Linux User, Group, and Permission Management

Checking the Current User

To check the identity of the currently logged-in user, use the following commands:

whoami  # Shows the username of the current user
who am i  # Shows details of the user who opened the current terminal

Common options for the who command:

• -a: Print all available information.
• -d: Print dead processes.
• -m: Same as am i; shows user info for the current terminal.
• -q: Print the number and names of logged-in users.
• -u: Print login information for current users.
• -r: Print the current runlevel.

Creating a New User

In Linux, two primary commands create users: useradd and adduser.

adduser newname  # Interactive user creation

useradd vs. adduser

Both create users but differ in approach:

• useradd: A low-level command that only creates the user account. You typically need to run passwd newname to set a password before the user can log in.
• adduser: A user-friendly interactive script (common on Debian/Ubuntu and derivatives). It guides you through creating the user, home directory, and setting a password.

Note: A user created with useradd is locked by default until a password is set.

Common adduser options:

adduser [options] login
adduser -D [options]

Options:
  -b, --base-dir BASE_DIR   Base directory for new home directories
  -c, --comment COMMENT     GECOS field (comment) for new account
  -d, --home-dir HOME_DIR   Home directory of the new account
  -D, --defaults            Show or change default useradd configuration
  -e, --expiredate DATE     Account expiration date
  -f, --inactive DAYS       Days after password expires until account is disabled
  -g, --gid GROUP           Name or ID of the primary group
  -G, --groups GROUPS       List of supplementary groups
  -m, --create-home         Create the user's home directory
  -s, --shell SHELL         Login shell of the new account
  -u, --uid UID             User ID of the new account

Deleting a User

Use userdel to delete a user. On CentOS/RHEL, only userdel is typically available; Debian/Ubuntu may also have deluser.

userdel [options] username

Common options:

• -r: Remove the user's home directory and mail spool.
• -f: Force removal even if the user is logged in.

Example to fully delete user newname and home directory:

userdel -r newname

On Debian/Ubuntu, the equivalent is:

deluser --remove-home newname

Changing a User's Password

passwd newname

Modifying User Account Properties

Use usermod to change user attributes like group membership, home directory, or login name.

# Change user's primary group
usermod -g siatstudent newname

# Set user's supplementary groups (replaces existing list)
usermod -G friends,happy,funny newname

Warning: usermod -G without the -a option replaces the user's supplementary groups. To append a group, use -aG.

# Append user to a supplementary group, preserving existing groups
usermod -aG happy newname

Common usermod options:

• -c: Change the user's comment (GECOS field).
• -d: Change the user's home directory.
• -g: Change the primary group.
• -G: Change the list of supplementary groups.
• -a: Used with -G to append groups instead of replacing.
• -s: Change the login shell.
• -L: Lock the user account.
• -U: Unlock the user account.

Viewing User Group Membership

groups newname  # Show all groups the user belongs to

Group Management

Creating a Group

groupadd newgroup

Modifying a Group

groupmod -n newname oldname  # Rename group from oldname to newname

Deleting a Group

groupdel groupname

Viewing File and Group Information

ls -l  # Column 3: owner, Column 4: group
groups  # Groups for the current user
groups username  # Groups for a specific user
cat /etc/group   # All groups on the system

File Permission Management

chmod: Changing File Permissions

Linux file permissions have three levels: Owner, Group, and Others.

chmod [options] mode file...

Common options:

• -R: Recursive, change permissions for directory and contents.
• -v: Verbose output.
• -c: Report only when a change is made.

Permissions can be specified with letters or octal numbers.

Letter Notation

• Who: u (user/owner), g (group), o (others), a (all).
• Operation: + (add), - (remove), = (set exactly).
• Permission: r (read), w (write), x (execute).

Examples:

chmod u+rx file.txt  # Add read & execute for owner
chmod g+r file.txt   # Add read for group
chmod o-r file.txt   # Remove read for others
chmod +x file.txt    # Add execute for all (a+x)
chmod u=rwx,g=r,o=- file.txt  # Set exact permissions
chmod -R 700 /home/newname    # Recursive: rwx------ for owner only

Octal Notation

Three digits represent Owner, Group, and Others. Each digit is the sum of values: r=4, w=2, x=1.

• 7 (4+2+1): rwx
• 6 (4+2): rw-
• 5 (4+1): r-x
• 4: r--
• 0: ---

Example: chmod 755 file.txt gives the owner rwx, and group/others r-x.

Understanding Permission Output

ls -l file.txt might show: -rw-r--r--

• The first character - indicates a regular file (d=directory, l=link).
• The next three triplets rw-, r--, r-- represent:
  • Owner permissions: Read (r), Write (w), No execute (-). Write permission usually implies the ability to delete the file.
  • Group permissions: Read only (r).
  • Others permissions: Read only (r).

chown: Changing File Owner and Group

The chown command changes the owner and/or group of a file or directory.

chown newowner file.txt          # Change owner only
chown newowner:newgroup file.txt # Change owner and group
chown -R root /path/to/directory # Recursively change owner

Common options:

• -R: Recursive.
• -v: Verbose.
• -c: Report changes only.

Note: Typically, only the root user or a user with appropriate privileges can change a file's owner.