Linux Server Basics: A Detailed Explanation of User and Permission Management
User and permission management in Linux is the core of system security and resource allocation. Users are the operating subjects, groups are used for unified permissions, and UID/GID are numerical identifiers (root UID=0). For user management: use `useradd` to create (add `-m` for home directory), `passwd` to set passwords, and `userdel -r` to delete. Switch identities with `su` and escalate privileges with `sudo` (requires adding to the sudo group). File permissions are represented by three sets of characters (rwx) for user/group/other permissions, set via numbers (e.g., 755) or symbols (e.g., u+x). Modify permissions with `chmod`, and change owners/groups with `chown`/`chgrp`. Directory permissions have special rules: execute permission (`x`) is required to enter, read permission (`r`) to view contents, and write permission (`w`) to create files. Special permissions include SUID (temporarily elevates program privileges, e.g., `passwd`), SGID (inherits group permissions for files), and SBIT (prevents accidental deletion, e.g., `/tmp`). `umask` controls default permissions for newly created files/directories (default 022, resulting in 644 for files and 755 for directories). Best practices: Follow the principle of least privilege, avoid routine operations as root, and regularly check high-risk permission files.
Read MoreLinux User Management: Creation, Deletion, and Permission Assignment
Linux user management is fundamental to system maintenance, distinguishing permissions through user (UID) and group (GID) identifiers to ensure security and resource isolation. Core operations include: User creation requires administrative privileges, using `useradd -m username` (-m creates a home directory) followed by `passwd username` to set a password. Viewing user information uses `id`, and switching users is done with `su -`. User deletion is performed via `userdel -r username` (-r removes the home directory). Permission management is achieved through `chmod` (letter/numeric method), `chown`/`chgrp` (change owner/group), with the `-R` flag for recursive directory permission changes. Temporary privilege elevation with `sudo` requires adding the user to the `wheel` (CentOS) or `sudo` (Ubuntu) group using `usermod -aG`. Caution is advised during operations to avoid accidental user deletion or incorrect permission assignments.
Read MoreDetailed Explanation of Linux System User and User Group Management
This article introduces the core knowledge of Linux user and user group management, aiming to achieve permission control and resource isolation. Users are categorized into root (UID 0, highest privilege), system users (UID 1-999, for running services), and ordinary users (UID ≥ 1000, for daily operations). Groups include primary groups (default ownership) and supplementary groups (additional memberships). Key configuration files: `/etc/passwd` stores user information (UID, GID, home directory, etc.), `/etc/group` stores group information (GID, members), and `/etc/shadow` stores encrypted passwords. Common commands: User management commands include `useradd` (-m to create home directory), `usermod` (-g to change primary group, -aG to add supplementary group), `userdel` (-r to delete home directory), and `passwd` (to set password); group management commands include `groupadd` and `groupdel`. Practical operation examples: Creating an ordinary user and adding them to a group, setting up a shared directory with the group ownership and assigning group read/write permissions. Note that for multi-user sharing, users should be in the same group, and when deleting a user while preserving files, manually clean the home directory after removing the user.
Read More