Users, groups & root

Key takeaways Linux is multi-user: every account has a name and a number, and the system tracks who you are so it can limit what you can touch. Accounts are collected into groups to share access to files and devices. Above them all sits root, the superuser, who can touch everything and is bound by no permission. Knowing which account you are — and which you are not — is the first step in getting comfortable at the command line.

Coming from a single-user laptop, it is easy to assume the computer simply does what you tell it. Linux is different: it was built for many people (and many programs) to share one machine, so it always asks who is this? before it asks what do you want? Once that clicks, permission errors stop being mysterious and start making sense.

A multi-user system

Linux is a multi-user operating system. Every person or service that uses the machine does so through an account, and each account carries three basic things:

  • a username — the human-friendly name you log in with, like matt or pi;
  • a numeric UID (user ID) — the number the kernel actually uses; the name is just a label on top of it;
  • a home directory — usually /home/username, your own space for files and settings that other users can’t disturb.

Because each account is separate, several people can share one computer safely. Your files stay yours, their files stay theirs, and background services (the programs that run the system) get their own locked-down accounts too. The machine keeps everyone in their own lane.

Groups

Working only account-by-account gets clumsy the moment two people need to share the same files. That is what groups are for: a group collects users together so they can be granted access as a unit, rather than one at a time.

Every user has one primary group — assigned when the account is created and used for files that user makes — and can belong to many additional groups as well. Groups often gate access to hardware: on many systems you must be in the dialout group to use a serial device, or plugdev to reach USB gear like an SDR. Add a user to the right group and the door opens; leave them out and it stays shut.

Groups have numeric GIDs just as users have UIDs, and the same name-on-a-number idea applies.

root — the superuser

One account stands apart from all the rest: root, the superuser. Root has UID 0, and that number is special — the kernel lets root do anything. Root can read, change, or delete any file regardless of who owns it, install software, manage other accounts, and reconfigure the whole system. Root bypasses permissions entirely; the limits that hold ordinary users simply don’t apply.

That power is exactly why root is dangerous. There is no “are you sure?” backstop — a mistyped command as root can erase files across the whole machine in an instant, and a malicious program running as root owns everything. For that reason you normally do not stay logged in as root for day-to-day work. Instead you live as an ordinary user and step up to root’s powers only for the specific task that needs them, which is what sudo and the root account is all about.

Who am I?

A handful of commands tell you which account you are and who else is around:

  • whoami — prints your current username. Short and to the point.
  • id — the fuller answer: your UID, your primary GID, and every group you belong to. Run this when a permission is refused and you suspect a missing group.
  • who and w — list the users currently logged in to the machine; w adds what each of them is doing.

Behind these commands sit two plain-text files. /etc/passwd is the list of accounts — one line per user, holding the username, UID, primary group, and home directory (the name is historical; passwords aren’t stored there anymore). /etc/group is the matching list of groups and who belongs to each. You can read both with the file viewers from earlier lessons; they are simply the lists the system consults when it decides who you are.

Why limits are a feature

It is tempting to see “permission denied” as the computer getting in your way. It is the opposite — it is the computer doing its job.

Ordinary-user limits do two valuable things. First, they stop mistakes: if your account can’t touch the system’s core files, then a wrong command can only damage your own stuff, not the whole machine. Second, they contain compromised programs: a web browser or a decoder running under your account can only reach what your account can reach, so a bug or an attack is boxed in rather than handed the keys.

This is the whole foundation of Linux file permissions — every file is owned by a user and a group, and each carries rules about who may read, write, or run it. The next lesson, file permissions, unpacks exactly how those rules are written and read.

Quick check: which user can override any file permission on the system?

Recap

  • Linux is multi-user: every account has a username, a numeric UID, and a home directory, so people and services share one machine safely.
  • Groups collect users to share access to files and devices; a user has one primary group and can be in many.
  • root is the superuser (UID 0) — it can do anything and bypasses permissions, which makes it both powerful and dangerous.
  • You normally work as an ordinary user, not as root, and borrow root’s powers only when needed.
  • whoami, id, and who/w tell you who you are and who’s logged in; /etc/passwd and /etc/group are the lists behind them.
  • Ordinary-user limits are a feature — they stop mistakes and contain bad programs, which is the foundation of file permissions.

Next up: file permissions