Linux Users, Groups, and Permissions

by
RedditHacker NewsPocketTelegramWhatsApp

Linux Essential Skills Crash Course Part 3: Users, Groups, and Permissions

Mastering users, groups, and permissions is fundamental to secure WordPress hosting on Ubuntu servers. This comprehensive guide breaks down these essential concepts, making them accessible for beginners while providing detailed insights for practical implementation.


{
    font-family: 'Fira Code', monospace;
    font-size: 14px;
    background: #f4f4f4;
    display: block;
    padding: 10px;
    border-radius: 5px;
    white-space: pre-wrap; /* Wrap long lines */
    word-break: break-word; /* Break words if too long */
}

Understanding Linux Users

Root User (Superuser)

  • Complete administrative control
  • Unrestricted access to all system components
  • Username: “root”
  • Can perform any system operation
  • Highest level of privileges

System Users

  • Created automatically by the system
  • Run specific services and processes
  • Limited privileges
  • Enhanced system security
  • Non-interactive accounts

Normal Users

  • Regular human accounts
  • Limited permissions by default
  • Access to personal home directory
  • Can run applications
  • Customizable privileges

The Sudo System

Working with Root Privileges

  1. Never work directly as root
  2. Use sudo to invoke root privileges
  3. Add users to root group for sudo access
  4. Always verify commands before using sudo

Best Practices

  • Double-check destructive commands
  • Use sudo only when necessary
  • Keep sudo log files for auditing
  • Never share sudo privileges unnecessarily

Linux Groups Explained

Purpose and Function

  • Organize users efficiently
  • Manage shared permissions
  • Control resource access
  • Implement security policies

Group Types

  1. User Groups
  • Created automatically
  • Named after user
  • Primary group for user files
  1. System Groups
  • Created by system
  • Used for services
  • Example: www-data for web server
  1. Custom Groups
  • Administrator created
  • Specific access control
  • Project or function based

File System Information

Understanding Directory Listings

drwxr-xr-x 2 root root 4096 Jan 15 10:30 directory

Listing Components

  1. Type and permissions (drwxr-xr-x)
  2. Link count (2)
  3. Owner (root)
  4. Group (root)
  5. Size (4096)
  6. Modification date (Jan 15 10:30)
  7. Name (directory)

Ownership System

Basic Concepts

  • Every file has an owner
  • Every file has a group owner
  • Other users have separate permissions
  • Ownership affects access rights

Managing Ownership

# Change user and group ownership
sudo chown user:group filename

# Change only group ownership
chgrp group filename

Permission System

Permission Types

For Files

  • Read (r): View content
  • Write (w): Modify/delete
  • Execute (x): Run program

For Directories

  • Read (r): List contents
  • Write (w): Create/delete files
  • Execute (x): Access directory

Numeric Permission Values

  • Read = 4
  • Write = 2
  • Execute = 1

Common Permission Combinations

644 (-rw-r--r--) : Standard file
755 (drwxr-xr-x) : Standard directory
600 (-rw-------) : Secure file

WordPress-Specific Configurations

Directory Permissions

wp-admin/      : 755
wp-content/    : 755
wp-includes/   : 755
uploads/       : 775

File Permissions

wp-config.php  : 600
.htaccess      : 644
PHP files      : 644
Image files    : 644

Ownership Structure

  1. Files:
  • Owner: Your user account
  • Group: Web server (www-data)
  1. Directories:
  • Owner: Your user account
  • Group: Web server (www-data)

Security Best Practices

Never Use 777

  • Avoid full permissions (777)
  • Creates security vulnerabilities
  • Bypasses access controls
  • Attracts malicious activity

Permission Guidelines

  1. Use minimum necessary permissions
  2. Regularly audit permissions
  3. Document permission changes
  4. Test after permission changes
  5. Back up before modifying permissions

Common Issues and Solutions

  1. Plugin Installation Problems
  • Temporary permission adjustment
  • Return to secure settings
  • Use FTP alternatives
  1. Update Issues
  • Document default permissions
  • Create update procedure
  • Verify after updates

Command Reference

Essential Permission Commands

# View permissions
ls -l filename

# Change permissions (numeric)
chmod 644 filename

# Change permissions (symbolic)
chmod u+rw,g+r,o+r filename

# Change ownership
chown user:group filename

Next Steps

In the upcoming sections, we’ll cover:

  • File and directory manipulation
  • Working with text editors
  • Process management
  • Service control and monitoring

Remember: Understanding permissions is crucial for server security. Take time to practice these concepts before moving forward with server configuration.