Skip to content

AWS5: Users and Permissions

    USERS

    adduser — creates the user, adds a home directory, creates a new group with username, adds a password

    deluser — removes a user from the /etc/passwd file, this does not remove home directory

    delgroup — removes a group

    su — switch or substitute users

    exit — logs out of PuTTY – keeps the server going

    CHANGE HOME DIRECTORY

    First, you want to access the file that holds all the user information.

    passwd file

    Then use the arrow keys to move down to the user you want to change. Use ‘i’ to enter insert mode.

    ubuntu user

    Here is a breakdown of the file formatting.

    To change the home directory, change the [User home path]. Be sure to include the : after the path.

    Make sure you have created the new user’s directory before you change the path.

     

    PERMISSIONS

    Permission Groups

    Each file and directory has three user based permission groups:

    owner – The Owner permissions apply only the owner of the file or directory, they will not impact the actions of other users.
    group – The Group permissions apply only to the group that has been assigned to the file or directory, they will not affect the actions of other users.
    all users or ‘other’ – The All Users permissions apply to all other users on the system, this is the permission group that you want to watch the most.

    Linux Permissions

    Permission Types

    Each file or directory has three basic permission types:

    read – The Read permission refers to a user’s capability to read the contents of the file.
    write – The Write permissions refer to a user’s capability to write or modify a file or directory.
    execute – The Execute permission affects a user’s capability to execute a file or view the contents of a directory.

    This is just like binary conversions. 2^3 (meaning three bits). So the permissions are set into three areas, with three bits. If all three bits are set, then the number would be 7.

    binary linux permissions

    Scenario 1 – if you want the owner to read, write and execute the file, but no one else, then you would set the permissions to 700.

    Scenario 2 – if you want the owner to read, write and execute, and group to read, then you would set the permissions to 740.

     

    Commands

    chmod – change the permissions [sudo chmod <number> <file or folder name>]

    chown – change the owner [sudo chown <name> <file or folder name>]

    chgrp – change the group [sudo chgrp <name> <file or folder name>]