In Linux, users and groups are used to control access to resources such as files and directories. Permissions are used to determine which users or groups have access to these resources.
Here are some basic concepts to understand:
- User: A user is an individual who has access to a Linux system. Each user is assigned a unique username and user ID (UID).
- Group: A group is a collection of users. Each group is assigned a unique group name and group ID (GID).
- Permission: A permission is a setting that controls who can access a file or directory, and how they can access it. There are three basic permissions: read (r), write (w), and execute (x).
Now let’s dive deeper into these concepts and how they work together.
Creating Users and Groups: To create a new user, you can use the useradd command. For example, to create a new user named bob, you would type useradd bob in the command line. To create a new group, you can use the groupadd command. For example, to create a new group named dev, you would type groupadd dev.
Assigning Users to Groups: To assign a user to a group, you can use the usermod command. For example, to add bob to the dev group, you would type usermod -a -G dev bob. The -a option tells usermod to add bob to the group without removing him from any other groups, and the -G option specifies the group name.
File Permissions: Every file and directory in Linux has a set of permissions that determine who can access it and how they can access it. The permissions are divided into three categories: owner, group, and others.
The owner of a file or directory is the user who created it. The group is the group that the file or directory belongs to. Others are all users who are not the owner or a member of the group.
The permissions for a file or directory can be displayed using the ls -l command. The output will show the permissions as a string of ten characters, such as -rwxr-xr-x.
The first character indicates the type of file or directory. A dash (-) indicates a regular file, while a d indicates a directory.
The next three characters (rwx) indicate the permissions for the owner of the file or directory. r means read permission, w means write permission, and x means execute permission.
The next three characters (r-x) indicate the permissions for the group. The final three characters (r-x) indicate the permissions for others.
Changing Permissions: To change the permissions of a file or directory, you can use the chmod command. For example, to give the owner of a file read and write permission, you would type chmod u+rw file.txt. The u specifies the owner, and +rw adds read and write permission.
To give the group read permission, you would type chmod g+r file.txt. The g specifies the group, and +r adds read permission.
To remove execute permission for others, you would type chmod o-x file.txt. The o specifies others, and -x removes execute permission.
Here a list of some examples that demonstrate how users, groups, and permissions work together in Linux:
- Creating a new user:
To create a new user named “jane”, you can use the useradd command like this:
sudo useradd jane
This will create a new user with the username “jane” and a unique user ID (UID).
- Creating a new group:
To create a new group named “dev”, you can use the groupadd command like this:
sudo groupadd dev
This will create a new group with the name “dev” and a unique group ID (GID).
- Assigning a user to a group:
To add the user “jane” to the group “dev”, you can use the usermod command like this:
sudo usermod -a -G dev jane
This will add “jane” to the “dev” group, without removing her from any other groups she may belong to.
- Changing permissions for a file:
Let’s say you have a file named “example.txt” and you want to give the owner read, write, and execute permissions, the group read and execute permissions, and others no permissions. You can use the chmod command like this:
sudo chmod 750 example.txt
This will set the permissions to -rwxr-x---, which means the owner has read, write, and execute permissions, the group has read and execute permissions, and others have no permissions.
- Viewing file permissions:
To view the permissions of a file, you can use the ls -l command. For example, if you want to view the permissions of the file “example.txt”, you can type:
ls -l example.txt
This will show you the permissions in the format -rwxr-x---, with the first character indicating the type of file, and the next three groups of three characters indicating the permissions for the owner, group, and others, respectively.