Users and rights
Introduction
Files and directories on the Linux system belong to an owner and a group. You can set read, write and execute permissions on a file or directory for owner, group and others. Users can belong to one or more groups. The command chmod is used to set the permissions, the command chown to change the owner and the command chgrp to change the group.
- https://wiki.archlinux.org/index.php/Users_and_Groups
- https://help.ubuntu.com/lts/serverguide/user-management
- http://www.cyberciti.biz/tips/unix-or-linux-commands-for-changing-user-rights.html
- http://www.cyberciti.biz/faq/how-to-use-chmod-and-chown-command/
- http://www.thinkplexx.com/learn/article/unix/command/chmod-permissions-flags-explained-600-0600-700-777-100-etc
Show ownership and permissions
ls -l /path/to/files/*
Example output:
| Directory | User | Group | Other | Number of links | Owner | Group | Size | Modified date/time | Object name |
|---|---|---|---|---|---|---|---|---|---|
| - | rwx | rw- | r-- | 1 | wilbert | users | 464843 | Apr 6 16:09 | file1.txt |
| - | rwx | rwx | r-- | 1 | wilbert | users | 1398792 | Apr 6 16:09 | file2.sh |
| d | rwx | rw- | r-- | 2 | wilbert | users | 4096 | Apr 17 23:16 | directory |
| - | rwx | rw- | r-- | 2 | wilbert | users | 93 | Apr 17 23:16 | link_to_file1.txt |
Add, remove and modify users and groups
Disable (lock) the root account:
sudo passwd -l root
Enable the root account by specifying a password for it:
sudo passwd
Add a user account and home folder, delete user:
sudo adduser username
Delete user:
sudo deluser username
Lock (l) or unlock (u) a user account:
sudo passwd -l username sudo passwd -u username
Add or delete a personalized group:
sudo addgroup groupname sudo delgroup groupname
Add a user to a group:
sudo adduser username groupname
Change permissions on files and directories
flags
User/group:
- u user/owner
- g group
- o other
Permissions:
- r read
- w write
- x execute
Options:
- -R full recurive
- + add permission
- - remove permission
Examples:
sudo chmod -R u+rwx /path/to/files sudo chmod -R go-x /path/to/files
Octal
There are four OCTAL (0..7) digits, which control permissions. Mostly only three are used, for more info on the first digit:
Permissions:
1 = execute (x) 2 = write (w) 4 = read (r)
The octal number is the sum of those free permissions, i.e.
3 (1+2) = can execute and write 6 (2+4) = can write and read
Permissins are set for owner, group and others, depending on the position of the digit:
| 0 | owner | group | others |
|---|---|---|---|
| 0 | x=1 w=2 r=4 | x=1 w=2 r=4 | x=1 w=2 r=4 |
Examples:
chmod 600 file – owner can read and write chmod 700 file – owner can read, write and execute chmod 666 file – all can read and write chmod 777 file – all can read, write and execute
Change ownership of files and directories
Note: option -R applies the change recursively to matching files and directories
Owner:
sudo chown user /path/to/file_or_dir sudo chown -R user /path/to/dir
Group:
sudo chgrp -R group /path/to/file_or_dir sudo chgrp -R group /path/to/dir
