User & Groups Security

Published on: 22nd Apr 2014

Updated on: 25th Jun 2024

Overview

Here's the commands that you need to do the basic user and group management.

Which commands to use

• To add user, run the following command and it will create user record and an user directory in /home,

  sudo useradd ftpuser
  

  12.Jan.2023 - alternatively, you may use the high level command call adduser which creates the user home directory, ask for password and the user contact information.

  sudo adduser ftpuser
  

• To set password for the given user (in this case, 'ftpuser'), run the following command and then key in the password,

  sudo passwd ftpuser
  

• To view the user who is connected to server, execute one of the following command,

  who
  w
  users
  

• To view the user groups of the current session in the OS,

  groups
  

• To view all groups in the server,

  sudo cat /etc/group
  

• To add new group,

  sudo groupadd public
  

• To add user to a group,

  sudo usermod -G public -a ftpuser
  

• To check the 'ftpuser' (user ID) belongs to which group,

  id ftpuser
  

• To check my user ID

  whoami
  

• To change the file or directory mode using chmod.

  • Grant the write permission to the user,

    sudo chmod -R u+w my_path
    sudo chmod -R +w my_path
    

    Both the commands has the same effect and '-R' means recursive.

  • Grant the write permission to the group,

    sudo chmod -R g+w my_path
    

  • Grant the write permission to the others,

    sudo chmod -R o+w my_path
    

  • OR grant write permission by combining user (u) and group (g),

    sudo chmod -R ug+w my_path
    

  • Here's the notes in the manual,

    Each MODE is of the form '[ugoa]*([-+=]([rwxXst]*|[ugo]))+|[-+=][0-7]+'.
    

    where

    • 'u' - user.
    • 'g' - group
    • 'o' - other ('the world')
    • 'a' - same as the combination of ugo.
    • 'r' - read permission
    • 'w' - write permission
    • 'x' - execute permission if it a file or allows access if it is a directory. If you remove 'x' from a directory, ls command will return 'Permission denied' error.
    • 'X' - (capital X) is to allows access a directory and it has no effects on any file.
    • 's' - set the execution bits. For example, sudo chmod g+s /home/user1 will set the current ACL to be inherited to the new files.
    • 't' - the sticky bit that restricts the directory content to be managed by the owner or root. For example, a sub directory cretated in /tmp where /tmp may have directory created by many programss.

  Reference: https://ss64.com/bash/chmod.html

Related posts

• For file permission, please refer to File & Directory.

Jump to #UBUNTU blog

Author

Lau Hon Wan, software developer.