ipdetecto.com logo
ipdetecto.com
My IPSpeed
Knowledge Hub
HomeKnowledge HubLinux User Permission Commands
© 2026 ipdetecto.com
support@ipdetecto.comAboutContactPrivacyTermsllms.txt
Basics
5 MIN READ
Apr 19, 2026

Linux User and Permission Commands

Manage accounts and authorization: useradd, usermod, groups, sudoers, ACLs, and password aging.

Linux separates identity (users, groups) from authorization (sudo, file modes, ACLs). useradd and usermod create and adjust accounts; passwd and chage manage passwords and expiry. groups shows supplementary groups; id prints uid/gid context. sudo elevates commands with rules in /etc/sudoers—always edit with visudo. POSIX ACLs via setfacl grant fine-grained rights beyond owner/group/other.

TaskCommandCaution
Add useruseradd -m -s /bin/bash nameHome defaults vary by distro
Sudo rulevisudoSyntax errors lock admins out
ACL grantsetfacl -m u:user:rwx pathBackup tools must preserve ACLs

Related

chmod, chmod 777, sudo, security commands

Frequently Asked Questions

Q.What is the difference between a primary and supplementary group?

Every user has one primary gid; supplementary groups grant additional file access without changing the primary gid.

Q.How do I grant sudo to a single command?

Use a sudoers drop-in with command paths—avoid blanket NOPASSWDALL unless required.

Q.When should I use setfacl instead of chmod?

When multiple users or groups need different rights on the same path without awkward ownership churn.

Q.What does usermod -aG do?

Appends supplementary groups—without -a you may replace the entire group list.

Q.How can I audit who can sudo?

Inspect /etc/sudoers and /etc/sudoers.d with visudo -c and review group memberships in LDAP if used.

Q.Why lock accounts with passwd -l?

It prevents password login while preserving data—pair with SSH key-only policies thoughtfully.

Q.What does chage control?

Password aging and account expiry—useful for contractor accounts and rotation policies.

Q.How does NSS relate to users?

nsswitch.conf can source users from files, LDAP, or SSS—local commands still query the same APIs.
TOPICS & TAGS
useraddusermodsudoerssetfacllinux groups