1) User & Group Management

\=> What is Linux users, groups, and permissions (/etc/passwd, /etc/group)?

User :

Linux is a multi-user operating system, meaning multiple users can operate on the same machine, each with distinct permissions.

User Types

Root User (Superuser): Has full control over the system.
System Users: Used for services and daemons.
Regular Users: Created for actual users who log in and work on the system.

Groups :

A Linux user group is a bunch of users who share the same access rights to files and system resources. It's like a team at work - everyone on the team can use certain tools, but not everything in the company.

For instance, you might have a "developers" group that can mess with source code, while the "marketing" group can only look at finished product docs. This setup makes managing permissions easier and boosts system security.

Permission :

Linux permissions define who can read, write, and execute files.

Understanding File Permissions with example

-rw-r--r-- 1 user1 user1 48 Feb 5 10:00 file.txt

Breakdown:
- -rw-r--r-- → Permission string
  - - → File type (- = file, d = directory)
  - rw- → Owner (user1) can read & write
  - r-- → Group (users) can only read
  - r-- → Others can only read
- 1 → Hard link count
- user1 → Owner
- user1 → Group
- 48 → File size (bytes)
- Feb 5 10:00 → Last modified time
- file.txt → Filename
Changing Permission:
- Modify permissions using chmod command
  - Numeric mode (Octal representation)

chmod 764 file.txt

7 (rwx) → Owner has full access (read,write & execute)
* 6 (rw-) → Group can read & write
* 4 (r--) → Others can only read

Tasks-1 : Create a user “devops_user” and add them to a group “devops_team”.

Crete user devops_user

sudo useradd -m devops_user -s /bin/bash

* - m ( Creates a home directory of the username )

List of created users := cat /etc/passwd

Create a group devops_team := sudo groupadd devops_team

Add User (devops_user) into the “devops_team” group :=

sudo gpasswd -M devops_user devops_team

cat /etc/group

* Verifying the user is inserted into the respected group

Task 2 : Set a password and grant sudo access.

Set password for devops_user := sudo passwd newuser (Enter password and confirm password)

Grant sudo access to devops_user := sudo usermod -aG sudo devops_user

To check the group list := cat /etc/group

Verify the sudo access for users

Task - 3: Restrict SSH login for certain users in /etc/ssh/sshd_config.

Deny Specific Users
- Open SSH confige file
- vim /etc/ssh/sshd_config
- Deny SSH access for particular user
- EX- DenyUsers user1 user2
Deny Specific Groups

To block an entire group from SSH access.

For Example: DenyGroup devops_team

After making all changes , restart the SSH daemon to apply theme:

sudo systemctl restart sshd

2) File & Directory Permissions

Task - 1 : Create /devops_workspace and a file project_notes.txt.

Create a directory : sudo mkdir devops_workspace

Verify the directory : ls

Create a file in the directory : touch project_note.txt

Task - 2 : Set permissions : Owner can edit, group can read, others have no access.

Use ls -l to verify permissions.

/Set Permission on file and directory

Conditions: (Owner can edit / Group can read the file / others have no access)
sudo chmod 740 project_note.txt

Verify the permissions using this command : ls - l

3) Log File Analysis with AWK, Grep & Sed

Analyze the log from the log file and download sample file.

Extract insights using commands:

Use awk to extract timestamps and log levels.
Use sed to replace all IP addresses with [REDACTED] for security.

Task - 1 : Use grep to find all occurrences of the word "error".

The grep command is used to search for specific patterns in files. It stands for Global Regular Expression Print and is widely used in log analysis, text processing, and scripting.

grep -i “authentication failure“ app.log

-i Make the search case sensitive

Task - 2 : Use awk to extract timestamps and log levels.

