DEV Community: Folarin Martins The latest articles on DEV Community by Folarin Martins (@mfolarin). https://dev.to/mfolarin https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F660371%2F1eff4422-84a7-4796-a483-adb42792270d.jpeg DEV Community: Folarin Martins https://dev.to/mfolarin en The Ultimate Guide to User & Permissions Management in GNU/Linux Folarin Martins Sat, 08 Jan 2022 11:37:54 +0000 https://dev.to/mfolarin/the-ultimate-guide-to-user-permissions-management-in-gnulinux-3h63 https://dev.to/mfolarin/the-ultimate-guide-to-user-permissions-management-in-gnulinux-3h63 <p>Create new user<br> <code>sudo adduser newuser</code></p> <p>NOTE: Creating a new user also creates a group by the same name known as the primary group</p> <p>Change user password<br> <code>sudo passwd newuser</code></p> <p>Grant user admin privileges<br> <code>visudo</code><br> with unlimited root access<br> <code>newuser ALL=(ALL) all</code></p> <p>with restricted access<br> <code>Cmnd_Alias ADMIN1PRIVILEDGES = /usr/bin/adduser, /usr/bin/usermod, /usr/bin/addgroup</code><br> <code>newuser ALL=(root) ADMIN1PRIVILEGES</code></p> <p>Change user home directory<br> <code>usermod --home /home/newuser newuser</code></p> <p>Change user shell<br> <code>usermod --shell /bin/sh</code></p> <p>Add descriptive comment to user<br> <code>usermod --comment "Here is a new demo user" newuser</code></p> <p>Add an account expiry date<br> <code>usermod --expiredate 2022-12-31 newuser</code></p> <p>Lock account<br> <code>usermod --lock newuser</code></p> <p>Unlock account<br> <code>usermod --unlock newuser</code></p> <p>Add a password change policy of 60 days<br> <code>change --maxdays 60 newuser</code></p> <p>Delete user account<br> <code>deluser newuser</code></p> <p>Delete user with all files<br> <code>deluser -r newuser</code></p> <p>Create a group<br> <code>addgrop newgroup</code></p> <p>Delete a group<br> <code>delgroup newgroup</code></p> <p>Add a user to a group<br> <code>usermod -aG newgroup newuser</code></p> <p>Remove a user from a group<br> <code>deluser newuser newgroup</code></p> <p>Change file owner to a user<br> <code>chown newuser file1.txt</code></p> <p>Change file group to a group<br> <code>chgrp newgroup file1.txt</code></p> <p>Change file permissions<br> <code>chmod a+rwx file1.txt //give read+write+execute to all</code><br> <code>chmod u+rwx file1.txt //give read+write+execute to owner</code><br> <code>chmod o-w file1.txt //remove write access from others different from file owner and group</code></p> <p>Or, in the octal form:<br> <code>chmod 755 file1.txt //equivalent to u+rwx, g+rx, o+rx</code></p> <p>permission bits | binary | octal<br> --x 001 1<br> -wx 011 3<br> rwx 111 7<br> r-x 101 5<br> rw- 110 6<br> r-- 100 4<br> -w- 010 2</p> <p>To prevent a user from deleting files owned by other users, set the sticky bit on the directory<br> <code>chmod o+t directory1</code></p> <p>To enable others to access the file with the same permission as the owner<br> <code>chmod u+s file1.txt //apply the setuid bit</code></p> <p>To enable others to access the file with the same permission as the group<br> <code>chmod g+s file1.txt //apply the setgid bit</code></p>