Master Linux User, Group, and Permission Management Commands

Viewing the Current User

Use whoami to display the logged‑in username, or who am i to show the user of the current pseudo‑terminal.

Common who Options

-a

– display all available information -d – show dead processes -m – similar to

am i

-q

– show the number of logged‑in users and their names -u – display login details of the current user -r – show the run level

Creating a New User

Simple creation: adduser newname – creates a new user named newname.

Difference Between useradd and adduser

useradd

only creates the account; you must set a password afterwards with passwd newname. adduser creates the account, home directory, and prompts you to set a password, performing a series of setup steps.

Important Note on useradd

By default the account created with useradd is locked and cannot log in until a password is set using passwd.

adduser Detailed Options

Usage:

adduser [options] username

-b, --base-dir BASE_DIR

– base directory for the new account’s home -c, --comment COMMENT – GECOS field -d, --home-dir HOME_DIR – home directory -D, --defaults – show or change default useradd configuration -e, --expiredate EXPIRE_DATE – account expiration date -f, --inactive INACTIVE – days of inactivity before password expires -g, --gid GROUP – primary group name or ID -G, --groups GROUPS – supplementary groups -m, --create-home – create the user’s home directory -M, --no-create-home – do not create a home directory -N, --no-user-group – do not create a group with the same name as the user -o, --non-unique – allow creation with a duplicate UID -p, --password PASSWORD – encrypted password -r, --system – create a system account -R, --root CHROOT_DIR – chroot to the specified directory -s, --shell SHELL – login shell -u, --uid UID – user ID -U, --user-group – create a group with the same name as the user -Z, --selinux-user SEUSER – SELinux user mapping

Deleting a User

Use userdel to remove a user.

Common options: -f, --force – force removal even if the user is logged in or files are owned -r, --remove – delete the user’s home directory and mail spool -R, --root CHROOT_DIR – chroot to the specified directory -Z, --selinux-user – remove SELinux mappings for the user

On systems without deluser (e.g., CentOS 7), use userdel. To also delete the home directory, add the --remove-home flag:

deluser --remove-home newname

Changing a User’s Password

passwd newname

Modifying a User Account

Change primary group: usermod -g siatstudent newname Add the user to multiple groups: usermod -G friends,happy,funny newname To append groups without removing existing ones, use the -a flag: usermod -aG happy newname Full usermod options include: -c, --comment – new GECOS field -d, --home HOME_DIR – new home directory -e, --expiredate EXPIRE_DATE – account expiration date -f, --inactive INACTIVE – days of inactivity before password expires -g, --gid GROUP – force primary group -G, --groups GROUPS – supplementary groups -a, --append – add to groups without removing existing ones -l, --login LOGIN – new login name -L, --lock – lock the account -m, --move-home – move home directory contents (used with -d) -o, --non-unique – allow duplicate UID -p, --password PASSWORD – set encrypted password -R, --root CHROOT_DIR – chroot directory -s, --shell SHELL – login shell -u, --uid UID – user ID -U, --unlock – unlock the account -Z, --selinux-user SEUSER – SELinux user mapping

Viewing a User’s Groups

groups newname

Group Management

Create a group: groupadd newname Options include: -f, --force – succeed if the group already exists -g, --gid GID – specify GID for the new group -K, --key KEY=VALUE – override defaults from

/etc/login.defs

-o, --non-unique

– allow duplicate GID -p, --password PASSWORD – encrypted password for the group -r, --system – create a system group -R, --root CHROOT_DIR – chroot directory

Modify a group name: groupmod -n test2group testgroup Delete a group:

groupdel test2group

Viewing File Ownership and Group

List files with details: ls -l The third column shows the owner, the fourth column shows the group. Use groups to view the current user’s groups, groups testnewuser for another user, and cat /etc/group to list all groups.

Changing File Permissions with chmod

General syntax: chmod [options]... MODE[,MODE]... FILE... Common options: -c, --changes – report only when a change is made -f, --silent, --quiet – suppress most error messages -v, --verbose – diagnostic output -R, --recursive – apply changes recursively --help – display help --version – display version

Permission symbols: u – user (owner) g – group o – others a – all (u,g,o) + – add permission - – remove permission = – set exact permission r – read w – write x – execute

Examples: chmod u+rx file.txt – add read and execute for owner chmod g+r file.txt – add read for group chmod o-r file.txt – remove read for others chmod g+r o-r file.txt – add read for group, remove read for others chmod go-r file.txt – remove read for group and others chmod +x file.txt – add execute for all chmod u=rwx,g=r,o= file.txt – set exact permissions chmod -R 700 /home/newname – recursively set directory permissions

Changing File Ownership with chown

Basic usage: chown newname file.txt – change owner to newname.

Change both owner and group: chown newname:friends file.txt Recursive change: chown -R root /u Full chown options include: -c, --changes – report only when a change is made -f, --silent, --quiet – suppress most errors -v, --verbose – diagnostic output --dereference – affect the referent of symbolic links (default) -h, --no-dereference – affect symbolic links themselves --from=CURRENT_OWNER:CURRENT_GROUP – change only if current owner/group match -R, --recursive – operate on directories recursively -H, -L, -P – control traversal of symbolic links when -R is used --help – display help --version – display version