It is mainly used for extracting fields, manipulating text, and generating reports from structured data.

awk treats fields as variables:

$1 → First column
$2 → Second column
$NF → Last column

awk ‘/authentication failure/‘ {print $1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15} app.log

Search Top 10 and last 10 Result from the log file using head and tail

awk ‘/authentication failure/‘ {print $1,$2,$3,$7} app.log | head

awk ‘/authentication failure/‘ {print $1,$2,$3,$7} app.log | tail

Task - 3 : Use “sed“ to replace all IP addresses with [REDACTED] for security.

The sed (Stream Editor) command in Linux is a powerful text-processing tool used for searching, replacing, inserting, deleting, and modifying text in a file or stream. It processes text line by line without modifying the original file.

Example:

sed “s/user/username/g“ auth_failt_ips.txt

sed -E "s/([0-9]+.[0-9]+.[0-9]+.[0-9]+|[0-9a-fA-F:]+:[0-9a-fA-F:]+)/[REDACTED]/g" auth_fail_ips.txt

Explanation :

-E means enable to regular expressions
([0-9]+.[0-9]+.[0-9]+.[0-9]+|[0-9a-fA-F:]+:[0-9a-fA-F:]+) is search IPV4 and IPV6 IP’s
Replace all IP with [REDACTED] text.

\=> Filter unique data from the given result

sed "s/rhost/IP/g" auth_fail_ips.txt | uniq

4) Volume Management & Disk Usage

Task - 1 : Create a directory for making the volume

mkdir -p mnt/devops_data

Create Volume on EBS (Amazon Elastic Block Store)

Note : Select same region and availability zone as you created EC2.

🚀 Checkout the video for creating the volumes on EBS. ⬇️

https://youtu.be/Evnf2AAt7FQ?si=DIyAD6L9Q2soIhOU

Attach volume to the particular EC2 Instance

Note : Select name name /dev/sdf from the dropdown when you attach to the EC2

Check created blocks using lsblk command.

Create a physical volume from this blocks

Note : Volume related command accessible for root user only

sudo su → lvm
Check physical volume using PVS command
Create physical volume using pvcreate command
pvcreate /dev/xvdf /dev/xvdg /dev/xvdh
Check created physical volume
Create volume group from these physical volume
vgcreate tws_vg /dev/xvdf /dev/xvdg
Create logical volume from the volume group (tws_vg)
lvcreate -L 1.5G -n tws_lv tws_vg

Can see the 1.5G volume is nested from the /dev/xvdf

Task -2 : Mount a new volume (or loop device for local practice).

Format the disk before mounting the disk
mkfs.ext4 /dev/tws_vg/tws_lv - (Disk is ready to reusable)
Mount the logical volume using this command
mount /dev/tws_vg/tws_lv /mnt/devops_data/

Task - 3 : Verify using df -h and mount | grep devops_data

Check the volume using df -h : Disk is mounted properly and user can work as storage

Check the volume mounted details : df -h | grep devops_data

5) Process Management & Monitoring

Task - 1: Start a background process (ping google.com > ping_test.log &).

& → Runs the command in the background.
ping google.com → Sends continuous pings to Google.

> ping_test.log → Redirects output to ping_test.log.

Task - 2 : Use ps, top, and htop to monitor it.

ps aux | grep ping

s aux → Lists all running processes.
grep ping → Filters results for our ping command.

Monitor System Resources with top

Displays active processes, CPU & memory usage.
Press / then type ping to search for the process.
Press q to exit.

Use htop (Better Interface)

Similar to top but more interactive (use arrow keys to navigate).
Search by pressing F3, then typing ping.
If htop isn’t installed, install it using:

sudo apt install htop

Task - 3: Kill the process and verify it's gone.

Find the process ID (PID) : ps aux | grep ping

Kill the Process by PID : kill 56134

Final Thoughts

Efficient user and group management is essential for maintaining a secure and well-organized Linux environment. By properly assigning users to groups and configuring permissions, you can control access to critical system files and ensure smooth operations.

🚀 Whether you're a DevOps engineer, system administrator, or Linux enthusiast, mastering these commands will help you effectively manage users, groups, and permissions on any Linux system.

Linux System Administration & Automation Challenge