Managing Users and Permissions in CentOS
Managing users and permissions is crucial for maintaining a secure and well-organized CentOS system. This tutorial will guide you through creating and deleting users, managing groups, and setting up permissions. We'll also cover basic use of `sudo` to grant administrative access.
1. Creating a New User
To create a new user, use the `useradd` command followed by the username. This command creates a new user account and home directory.
Then, set a password for the new user:
Replace "username" with your desired username.
2. Deleting a User
To delete a user and their home directory, use the `userdel` command with the `-r` option:
Warning: Deleting a user with `-r` removes all files in the user's home directory, so use with caution!
3. Managing Groups
- Creating a New Group: Use `groupadd` followed by the group name.
- Adding a User to a Group: Add a user to an existing group with the `usermod -aG` command.
sudo usermod -aG groupname username
- Listing User Groups: To see which groups a user belongs to, use the `groups` command.
- Removing a User from a Group: Remove a user from a group by editing `/etc/group` or by running the command:
sudo gpasswd -d username groupname
4. File and Directory Permissions
In CentOS, permissions define who can read, write, or execute files and directories. To check permissions, use `ls -l` to list the contents of a directory:
Each file's permissions are shown in a string like `-rw-r--r--`, where:
- The first character shows if it’s a file (-) or directory (d).
- The next three characters are owner permissions (read, write, execute).
- The following three are group permissions.
- The last three are others' permissions.
5. Changing Permissions with `chmod`
The `chmod` command changes file or directory permissions. For example, to grant the owner read, write, and execute permissions:
sudo chmod 755 /path/to/file
Common Permissions:
- "7" = read, write, execute
- "5" = read and execute
- "4" = read only
6. Changing Ownership with `chown`
To change a file’s owner or group, use `chown`. For example, to set "username" as the owner and "groupname" as the group:
sudo chown username:groupname /path/to/file
7. Using `sudo` for Administrative Access
Granting a user `sudo` privileges allows them to run commands with administrative rights. Add a user to the `wheel` group to grant `sudo` access:
sudo usermod -aG wheel username
To check which users have sudo privileges, open the sudoers file:
Warning: Be cautious when editing the sudoers file. Syntax errors can lock users out of sudo privileges.
Conclusion
With these commands, you can create, delete, and manage users and groups in CentOS. Managing permissions and using `sudo` securely ensures that only authorized users have access to critical system functions.