1. List, Add and Remove a User

List all users:

1

cat /etc/passwd

Add a new user:

1

useradd <username>

Remove an existing user:

1

userdel <username>

2. Change the Password of a User

1

passwd <username>

3. Superuser

Grant write permission to /etc/sudoers:

1

chmode u+w /etc/sudoers

There are four ways to make a user a superuser:

  1. Add <username> ALL=(ALL:ALL) ALL to the end of the file /etc/sudoers. This allows the user to execute any command with prefix sudo after entering the password.
  2. Add <username> ALL=(ALL:ALL) NOPASSWD: ALL to the end of the file /etc/sudoers. This allows the user to execute any command with prefix sudo without entering the password.
  3. Add %<groupname> ALL=(ALL:ALL) ALL to the end of the file /etc/sudoers. This allows all users in the group to execute any command with prefix sudo after entering the password.
  4. Add %<groupname> ALL=(ALL:ALL) NOPASSWD: ALL to the end of the file /etc/sudoers. This allows all users in the group to execute any command with prefix sudo without entering the password.

Return the file /etc/sudoers to read-only mode:

1

chmode u-w /etc/sudoers

4. User Groups

List all user groups:

1

cat /etc/group

List the groups a user is in:

1

groups <username>

Create a new group:

1

groupadd <groupname>

Add a user to a group:

1

usermod -aG <groupname> <username>

5. Onwership and Permission of Files and Directories

To check the owership and the permission of a file or directory:

1
2
3
4
5
6

# File:
ls -l <filename>
# Directory:
ls -ld <dirname>
# List all files including the hidden ones
ls -la

Output example:

1
2
3
4
5
6

# Permision|*|owner|group|bytes|   date    |file/dirname
drwxr-xr-x  2 james james 4096  Dec 2 11:02 example-dir/
# *: Number of subdirectories.
#    If file, usually starts at 1; Numbers higher than 1 indicate how many hard 
#    links point to this file.
#    If directory, the minimum value is 2 ("." and "..").

To break down drwxr-xr-x:

1
2
3
4
5
6
7

d | rwx | r-x | r-x
↓   ↓     ↓     ↓
|   |     |     └── Others permissions (last 3 chars), 101=5
|   |     └──────── Group permissions (middle 3), 101=5
|   └────────────── Owner permissions (first 3), 111=7
└────────────────── File type, d = directory; - = regular file; l = symbolic 
                    link; b = block device; c = character device

To change the ownership:

1
2

chown [-R] <user>:<group> <filename/dirname>
chown [-R] :<group> <filename/dirname>

To change the permission using numeric mode:

1

chmod [-R] 764 <filename/dirname>

Where:

  • 7=0b100+0b010+0b001, owner can Read Write Execute.
  • 6=0b100+0b010+0b000, group can Read Write.
  • 4=0b100+0b000+0b000, other can Read.

To change the permission using symbolic mode:

1
2
3
4
5
6
7

chmod +r foldername       # Add read for everyone
chmod a+r foldername      # Add read for everyone
chmod u+r foldername      # Add read for owner only
chmod g+r foldername      # Add read for group only
chmod o+r foldername      # Add read for others only
chmod a-rwx file          # Remove all permissions from all
# ...