In Linux, users and groups are used to control access to resources such as files and directories. Permissions are used to determine which users or groups have access to these resources.
Here are some basic concepts to understand:
- User: A user is an individual who has access to a Linux system. Each user is assigned a unique username and user ID (UID).
- Group: A group is a collection of users. Each group is assigned a unique group name and group ID (GID).
- Permission: A permission is a setting that controls who can access a file or directory, and how they can access it. There are three basic permissions: read (r), write (w), and execute (x).
Now let’s dive deeper into these concepts and how they work together.
Creating Users and Groups: To create a new user, you can use the
useradd command. For example, to create a new user named
bob, you would type
useradd bob in the command line. To create a new group, you can use the
groupadd command. For example, to create a new group named
dev, you would type
Assigning Users to Groups: To assign a user to a group, you can use the
usermod command. For example, to add
bob to the
dev group, you would type
usermod -a -G dev bob. The
-a option tells
usermod to add
bob to the group without removing him from any other groups, and the
-G option specifies the group name.
File Permissions: Every file and directory in Linux has a set of permissions that determine who can access it and how they can access it. The permissions are divided into three categories: owner, group, and others.
The owner of a file or directory is the user who created it. The group is the group that the file or directory belongs to. Others are all users who are not the owner or a member of the group.
The permissions for a file or directory can be displayed using the
ls -l command. The output will show the permissions as a string of ten characters, such as
The first character indicates the type of file or directory. A dash (
-) indicates a regular file, while a
d indicates a directory.
The next three characters (
rwx) indicate the permissions for the owner of the file or directory.
r means read permission,
w means write permission, and
x means execute permission.
The next three characters (
r-x) indicate the permissions for the group. The final three characters (
r-x) indicate the permissions for others.
Changing Permissions: To change the permissions of a file or directory, you can use the
chmod command. For example, to give the owner of a file read and write permission, you would type
chmod u+rw file.txt. The
u specifies the owner, and
+rw adds read and write permission.
To give the group read permission, you would type
chmod g+r file.txt. The
g specifies the group, and
+r adds read permission.
To remove execute permission for others, you would type
chmod o-x file.txt. The
o specifies others, and
-x removes execute permission.
Here a list of some examples that demonstrate how users, groups, and permissions work together in Linux:
- Creating a new user:
To create a new user named “jane”, you can use the
useradd command like this:
sudo useradd jane
This will create a new user with the username “jane” and a unique user ID (UID).
- Creating a new group:
To create a new group named “dev”, you can use the
groupadd command like this:
sudo groupadd dev
This will create a new group with the name “dev” and a unique group ID (GID).
- Assigning a user to a group:
To add the user “jane” to the group “dev”, you can use the
usermod command like this:
sudo usermod -a -G dev jane
This will add “jane” to the “dev” group, without removing her from any other groups she may belong to.
- Changing permissions for a file:
Let’s say you have a file named “example.txt” and you want to give the owner read, write, and execute permissions, the group read and execute permissions, and others no permissions. You can use the
chmod command like this:
sudo chmod 750 example.txt
This will set the permissions to
-rwxr-x---, which means the owner has read, write, and execute permissions, the group has read and execute permissions, and others have no permissions.
- Viewing file permissions:
To view the permissions of a file, you can use the
ls -l command. For example, if you want to view the permissions of the file “example.txt”, you can type:
ls -l example.txt
This will show you the permissions in the format
-rwxr-x---, with the first character indicating the type of file, and the next three groups of three characters indicating the permissions for the owner, group, and others, respectively.