Linux is one of the most widely used open-source operating systems in the world. If you are an administrator and work on a Linux machine that has multiple users and groups. If you want to take more control over all the users, groups, and different types of files and directories.
In this tutorial we are going to discuss the following:
- How to manage multiple users on a Linux machine?
- How to manage multiple groups on a Linux machine?
- How to manage different types of permissions on a Linux machine?
Before we move ahead let’s discuss one key concept — **sudo command.
- sudo stands for “superuser do(mode)“.
- It’s a program for Unix-like computer operating systems that allow users to run programs with security privileges.
- It provides administrative privileges on the same terminal window.
1. Managing multiple users in Linux
- Command to display the current logged in user
~$ whoamiThis command will print the username of the current logged in user on the system on the terminal window.
- Command to log in or switch to other users on the system
~$ su -l user_nameThis command will log in/switch to the other user on the Linux system according to the provided username.
- Command to create a new user on the system
~$ sudo adduser new_user_nameThis command will create and add a new user with the provided username on the Linux system. Apart from it, this command will create a group and a user directory in the root directory with the same name.
After the creation of a new user on the system, we can disable or delete it using the following command:
- Command to disable any user on the system
First log in or switch to the parent user using which the user to be disabled or deleted has been created. Then run the following command on the terminal.
~$ sudo passwd -l user_nameThis command will only disable a particular user on the Linux system i.e. the user directory associated with this user will not be deleted from the root directory.
~$ sudo userdel -r user_nameThis command will entirely delete or remove a particular user from the Linux system i.e. the user directory associated with this user will also be deleted from the root directory.
- Command to enable any user on the system
~$ sudo passwd user_nameThis command will enable any disabled user with the provided username. This command can also be used to change or reset the password of any user with the provided username. This command will ask you to create a new password for the user to grant the system access to the provided username.
2. Managing multiple groups in Linux
- In Linux, a group is a collection of users.
- Groups are used to assign users to a set of permissions, access, or privileges on the Linux system.
- We can add or remove users from a group on the Linux system.
- All the users which are added to a group utilize the privileges, access, or permissions that the group grants them.
- As discussed above with the creation of every new user, a corresponding group with the same name as the username is created by default.
- There are mainly two types of groups one is **Primary and the other one is **Supplementary.
- Every Linux user on a Linux system has one primary group associated with it and one or more Supplementary groups.
Primary Group: The single, default group which is assigned to a Linux user when it is created is known as the “primary group”. Usually, the name of the primary group is the same as the Linux user’s username, although one can change this if he/she wants.
Supplementary Group: One can add a user to other groups apart from the primary group. These other groups to which a user belongs are called supplementary groups.
- Command to create a new group on the system
~$ sudo addgroup new_group_nameThis command will create a new group with the provided group-name.
NOTE: “etc” folder in the root directory contains a file named “group” which contains all the information regarding the groups present in the Linux system.
- Command to delete any group on the system
~$ sudo groupdel group_nameThis command will delete any group with the provided group-name.
- Command to change the primary group of any file/directory on the system
~$ sudo chgrp group_name <file_name> or <directory_name>This command will change the primary group of the provided file-name/directory-name to the provided group-name.
- Command to display all the groups of any user on the system
~$ groups user_name~$ id -nG user_nameBoth of the above commands will print the primary group and supplementary groups of the provided username.
- Command to assign any user to secondary or supplementary group/groups
~$ sudo usermod -a -G group_name user_nameThis command will assign the user with the provided username to the secondary or supplementary group/groups.
- Command to remove any user from the secondary or supplementary group/groups
~$ sudo usermod -G group_name user_name~$ sudo gpasswd -d user_name group_name These commands will remove the specific user with the provided username from the specific group.
~$ sudo usermod -G group1,group2 user_nameThis command will remove the user with the provided username from the multiple provided secondary or supplementary groups keeping it in its primary group and few secondary groups if any.
NOTE: We can also remove any user from the secondary or supplementary groups by manually editing and saving the file “/etc/group” on vi text editor.
3. Managing different types of permissions in Linux
- There are mainly three types of permissions for any file or directory in a Linux system which are read, write, & execute.
- Using the chmod command we can change the permission settings of any file or directory on a Linux system.
- We can use the chmod to change the permission settings of any file/directory in the following two ways:
- Relative: Using certain symbols like {r, w, x, u, o, g, a} we can add or remove certain permissions of any file or directory.
- r -> read
- w -> write
- x -> execute
- u -> user
- g -> group
- o -> others
- a -> all three user, group, and others
- Absolute: In this method or mode we use octal numbers to reset the entire permission settings of any file or directory.
- 0 -> (—) No permissions
- 1 -> (–x) Execute permission only
- 2 -> (-w-) Write permission only
- 3 -> (-wx) Write and execute permissions
- 4 -> (r–) Read permission only
- 5 -> (r-x) Read and execute permissions
- 6 -> (rw-) Read and write permissions
- 7 -> (rwx) Read, write, and execute permissions
- Relative: Using certain symbols like {r, w, x, u, o, g, a} we can add or remove certain permissions of any file or directory.
NOTE: To change the permission settings of any file or directory on a Linux system one must be the superuser or the owner of the file or the directory.
- Command to change the permission settings in relative mode
~$ chmod o-r file_nameThis command takes away the read permission from others.
~$ chmod a+rx file_nameThis command adds read and execute permissions for user, group, and others.
~$ chmod g=rwx file_nameThis command assigns read, write, and execute permissions to group.
- Command to change the permission settings in absolute mode
~$ chmod NNN file_nameHere NNN are the octal values that represent the permissions for the file owner, file group, and others and file_name is the name of the file whose permission is to be changed.
For Example:
~$ chmod 345 file_nameThis command will give write and execute permissions to the file owner, only read permission to the file group, and read and execute permissions to others.
~$ chmod 777 file_nameThis command will give all the read, write, and execute permissions to the file owner, file group, and others.
~$ chmod 420 file_nameThis command will give read permission to the file owner, write permissions to the file group, and no permissions to others.
- Command to change the user or ownership of any file/directory
~$ sudo chown user_name file_name This command will transfer or change the ownership/user of the given file [file_name] to the provided user [user_name].
Also Read Reasons Why Linux Is Getting More Popular In The Past Decade
