o-w document.txt
ls -l document.txt

# Add read and execute for everyone
touch public_file.txt
chmod a+rx public_file.txt
ls -l public_file.txt

Using Numeric Mode

Permissions can be represented as numbers:

  • 4: read (r)
  • 2: write (w)
  • 1: execute (x)

Add them up: 7 = 4+2+1 = rwx, 6 = 4+2 = rw-, 5 = 4+1 = r-x

Examples:

# rwx for owner, r-x for group, r-- for others
touch file.txt
chmod 754 file.txt
ls -l file.txt

# rw- for owner and group, r-- for others
touch document.txt
chmod 664 document.txt
ls -l document.txt

# rwx for everyone
touch script.sh
chmod 777 script.sh
ls -l script.sh

⚠️ Security Warning

Be careful with chmod 777! This gives full permissions to everyone and is generally insecure. Only use it when you fully understand the implications.

Changing Ownership (chown👤 chown - Change File Owner and GroupChanges the owner and/or group of files and directories. Usually requires sudo privileges.Change Owner$ chown john file.txt▸ Changes owner to 'john'Change Owner and Group$ chown john:staff file.txt▸ Changes owner to 'john' and group to 'staff'Change Only Group$ chown :developers project/▸ Changes group to 'developers')

Command: chown [owner][:group] filename

Examples:

# Change owner to 'john'
touch file.txt
sudo chown john file.txt
ls -l file.txt

# Change owner to 'john' and group to 'staff'
touch file.txt
sudo chown john:staff file.txt
ls -l file.txt

# Change only the group
sudo groupadd developers
mkdir project
sudo chown :developers project/
ls -ld project/

Note: Requires sudo (superuser) privileges. Only root can change file ownership.

Users and Groups

Viewing User Information

Common Commands

# Show current user
whoami

# Show user ID and groups
id

# List all users (first 10)
cat /etc/passwd | head -10

# List all groups
cat /etc/group

User Management Commands

Common User Operations (require sudo)

  • useradd username - Create a new user
  • usermod -aG groupname username - Add user to group
  • userdel username - Delete a user
  • passwd username - Change user password
  • su - username - Switch to another user
  • sudo command - Execute command as superuser

Group Management

Working with Groups

# Create a new group
sudo groupadd developers

# Add user to group
sudo usermod -aG developers john

# View groups for current user
groups

# View groups for specific user
groups john

Practical Examples

Scenario 1: Making a Script Executable

# Create a script
echo '#!/bin/bash' > myscript.sh
echo 'echo "Hello, World!"' >> myscript.sh

# Make it executable
chmod +x myscript.sh

# Run it
./myscript.sh

Scenario 2: Shared Project Directory

# Create directory for team project
sudo mkdir -p /var/projects/team-app

# Create users alice and bob
sudo useradd -m alice
sudo useradd -m bob

# Create developers group
sudo groupadd developers

# Add users to group
sudo usermod -aG developers alice
sudo usermod -aG developers bob

# Set ownership and permissions
sudo chown :developers /var/projects/team-app
sudo chmod 775 /var/projects/team-app

# Verify the setup
ls -ld /var/projects/team-app
groups alice
groups bob

Scenario 3: Securing Sensitive Files

# Create a file with sensitive data
touch private.key

# Make it readable only by owner
chmod 600 private.key

# Verify permissions
ls -l private.key
# Output: -rw------- 1 user user 0 Dec 03 10:30 private.key

Key Takeaways

  • Every file has an owner, group, and permission set
  • Permissions control read (r), write (w), and execute (x) access
  • chmod changes permissions, chown changes ownership
  • Numeric mode (e.g., 755) is faster, symbolic mode (e.g., u+x) is clearer
  • Groups allow multiple users to share access to files
  • Always be cautious with permissions on sensitive files

Practice Tips

Ready to practice? Head over to the Interactive Terminal to try permission commands!

EN
AR
EN
AR