Add permission to users in linux

User Groups and Permissions in Linux

From smartphones to cars, supercomputers and home appliances, home desktops to enterprise servers, the Linux operating system is everywhere.

Introduction

To create a secure environment in Linux, you need to learn about user groups and permissions. For example, if you work in a company and you want the finance department to read a file but not make any modification to it, then you need to use permissions in Linux. It is a must for every programmer working with Linux nowadays.

Prerequisites

To follow along with this tutorial, you should have:

Table of contents

File permissions

Let’s start by talking about the ownership of Linux files.

1. User: the owner of the file (person who created the file).
2. Group: the group can contain multiple users. Therefore, all users in that group will have the same permissions. It makes things easier than assign permission for every user you want.
3. Other: any person has access to that file, that person has neither created the file, nor are they in any group which has access to that file.

When you perform the following command:

Then you will see the file’s permissions, like the following:

We will work with this part “-rw-r–r–”.

As we see above, the empty first part means that it is a file. If it were a directory then it will be the letter “d” instead. The second part means that the user “Home” has read and write permissions but he does not have the execute one. The group and others have only the read permission.

Let’s change the permissions using the chmod command.

This command will add the write permission for other users to my text file “section.txt”.

Now if you try to execute ls -l then you will see -rw-r—rw- .

“o” refers to others, “g” for the group, “u” for the user, and “a” for all.

Now let’s add the execute permission to the user with:

The permissions will be -rwxr—rw- .

If you want to remove the permission, you can use the same method but with “-” instead of “+”. For example, let’s remove the execute permission from the user by:

And the permissions now are: -rw-r—rw- .

Also, you can use Symbolic Mode to modify permissions like the following:

Number	Permission
0	No permission
1	Execute
2	Write
3	Execute and Write
4	Read
5	Read and Execute
6	Read and Write
7	Read, Write and Execute

For example, let’s give every permission for all with:

Then the permissions will be: -rwxrwxrwx .

Let’s remove the execute from the group and the write from other by:

The permissions will be: -rwxrw-r-x .

User accounts

Create a user

We can create a new user account by issuing the following command:

We can make sure that the user has been created in two ways:

And the output will be something like this:

uid=1007(testuser) gid=1009(testuser) groups=1009(testuser) 

This will show the user id and the groups that the user is currently in, usually, a new group with the same username is assigned to the user.

So we can issue cat /etc/passwd and we will see the new user that has been created.

After creating the user using the command above, you notice that no user directories have been created inside /home directory, which is not good since the user cannot log in to his account.

To create a new user with its directories, we can issue:

sudo useradd -m -s /bin/bash testuser 

If you navigate to the /home directory, you notice that a new directory with the name testuser is created.

Afterwards, you need to set a new password to the testuser by:

We noticed that creating a new user takes a lot of commands to accomplish, so there is a command that automates everything:

After creating a new user and setting a password to it, you can log in in two ways:

Delete a user

Like the process of adding users, there are two commands that delete a user.

If you try that command, you will notice that the user directory has not been deleted and you need to delete it by yourself.

You can use this automated command to do everything for you:

sudo deluser --remove-home testuser 

User groups

A group is a collection of users. The primary purpose of the groups is to define a set of privileges like read, write, or execute permission for a given resource that can be shared among the users within the group.

Create a group

You can see all of the groups you have by opening the following file:

Let’s create a group with the name of section by:

Add user to a group

We will add the testuser user to the section group by:

sudo usermod -aG section testuser 

Delete user from a group

You can delete the testuser from the group with:

sudo gpasswd -d testuser section 

Delete a group

Let’s delete the previous group by:

Conclusion

Linux is one of the most secure systems because it allows an admin to create multiple users with different permissions in the same hardware.

And now you know exactly how to do it!✨

Further reading

Peer Review Contributions by: Odhiambo Paul

Источник

How I Give a User Permission to a Folder in Linux

Privacy is an essential part of someone’s life, whether social media or the workplace. It helps protect the personal and professional data that we don’t want to share with everybody. Sometimes, people work on sensitive data that couldn’t be shared inside or outside the firm.

Similarly, when multiple users are connected with the system, they may need some private access to the specific resources. If we talk about files or folders/directories permission, it means you allow them to read, write, or modify the files or directories. It is essential to revert the ownership of files/folders from the users who are not part of your current account but can own them.

It is assumed as challenging for a Linux user to access permission to a file or folder because they are a bit aware of it. Setting the permission to the specific folder is quite simple and can be done via command-line or GUI (we will later discuss how we can do it).

