|
| 1 | +# Accounts and Permissions |
| 2 | + |
| 3 | +Linux file system access is based on user account and group account membership. |
| 4 | + |
| 5 | +Read, Write and eXecute authorisation is defined with respect to the user (u), group (g) and all accounts (a) |
| 6 | + |
| 7 | +`whoami` shows the currently-logged in user account name. |
| 8 | + |
| 9 | + |
| 10 | +## Elevated privileges |
| 11 | + |
| 12 | +su switch to another user account, allowing different access permissions for the file system. `su` is most commonly used to switch to the root user account. |
| 13 | + |
| 14 | +```shell |
| 15 | +su - |
| 16 | +``` |
| 17 | + |
| 18 | +The operating system prompts for the account password that is being accessed. |
| 19 | + |
| 20 | +`sudo` temporarily elevates privileges to that of the root account, allowing access to files and commands that would otherwise be declined. |
| 21 | + |
| 22 | +For example, run the Debian Linux apt tool to update software versions. |
| 23 | + |
| 24 | +```shell |
| 25 | +sudo apt upgrade |
| 26 | +``` |
| 27 | + |
| 28 | + |
| 29 | +## Change access permissions |
| 30 | + |
| 31 | +`chmod` changes access permissions of files or directories: chmod [options] [permission] [file-or-directory] |
| 32 | + |
| 33 | +Set owner access to read, write and access directories. |
| 34 | + |
| 35 | +```shell |
| 36 | +chmod u+rwX ~/projects |
| 37 | +``` |
| 38 | + |
| 39 | +Set permissions literally: |
| 40 | + |
| 41 | +```shell |
| 42 | +chmod -rwx---r-– file.txt |
| 43 | +``` |
| 44 | + |
| 45 | +The second, third and fourth position sets permission for the owner. The next three the group and last three any other user. |
| 46 | + |
| 47 | +!!! INFO "Directory and file permissions" |
| 48 | + read (r), write (w), and execute (x) |
| 49 | + |
| 50 | + owner (u), a group (g), or other (o) accounts |
| 51 | + |
| 52 | + |
| 53 | + |
| 54 | +## Change ownership |
| 55 | + |
| 56 | +`chown` changes ownership of files, directories or symbolic links: chown [options] newowner:newgroup file1 file2 |
| 57 | + |
| 58 | +Assign a user as the new owner of an item. Leave the group name empty to set the same as the user account. |
| 59 | + |
| 60 | +```shell |
| 61 | +chown practicalli ~/projects |
| 62 | +``` |
| 63 | + |
| 64 | +Omit user account name to make all group members the owner |
| 65 | + |
| 66 | + |
| 67 | +```shell |
| 68 | +chown :hackers ~/projects |
| 69 | +``` |
| 70 | + |
| 71 | + |
| 72 | +## Account management |
| 73 | + |
| 74 | +useradd creates a new account or update groups assigned to a user: useradd [options] new_username |
| 75 | + |
| 76 | +By default, the useradd command doesn’t prompt you to give the new user a password. You can add or change it manually later with the passwd command: |
| 77 | + |
| 78 | +passwd new_username |
| 79 | + |
| 80 | +userdel deletes a given account name and requires [elevated privileges](#elevated-privileges) |
| 81 | + |
| 82 | +To set up a password and other details during the account creation process, use the adduser command instead. |
0 commit comments