2024-07-27 08:00:22
www.zdnet.com
Linux is a powerful operating system that also happens to be the most secure platform on the market. With plenty of security features and sub-systems, anyone using the open-source OS can add even more security and privacy, thanks to groups.
Groups make it possible to control what files and folders users have access to with much more efficiency than handling the task one user at a time.
Also: The first 5 Linux commands every new user should learn
Here’s an example to illustrate what I’m talking about. Let’s say you have 100 users who need to have access to a directory you created called /data. You could change the permissions for that folder to give anyone permission to access it, but that’s a security risk. Instead, you might create a group called data_users, change the ownership of the folder to data_users, and then add the necessary users to the new group. The beauty of this method is that any time a user no longer needs access to the folder, all you have to do is remove them from the group.
Before you get into such tasks, you’ll want to know how to manage groups on your Linux system and there are five commands you should learn.
Here they are.
1. groups
If you want to know what groups a user belongs to, this is the command to use. By simply typing the command groups you will see a list of all the groups for the current user. If you need to list the groups for a specific user, the command would be:
Where USER is the username in question.
That’s pretty much all the groups command does but it’s an important one to know.
2. groupadd
This is the next command you’ll want to learn because it makes it possible to add new groups to your system. Unlike groups, groupadd does require sudo privilege and it also offers a few handy options. However, you do not have to use any options to create a basic group. In fact, I would recommend against using any of the available options and simply run the command like so:
Where GROUP is the name of the group you want to add.
3. groupdel
If you need to delete a group, there’s a command for that as well, which is groupdel. One thing to keep in mind is that you cannot delete the primary group of any existing user (because all users are created with a group by the same name — such as user jack and group jack). To delete a group, the command would be:
Where GROUP is the name of the group to be deleted.
4. groupmod
The groupmod command allows you to modify a group on your system. The things you can modify with this include group ID, name, and password (which shouldn’t be used because the password would be visible to users).
Also: Switzerland now requires all government software to be open source
To change something with groupmod, you’d issue a command like:
sudo groupmod -n NEWNAME OLDNAME
Where NEWNAME is the new name for the group and OLDNAME is the old name.
5. chgrp
The chgrp command allows you to change the group ownership. This is similar to the chown command but easier to use (because chown also deals with user ownership). Let’s say you have a group named data_users and you want to give all users in that group access to a specific file named zdnet_welcome.txt. The command for that would be:
sudo chgrp data_users zdnet_welcome.txt
At this point, the zdnet_welcome.txt file will be available to all members of the data_users group.
Also: Why don’t more people use desktop Linux? I have a theory you might not like
And there you go. With these five commands, you should be able to manage your Linux groups with ease.
Source Link