AWS5: Users and Permissions

USERS

adduser — creates the user, adds a home directory, creates a new group with username, adds a password

deluser — removes a user from the /etc/passwd file, this does not remove home directory

delgroup — removes a group

su — switch or substitute users

exit — logs out of PuTTY – keeps the server going


CHANGE HOME DIRECTORY

First, you want to access the file that holds all the user information.

passwd file

Then use the arrow keys to move down to the user you want to change. Use ‘i’ to enter insert mode.

ubuntu user

Here is a breakdown of the file formatting.

To change the home directory, change the [User home path]. Be sure to include the : after the path.

Make sure you have created the new user’s directory before you change the path.

 


PERMISSIONS

Permission Groups

Each file and directory has three user based permission groups:

owner – The Owner permissions apply only the owner of the file or directory, they will not impact the actions of other users.
group – The Group permissions apply only to the group that has been assigned to the file or directory, they will not affect the actions of other users.
all users or ‘other’ – The All Users permissions apply to all other users on the system, this is the permission group that you want to watch the most.

Linux Permissions

Permission Types

Each file or directory has three basic permission types:

read – The Read permission refers to a user’s capability to read the contents of the file.
write – The Write permissions refer to a user’s capability to write or modify a file or directory.
execute – The Execute permission affects a user’s capability to execute a file or view the contents of a directory.

This is just like binary conversions. 2^3 (meaning three bits). So the permissions are set into three areas, with three bits. If all three bits are set, then the number would be 7.

binary linux permissions

Scenario 1 – if you want the owner to read, write and execute the file, but no one else, then you would set the permissions to 700.

Scenario 2 – if you want the owner to read, write and execute, and group to read, then you would set the permissions to 740.

 

Commands

chmod – change the permissions [sudo chmod <number> <file or folder name>]

chown – change the owner [sudo chown <name> <file or folder name>]

chgrp – change the group [sudo chgrp <name> <file or folder name>]

 

Written by