Users, Groups and Permissions in Linux

By Diwanshu Shekhar

- 2 minutes read - 332 words

Users

  • Add a user:

    sudo adduser [username]

  • Delete a user:

    sudo userdel [username]

All user information is stored in a file /etc/passwd

  • Change a password: 
    sudo passwd [username]

Groups

Groups are usually used to change permissions for a group of users as changing permissions individually would be a tedious task.

  • Add a group:

    sudo groupadd [groupname]

  • Delete a group:

    sudo groupdel [groupname]

  • Add a user to a group:

    sudo adduser [username] [groupname]

  • Delete a user from a group:

    sudo deluser [username] [groupname]

All group information is stored in a file /etc/group

Permissions

  • Change permission:

    sudo chmod [three digit number] [file/folder] -R (for recursive in case of folder)

    Now, how to decide the right three digit number:

    4 = read

    2 = write

    1 = execute

    Each digit in the three digit number is the combination of 4, 2 and 1.

    Each digit in the three digit number is applicable to user, group and the world respectively.

    For example, the three digit number 751 will give: read, write and execute permission to the user; read and execute permission to the group; and just execute permission to the world

Note: You can only traverse a directory if you have execute permission on it.  For example: to read or write a file at dir/subdir/fileName, you need to have execute permission on the parent directories dir and subdir.

Ownerships

  • Change user ownership:

    sudo chown -R(for recursive) [username]  [file or folder name]

  • Change group ownership

    sudo chgrp -R(for recursive) [username] [file or folder name]

  • Add an Existing User To A Group

    usermod -a -G examplegroup exampleusername

    For example: to add a user named “user1” to the sudo group -

    usermod -a -G sudo user1

In RedHat Linux, to give sudo access to a user, the best practice is to add the user to the wheel group which has the following setting in the /etc/sudoers file which you can open using sudo visudo:

%wheel  ALL=(ALL)       ALL
View User's Group Information
id username

View User’s Group Information

id username