Linux for DevOps: Users, Permissions & Log Analysis (with Practical Tasks + Log File)

Whether you're starting with Linux or diving deeper into DevOps workflows, this guide walks you through real-world, hands-on tasks for managing users, permissions, and analyzing logs — all essentials for DevOps engineers.

1️⃣ User & Group Management in Linux 🧑‍🤝‍🧑

Managing users and groups is foundational to Linux security and DevOps automation. Let’s walk through real tasks:

🔧 Task 1: Create a User and Group

bashCopyEditsudo groupadd devops_team
sudo useradd -m -s /bin/bash -g devops_team devops_user

• -m: creates home directory

• -s /bin/bash: assigns Bash shell

• -g: assigns the group

🔑 Task 2: Set a Password

bashCopyEditsudo passwd devops_user

Choose a secure password — it enables SSH login.

🛡️ Task 3: Grant Sudo Access

bashCopyEditsudo usermod -aG sudo devops_user

This gives devops_user administrative (sudo) privileges.

🚫 Task 4: Restrict SSH Login for Certain Users

To block SSH login for specific users (e.g., test users), edit this file:

bashCopyEditsudo nano /etc/ssh/sshd_config

Add at the bottom:

bashCopyEditDenyUsers testuser guest

Then restart the SSH service:

bashCopyEditsudo systemctl restart ssh

✅ Tip: Use id username or groups username to verify assignments.

---

2️⃣ File & Directory Permissions 📂

Understanding permissions helps secure your files and maintain correct access levels across DevOps teams.

📁 Task: Create Workspace and File

bashCopyEditmkdir /devops_workspace
touch /devops_workspace/project_notes.txt

🔐 Set Custom Permissions:

Owner: edit (read/write)
Group: read only
Others: no access

bashCopyEditchmod 640 /devops_workspace/project_notes.txt

🔍 Verify:

bashCopyEditls -l /devops_workspace/

Expected output:

bashCopyEdit-rw-r----- 1 devops_user devops_team 0 Jul 10 14:20 project_notes.txt

---

📊 Bonus: Permission Truth Table

Use this to understand what chmod 640 really means:

• 6 (rw-) → Owner

• 4 (r--) → Group

• 0 (---) → Others

---

3️⃣ Log File Analysis with awk, grep, and sed 📄

In DevOps, analyzing logs is 🔑 to troubleshooting and alerting.

🔗 Log File for Practice

Since many servers don’t have enough logs, I used this test log file:
📁 Download Linux_2k.log

🛠️ Task 1: Find Errors Using grep

bashCopyEditgrep -i error Linux_2k.log

• -i: ignore case

• Shows all lines containing "error"

🧠 Task 2: Extract Timestamps and Log Levels with awk

bashCopyEditawk '{print $1, $2, $3, $6}' Linux_2k.log

• This extracts date + log level (assuming the format fits this pattern)

🕵️ Task 3: Replace All IPs with [REDACTED] Using sed

bashCopyEditsed -E 's/([0-9]{1,3}\.){3}[0-9]{1,3}/[REDACTED]/g' Linux_2k.log

• Hides all IPs for privacy and security — useful for public demos/log sharing.

---

💬 Let’s Talk!

I just completed these tasks myself — if you're a beginner or DevOps learner, give these a try!

• What command did you find most useful?

• Want me to post a script that automates this entire setup?

• Have your own favorite awk or sed trick? Share it below ⬇️

---

🧠 Final Tip: Learn by Doing

Even basic commands like chmod, awk, and groupadd are incredibly powerful when applied in real-world setups.

Stay consistent, explore logs, write shell scripts, and you'll be automating your infrastructure in no time 💥

---

🙌 Want More?

I’m planning a Part 2 on:

• Volumes

Follow me on Hashnode or connect on LinkedIn to get it first!