Linux Users, Groups, Permissions
Add new user:
useradd -m -G wheel -s /bin/bash username
passwd username
Give sudo permissions:
make sure you have sudo installed and if it doest work try:
EDITOR=vim visudo
add user to group:
sudo usermod -aG google-sudoers username
SUDO
sudo -i
sudo useradd -m llmaicode
sudo passwd llmaicode
su - llmaicode
su - alice
https://www.debian.org/distrib/
authorized_keys
i am on debian and i am just about to give someone i don't trust access to my computer with user privilges how to make it so that i can see all actions they do, accept or reject their sudo request per notification have a snapshot before they got access to role back and see diff what they added after snapshot for audit
i guess qemu vm with kvm i will do to have it more isolated and code as infra or setup reproducable and the stuff you say just give me all commands i need to do to install and setup and thne makefile and other setups
1) Users
See users
whoami→ shows current userid→ shows user ID (UID), groups, and group IDscat /etc/passwd→ list all system users
Create / modify users (admin required)
sudo useradd username→ create usersudo passwd username→ set passwordsudo usermod -aG groupname username→ add user to groupsudo userdel username→ delete user
2) Groups
View groups
groups→ groups of current usergroups username→ groups of another usercat /etc/group→ all groups
Manage groups
sudo groupadd groupname→ create groupsudo groupdel groupname→ delete groupsudo usermod -aG groupname username→ add user to group
3) Permissions (core concept)
Each file has:
- Owner (user)
- Group
- Others
Check permissions:
ls -l
Example output:
-rwxr-xr--
Meaning:
r= readw= writex= execute
Breakdown:
rwx→ ownerr-x→ groupr--→ others
4) Changing permissions
chmod 755 filechmod 644 file
Meaning:
- 7 = rwx
- 6 = rw-
- 5 = r-x
- 4 = r--
5) Changing ownership
sudo chown user filesudo chown user:group filesudo chgrp group file
6) extras
umask→ default permission masksudo→ run commands as admingetent passwd→ query system user database cleanly
- Users = identity
- Groups = shared access buckets
- Permissions = what each bucket can do to files