Common Issues and Solutions for Linux User Permission Management¶

The permission management in Linux is a core component for ensuring system security and stable operation. As a beginner, you may encounter problems such as password resets, insufficient permissions, or difficulty understanding permission formats. This article explains basic concepts in a simplified manner and provides solutions to common issues.

1. Understanding the Basic Logic of the “Permission System”¶

Think of a Linux system as an apartment building:
- User: Each user is a “resident” with a unique identity.
- Group: Multiple users form a “family” (group) for unified permission management.
- Permission: Each file/directory is like a room, and permissions are the “keys”—different users (residents) have different rights to “read (r), write (w), and execute (x)” the room.

2. Top 5 Common Permission Issues for Beginners and Solutions¶

1. Forgotten Password?¶

• Ordinary User Password: If you are the owner of a regular user account, ask an administrator to reset it using passwd 用户名 (requires admin privileges). Alternatively, switch to root and run passwd 用户名.
• Root Password: If you forget the root password, reset it by booting into single-user mode (steps vary by system). For CentOS:
  1. Restart the system and press e to edit kernel parameters at the Grub menu. Append init=/bin/bash to the end of the line starting with linux16, then press Ctrl+x to boot.
  2. In single-user mode, run passwd root to reset the password, then exec /sbin/init to reboot.

2. “Permission Denied” When Running Commands as a Regular User (e.g., sudo Errors)¶

If a regular user gets “xxx is not in the sudoers file” when running commands like yum install or systemctl, the user lacks sudo privileges. Fix it by:
- Switching to root (su -), then running visudo (safely edits the sudo configuration file).
- Add the line 用户名 ALL=(ALL) ALL at the end of the file (replace “用户名” with your username), save and exit (press Ctrl+x, then y to confirm).

3. Can’t Read File/Directory Permissions? How to Modify Them?¶

Permission Format Explanation: For example, -rw-r--r--:
- The first character (-) indicates a regular file (use d for directories).
- Next 9 characters are divided into 3 groups:
- First 3: Permissions for the owner (u): rw- (read + write = 6)
- Middle 3: Permissions for the group (g): r-- (read = 4)
- Last 3: Permissions for others (o): r-- (read = 4)

Modify Permissions with chmod:
- Numeric Method: Use numbers to represent permissions (r=4, w=2, x=1). For example:
- chmod 755 file.txt: Owner has rwx (7=4+2+1), group and others have rx (5=4+1).
- chmod 644 file.txt: Owner has rw (6=4+2), group and others have r (4).
- Symbolic Method: Add/remove permissions with operators:
- chmod u+x file.txt: Add execute permission for the owner (u=user, +x).
- chmod go-rw dir/: Remove read/write permissions for group and others (g=group, o=others, -rw).

4. Directory Permissions Changed But Still Can’t Enter?¶

A directory requires “execute permission (x)” to enter. If chmod 755 test doesn’t work, check:
- Incorrect Owner/Group: Run ls -ld test to check the owner/group. Fix with chown 用户名:组名 test.
- Missing Execute Permission: Ensure the user has x permission for the directory. For example, run chmod +x test to grant execute rights to all users.

5. How to Manage Users/Groups You Created?¶

• Create a User:
• CentOS/RHEL: useradd 用户名 + passwd 用户名.
• Ubuntu: adduser 用户名 + passwd 用户名.
• Create a Group: groupadd 组名, then usermod -g 组名 用户名 (add user to the new group).
• Modify User Groups: usermod -G 组名 用户名 (add user to multiple groups).

3. Security Tips¶

• Least Privilege Principle: Assign only necessary permissions to regular users; avoid excessive w or x rights for others.
• Edit sudoers Safely: Use visudo instead of vi to avoid syntax errors that could crash the system.
• Check Permissions with ls -l: Run ls -l 文件名 to view permissions, owner, and group information for quick troubleshooting.

Linux permission management may seem complex, but by focusing on the three core elements—user, group, and permission—and systematically troubleshooting (e.g., ls -l to check permissions, chmod to modify them), you’ll master it. Practice commands like chmod 700 and chown to build familiarity, and permission management will become second nature.