CloudShell Academy LogoCloudShell Academy
Log InSign Up
AcademyTerminal Tactics: Survival in the ShellPhase 2: The Iron Gate (Permissions)

Lesson 1: The Gatekeeper (User Management)

In a real production environment, you never let everyone use the root account. That's like giving everyone the master key to the building. Instead, you create individual accounts with specific permissions.

The User Hierarchy

Think of a Linux server like a company:

  • root: The CEO. Has access to everything. Can destroy everything.
  • sudo users: The managers. Can do admin tasks when needed.
  • regular users: The employees. Can only access their own workspace.

Key Commands

  • whoami — Check which user you are right now.
  • cat /etc/passwd — See a list of all users on the system.
  • useradd <name> — Create a brand new user.
  • passwd <name> — Set or change a user's password.
  • su <name>Switch User — log in as a different person.
  • sudo — "Super User DO" — run a single command as root.

The /etc/passwd File

This file contains one line per user. Each line looks like:

username:x:1000:1000:Full Name:/home/username:/bin/bash

The x means the password is stored securely in /etc/shadow (which we explored in the permissions lesson).

booting...

Mission Objective

You are setting up a new deployment server. Before deploying any code, you need to create a dedicated service account.

  1. Audit: Run cat /etc/passwd to see who already has access.
  2. Create: Add a new user called deploy with useradd deploy.
  3. Test: Try switching to the new user with su deploy.

Why This Matters

In DevOps, the principle of least privilege is sacred. Every deployment pipeline uses a dedicated service account — never root. This limits the damage if something goes wrong.

Mission Control

List all users on the system

Expected Command

cat /etc/passwd

Create a new user named 'deploy'

Try switching to the deploy user

Previous: File Surgery: Modifying RealityNext: Permission Override: Cracking the Code