User and Permission Management
User management controls system access. Proper management is fundamental to Linux security.
User Accounts
useradd, usermod, userdel, passwd. Info in /etc/passwd and /etc/shadow. UID 0 is root. Regular users UID 1000+.
Groups
groupadd, usermod -aG group user. Defined in /etc/group. Primary and supplementary groups. Assign permissions to groups, not individual users.
sudo
Run commands as root. Configured in /etc/sudoers (edit with visudo). Use sudo instead of root login. Logs all commands for auditing. Granular permissions possible.
File Permissions
rwx for owner/group/others (755 = rwxr-xr-x). SUID (4000): execute as owner. SGID (2000): execute as group. Sticky bit (1000): only owner can delete in directory.
ACLs
Fine-grained permissions beyond owner/group/others. setfacl sets, getfacl views. Grant specific permissions to specific users/groups without changing ownership.
PAM
Pluggable Authentication Modules: flexible authentication framework. Handles authentication, account, password, session. Config in /etc/pam.d/. Integrates LDAP, 2FA, password policies.
Summary
User and permission management controls access and security. Users, groups, sudo, permissions, ACLs, and PAM enable secure Linux systems.