Do you think IIT Guwahati certified course can help you in your career?
Introduction
Hello Ninjas! As we all know, Linux is a multi-user operating system, so it needs a security system to check the access controls of different users. For this purpose, Linux provides a robust user and permission management system.
Let's understand Linux users and permissions as they are crucial for system administrators and everyday users, enabling them to safeguard their data and control access effectively.
Users in Linux
In Linux, users refer to individuals who interact with the operating system and its resources. They are usually involved with file management. There are several types of users in Linux based on their privilege level and applications, like, regular users, root users (or super-users, who can override any permission), system users, service users, etc.
Groups in Linux
In Linux, a group refers to users who share common access rights and permissions to files, directories, and other system resources. Group management is crucial in simplifying permission assignments, resource sharing, and collaborative work on a Linux system.
Classes of Permissions
In Linux, file and directory permissions are categorized into three classes: user, group, and other. These classes define different levels of access rights for different entities interacting with the system.
User
The user permission class refers to the owner of the file or directory. It represents the individual user who created or owns the file. The user class permissions dictate what actions the owner can perform on the file or directory.
Group
The group permission class defines the access rights for the group to which the file or directory belongs. Linux allows multiple users to be part of a group, facilitating efficient permissions management for a set of individuals.
Other
The other permission class encompasses all other users, not the owner or part of the group associated with the file or directory. It represents the rest of the system users who have neither ownership nor group membership. The other permissions specify the access rights for these users.
Viewing Users
Below is the command to view existing users in the Linux system. They are stored in the directory named '/etc/passwd.'
Command
getent passwd
Output
Explanation
Each line consists of the following information
Usernames like root, bin, daemon, etc.
Encrypted password (x) for each user.
Every user is given a unique identifier (UID) (0,1, 2,... in this case).
The group ID (GID) (0,1,2,... in this case).
The General Electric Comprehensive Operating Supervisor (GECOS) field (contains the full name or any other metadata about the user) (root, daemon, bin, etc.).
The home directory of the user (/root, /usr/sbin, /bin, etc.).
The default shell for logging the user (/bin/bash, /usr/sbin/nologin, etc.).
Viewing Groups
To view the existing groups in Linux, we can use the following command. They are stored in the directory named '/etc/groups.'
Command
getent group
Output
Explanation
Each line consists of the following information:
Group names like root, bin, daemon, etc.
Encrypted password (x) for each group.
The group ID (GID) (0,1,2,... in this case).
The users present in the group (Syslog, etc.).
For more information on users and group commands, like, creation, deletion, etc., visit this blog.
File Permissions
There are three types of permissions on a file system in Linux, read, write and execute. They determine the levels of access and control over the files or directories for a user.
Read (r)
It allows a user to view the given file or directory. If it is a file, then the user can view its contents. If it's a directory, then we can view the underlying files.
Write (w)
It allows the user to modify or delete the contents of the given file or directory. If it is a file, then the user can modify and delete its contents. If it's a directory, then we can create, modify and delete the underlying files.
Execute (x)
It allows the user to run the file if it is possible. For example, we can't run a text file or a pdf, but we can run an exe file, etc. The files are run by their respective shell scripts.
To view the permissions on any file or directory, we can use the 'ls -l <filename>' command in the terminal. To view the permissions of all files, just use the 'ls -l' command inside the given directory. For more information on file permissions, visit this blog.
Command
ls -l
Output
Explanation
Each line consists of the following information:
Mode is divided into four parts file type, user permissions, group permissions, and other permissions.
The owner (user) and group are the same if there is no group defined.
Understanding the Mode
The Mode has permissions for each user, group, and others, as well as the file type. There are several types of files in Linux, like, regular files (represented by the '-' hyphen), directories (represented by 'd'), device files (represented by 'b' or 'c'), etc. In the above example, all the files are regular files we created, so they are represented by hyphens.
In the above example, the hyphens in permission classes tell that the given permission is not allowed for the respective entity. Like, for the group, execution is not allowed. Here the user is the owner, and it has all the permissions, i.e., the owner can read (r), write (w) and even execute (x) the file.
Modifying Permissions
In Linux, we can modify the permissions of any file or directory after users and groups have been assigned to them. For this purpose, Linux provides us with the chmod command:
The permission class tells us we are changing permissions for whom, u (for the user), g (for the group), or o (for others).
Linux provides us with three Symbols for changing permissions, (+) for adding permission, (-) for removing permission, and (=) for overriding current permission.
Filename/directory takes the name of the file or directory that is to be modified.
Examples of Modification
Initially, we had two files named testfile1.txt and testfile2.txt. The current permissions are as follows:
Using +, - symbols
We can use the +, - symbols to change the permissions for any class as follows:
Command
chmod u+rwx,o-r testfile1.txt
Output
Explanation
Using the above command, we added the permissions for read, write and execute for the owner and removed the read permissions for the others. '-' means the given permission does not apply. These were modified for testfile1.txt.
Using = symbol
We can use the ‘=’ symbols to override the permissions for any class as follows:
Command
chmod u=rwx,g=r,o=rw testfile1.txt
Output
Explanation
Using the above command, we added the read, write and execute permissions for the owner, applied read permission to the group, and applied the read and write permissions for the others. These were modified for testfile1.txt.
Modifying all the Permissions at Once
We can use the 'a' instead of u, g, and o to override the permissions for any class as follows:
Command
chmod a+rwx testfile2.txt
Output
Explanation
Using the above command, we added all three read, write and execute for all permission classes in testfile2.txt.
The above permissions can also be changed using the octal command for read, write and execute instead of symbols and (r,w,x). For more information, visit this blog.
Frequently Asked Questions
What is 777 permission in Linux?
In Linux, 777 permission refers to the highest level of file permissions, where the owner, group, and other users have read, write, and execute permissions on a file or directory.
What is a super user in Linux?
A super-user in Linux, also known as the root user, has administrative privileges and can perform any operation on the system, including modifying system files and executing privileged commands.
What are the five types of user accounts in Linux?
Five user accounts in Linux are root (super-user), system accounts (used by system services), regular user accounts, guest accounts, and service accounts.
How to assign groups to files in Linux?
To assign groups to files in Linux, you can use the command "chgrp" followed by the group name and the file/directory name. For example, "chgrp <groupname> filename."
How to add users to a group?
To add users to a group in Linux, you can use the command "usermod" with the "-aG" option. For example, "usermod -aG <groupname> username."
Conclusion
In this article, we discussed Linux users and permissions. We saw different classes of permissions and what types of permissions are provided for the files in Linux. By understanding how to create and manage user accounts and configure permissions, we can ensure our data's privacy, security, and integrity.
For more information, read our other related articles:
133+ registered 
