Users and rights: Difference between revisions
mNo edit summary |
|||
| Line 33: | Line 33: | ||
|} | |} | ||
= | = Show, add, remove and modify users and groups = | ||
List groups and its users | |||
<syntaxhighlight lang=bash> | |||
getent group groupname1 | |||
</syntaxhighlight> | |||
Format: | |||
groupname1:x:group_id:username1,username2,etc | |||
Disable (lock) the root account: | Disable (lock) the root account: | ||
| Line 47: | Line 55: | ||
Add a user account and home folder, delete user: | Add a user account and home folder, delete user: | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
sudo adduser | sudo adduser username1 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Delete user: | Delete user: | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
sudo deluser | sudo deluser username1 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Lock (l) or unlock (u) a user account: | Lock (l) or unlock (u) a user account: | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
sudo passwd -l | sudo passwd -l username1 | ||
sudo passwd -u | sudo passwd -u username1 | ||
</syntaxhighlight> | |||
Add or delete a group: | |||
<syntaxhighlight lang=bash> | |||
sudo addgroup groupname1 | |||
sudo delgroup groupname1 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Add | Add an existing user to a group: | ||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
sudo | sudo adduser username1 groupname1 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Remove user from a group: | |||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
sudo | sudo deluser username1 groupname1 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 08:27, 29 December 2017
Introduction
Files and directories on the Linux system belong to an owner and a group. You can set read, write and execute permissions on a file or directory for owner, group and others. Users can belong to one or more groups. The command chmod is used to set the permissions, the command chown to change the owner and the command chgrp to change the group.
- https://wiki.archlinux.org/index.php/Users_and_Groups
- https://help.ubuntu.com/lts/serverguide/user-management
- http://www.cyberciti.biz/tips/unix-or-linux-commands-for-changing-user-rights.html
- http://www.cyberciti.biz/faq/how-to-use-chmod-and-chown-command/
- http://www.thinkplexx.com/learn/article/unix/command/chmod-permissions-flags-explained-600-0600-700-777-100-etc
Show ownership and permissions
ls -l /path/to/files/*
Example output:
| Directory | User | Group | Other | Number of links | Owner | Group | Size | Modified date/time | Object name |
|---|---|---|---|---|---|---|---|---|---|
| - | rwx | rw- | r-- | 1 | wilbert | users | 464843 | Apr 6 16:09 | file1.txt |
| - | rwx | rwx | r-- | 1 | wilbert | users | 1398792 | Apr 6 16:09 | file2.sh |
| d | rwx | rw- | r-- | 2 | wilbert | users | 4096 | Apr 17 23:16 | directory |
| - | rwx | rw- | r-- | 2 | wilbert | users | 93 | Apr 17 23:16 | link_to_file1.txt |
Show, add, remove and modify users and groups
List groups and its users
getent group groupname1
Format:
groupname1:x:group_id:username1,username2,etc
Disable (lock) the root account:
sudo passwd -l root
Enable the root account by specifying a password for it:
sudo passwd
Add a user account and home folder, delete user:
sudo adduser username1
Delete user:
sudo deluser username1
Lock (l) or unlock (u) a user account:
sudo passwd -l username1 sudo passwd -u username1
Add or delete a group:
sudo addgroup groupname1 sudo delgroup groupname1
Add an existing user to a group:
sudo adduser username1 groupname1
Remove user from a group:
sudo deluser username1 groupname1
Change permissions on files and directories
Flag method
User/group:
- u user/owner
- g group
- o other
Permissions:
- r read
- w write
- x execute
Options:
- -R full recursive
- + add permission
- - remove permission
Examples:
sudo chmod -R u+rwx /path/to/files sudo chmod -R go-x /path/to/files
Octal method
There are four OCTAL (0..7) digits, which control permissions. Mostly only three are used, for more info on the first digit:
Permissions:
1 = execute (x) 2 = write (w) 4 = read (r)
The octal number is the sum of those free permissions, i.e.
1+2+4 = 7 : can execute, write and read 2+4 = 6 : can write and read
Permissions are set for owner, group and others, depending on the position of the digit:
| who: | owner | group | others | ||||||
|---|---|---|---|---|---|---|---|---|---|
| may: | x | w | r | x | w | r | x | w | r |
| add: | 1 | 2 | 4 | 1 | 2 | 4 | 1 | 2 | 4 |
Examples:
chmod 600 file – owner r,w chmod 700 file – owner r,w,x chmod 777 file – all can r,w,x
Change ownership of files and directories
Note: option -R (recursive) applies the change all files and (sub)directories.
Owner:
sudo chown user /path/to/file_or_dir sudo chown -R user /path/to/dir
Group:
sudo chgrp -R group /path/to/file_or_dir sudo chgrp -R group /path/to/dir