There are two levels in the Linux system for authorization that you must need to understand:

Let’s explain both of them to understand what categories they are further divided into:

Ownership:

If we talk about ownership of files or folders in the Linux operating system, they are split into 3 types:

The user-created the folder, and that’s why sometimes we claimed it as an owner. It is represented as “u” in the command line when giving access through commands.

A group contains several Linux users connected to a system having the same permission access. It is helpful when many users use the system and give them folder permission to access it. You can make a group to add all of them instead of allowing them individually. In this case, people other than the group couldn’t be able to access the folder. The representative form of group members in the Linux command-line is “g.”

The other category includes public users that are not part of group members or ownership. If you are permitting the others, we can say you are allowing everybody in the world to access the files/folders. Sometimes, it could be dangerous, so think twice before doing it. The public users are represented by “o”:

Permission:

There are 3 types of permission you can give to the owners we have mentioned below:

In the read (r) mode, a user can open a file/folder and read it, whereas the write (w) mode allows making changes in the file/folder. You have the authority to add content, remove or rename it.

Without executing (x) permission, you can only read and write to the file, but you can’t run it. To make the file executable, set the execute permission.

How to give the user permission to a folder in Linux:

You can give permission access to the user using a couple of approaches, via terminal and GUI.

Before directly jumping into it, note the specific commands to change permission and ownership.

• chmod command is used to modify permission
• chown command is used to modify ownership

How to give the user permission to a folder via command-line:

You can set permissions like read, write, or execute the folder through the “chmod” command in a terminal.

You can use the “chmod” command to modify permission settings in two different ways:

The difference between Absolute mode and symbolic mode is that in the Absolute mode, you can set permissions for all the owners (user, group, others) using the three-digit octal number instead of characters. Whereas in the symbolic mode, you can set permission through mathematical symbols and only for the specific owner.

Let’s demonstrate both of them:

Give user access to a folder through absolute mode:

To understand how we can give permission access to a folder through absolute mode, we need to understand the given table in which numbers are mentioned for all the permission types.

Numbers	Permission Types	Symbols for Permission
0	No Permission	—
1	Execute	–x
2	Write	-w-
3	Execute + Write	-wx
4	Read	r–
5	Read + Execute	r-x
6	Read + Write	rw-
7	Read + Write + Execute	Rwx

Let’s run an example to check how it is working:

To display the current permission settings of the folder “Testing_folder,” run the following command:

• First rw– represents🡪 a user (owner) who can read or write/edit the file but couldn’t be able to execute it since execute mode is set to “-.”
• The second rw– represents 🡪 a group (all the users added to the group) that can read or write/edit the file.
• The third r— represents 🡪 others (public) who can only read the file

Now execute the chmod command to change permission access:

(760 🡪 owners can read, write or execute the file, the group can read and write, and there is no access for the public users)

Run the “ls” command to check the modification:

Give user access to a folder through symbolic mode:

Three operators are used in symbolic mode to set permission:

Operator	Function
+	Add permission
–	Remove permission
=	Set the permission and override the previous permission settings

As we have mentioned in the introductory part that how to represents owners. So, let’s start with an example:

Check the current permission setting of “Testing_folder” using the mentioned “ls” command:

To set permission to the user (owner), the command would be:

–

Now, execute the “ls” command to get the output:

To remove read permission from the user, run the command:

Now, execute the “ls” command to get results:

How to give a user permission to a folder via GUI:

Changing the file permission using the GUI is the simplest approach. Follow the listed steps:

Open the home directory, and navigate towards the targeted folder.

For example, to change the permission access to a folder “testing,” firstly, select it:

Right-click on the “testing” folder and select “Properties”:

The “Properties” window will appear with 3 tabs:

Navigate to the “Permissions” tab and select it:

From this tab, you can make changes according to the requirement.

Click on the “Change Permission for Enclosed Files,” and you will get a window that allows the user to modify the permission mode, i-e read and write mode for the owners:

Suppose the current permissions status of the “testing” folder is given below:

Let’s open the “change permissions” window and modify the entries as:

Navigate to the “change” button and click it.

Now, confirm using the “ls” command again in the terminal if changes have been made successfully.

Conclusion:

Set permission access to the files or folders is compulsory nowadays for security reasons because someone who is no longer a part of your system may also have folder access. To get control the security issues and keep the files safe, you can set permissions.

There are three categories of ownership i-e user, group, and others. And also, we have 3 types for permission settings such as read, write and execute.

You can give a user permission to the folder in two ways; via command-line and GUI. The GUI approach is better, in my opinion, as it is a pretty straightforward and simple way to set permissions.

About the author

Syeda Wardah Batool

I am a Software Engineer Graduate and Self Motivated Linux writer. I also love to read latest Linux books. Moreover, in my free time, i love to read books on Personal development.

Источник