This is one of the best part of linux, we can grant access for all services, directories, files, and even commands that can be executed for a specific user or group.

User management

• Check who am i

$ whoami

• Check the user id

$ id USERNAME

• Check the group of user

$ groups USERNAME

• Check who is currently logged in

$ w

• Check the last logged in

$ last

• Change user

$ su

• Add a new user

$ useradd USERNAME

• Set password for a user

$ passwd PASSWORD

• Change user name

$ usermod -l USERNAME NEW_USERNAME

• Add a user to a group

$ usermod -a -G GROUPNAME USERNAME

• Change user primary group

$ usermod -g GROUPNAME USERNAME

• Remove user from a group

$ gpasswd -d USERNAME GROUPNAME

• Delete a user

$ userdel -r USERNAME

• Lock a user

$ passwd -l USERNAME

• Unlock a user

$ passwd -u USERNAME

Group management

• Add a new group

$ groupadd GROUPNAME

• Change group name

$ groupmod -n GROUPNAME NEW_GROUPNAME

• Delete a user

$ groupdel GROUPNAME

Permission

After create a user or group, we can grant access for specific user or group.

Permission format :

rwxrwxrwx

First 3 characters are the user permission, next 3 characters are the group permission, and the last 3 are other permission.

• r is for read with value 4
• w is for write with value 2
• x is for execute with value 1
• - is for no permission with value 0

We can also use the value of the characters to define the permission. Simply sum the values of the permissions for each role, and use only 3 numbers to define the permission.

# rwxrwxrwx
777

# rwxr-x-rx
755

# rwx------
700

We can see the files or directories permission by run ls -l.

$ ls -la
drwxrwxrwx 1 root root  96 Jun 11 07:58 directory
-rwxr-xr-x 1 zaki zaki  96 Jun 11 07:58 file.txt

The first column is the permission, the third column is the user, the fourth column is the group name.