User and permission management is a core part of system administration on any Linux-based system. Whether you’re managing a single-user laptop or a multi-user server, it’s important to know how to create users, assign groups, control access to files, and enforce security through permission settings. Linux offers a powerful set of command-line tools for handling users and permissions. In this article, we’ll walk through 10 essential commands that help you manage users, groups, file access, and security effectively.
1. useradd — Create a New User
The useradd
command is used to add new users to the system. It can create the user’s home directory, assign a default shell, and add the user to specific groups.
$ sudo useradd -m -s /bin/bash myuser
The -m
flag creates a home directory for the user, and -s
sets their default shell.
2. passwd — Set or Change a User Password
Once a user is created, you can set or update their password using the passwd
command.
$ sudo passwd myuser
You will be prompted to enter and confirm the new password. This is a mandatory step before a user can log in.
3. usermod — Modify User Accounts
Use usermod
to change user properties like group membership, shell, or username. For example, to add a user to the sudo
group:
$ sudo usermod -aG sudo myuser
The -aG
flag appends the user to a group without removing them from others.
4. groupadd — Create a New Group
Groups help organize users and assign permissions collectively. Use groupadd
to create new groups.
$ sudo groupadd developers
You can then add users to this group and assign folder access to it.
5. id — Show User and Group IDs
The id
command displays the UID, GID, and all groups a user belongs to. This is useful for debugging permission issues.
$ id myuser uid=1001(myuser) gid=1001(myuser) groups=1001(myuser),27(sudo)
It’s a quick way to check if a user has the necessary group access.
6. chown — Change File Ownership
chown
changes the owner and group of a file or directory. This is useful when assigning files to different users or groups.
$ sudo chown myuser:developers /home/myuser/project
This sets myuser
as the owner and developers
as the group.
7. chmod — Modify File Permissions
Use chmod
to change read, write, and execute permissions for user, group, and others. For example:
$ chmod 755 script.sh
This gives read, write, and execute to the owner, and read + execute to group and others. Symbolic mode is also available:
$ chmod g+w file.txt
This adds write permission to the group for the file.
8. chgrp — Change Group Ownership
Sometimes you may want to change only the group owner of a file. Use chgrp
for that.
$ sudo chgrp developers /home/myuser/shared.txt
This is often combined with group-based permissions to share access within a team.
9. getfacl & setfacl — Manage Advanced Permissions
For more granular permission control, Linux supports Access Control Lists (ACLs). getfacl
shows permissions, and setfacl
lets you define extra rules.
$ getfacl report.txt $ setfacl -m u:john:rwx report.txt
This gives user john
full access to report.txt
without changing the file’s group or owner. ACLs are ideal for multi-user collaboration.
10. deluser & delgroup — Remove Users or Groups
To delete users or groups, use deluser
and delgroup
. These commands ensure proper cleanup and safety checks.
$ sudo deluser olduser $ sudo delgroup tempteam
You can add the --remove-home
flag to also delete the user’s home directory.
Conclusion
Linux provides a robust set of commands for user and permission management, allowing for precise control over who can access what. By mastering commands like useradd
, usermod
, chown
, and chmod
, you can enforce security policies, manage collaboration between teams, and keep your system organized. Tools like ACLs offer even more flexibility when standard permissions aren’t enough.
Pro tip: For collaborative directories, set the setgid
bit on the folder using chmod g+s dir
. This ensures that all files created inside inherit the group ownership of the directory.
Effective user and permission management is key to maintaining a secure and productive Linux environment. Use these commands regularly to keep control and enforce best practices.