Basic Concepts

Contents

7.1. User Concept
7.2. The Linux File System
7.3. File Access Permissions

Abstract

If this is your first encounter with a Linux system you probably want to learn something about the basic concepts of Linux before getting started. The graphical user interfaces of Linux, Mac OS* and Windows* show rather similar desktop components which makes it easy to move from one graphical environment to the next. However, if you take a look at the underlying system you will soon notice some differences.

The following sections are meant to guide you through the first steps with your Linux system and to help Linux “newbies” to orientate themselves in their new operating system. You will learn about the user concept of Linux, the structure of the Linux file system (where to find what in the directory tree) and how to deal with access permissions for files and directories which are an essential feature in Linux.

Users who have been working with Mac OS will probably recognize that the concepts explained in the following sections are rather similar to what they know already from Mac OS. Windows users may realize some crucial differences which are worth noticing.

User Concept

From the beginning, Linux has been designed as a multiuser system: Any number of users can simultaneously work on one machine. These users can connect to the system via different terminals or network connections. Usually users need to log in to the system before starting a session. Personal information and individual desktop configuration are stored separately for any user.

Distinct User Roles

Among the users working on a machine, Linux distinguishes between different kinds of user roles: you can log in to a Linux machine as “normal” user or as superuser (administrator), traditionally called root in Linux. The superuser has privileges which authorize him to access all parts of the system and to execute administrative tasks: He has the unrestricted capacity to make changes to the system and has unlimited access to all files. If you are logged in as a normal user you lack these privileges. User and root can of course be the same physical person but acting in different roles.

The root user account is always created on your Linux system by default — during installation you are therefore requested to specify a password for root. Which other users can log in to your system depends on the method of authentication you choose during installation (see Section 1.11, “Create New User”).

For your daily work, you usually log in to your system as normal user. Performing some administrative tasks or running certain programs such as YaST require root permissions. You can easily switch from your normal account to root and back to your normal user account after accomplishing the administrative task. How to do so in a shell is described in Section 8.4, “Becoming Root”. If you are working with a graphical user interface you are usually prompted to enter the root password when necessary. Closing the application which required root permissions results in withdrawal of the root privileges: you automatically switch back to your normal user account.

While this concept might not look very appealing at first, it adds to security. A user without root privileges cannot damage the entire system. Any damage caused is strictly limited to the user's own account and data. Any operation executed with root privileges may potentially harm the entire system. Anyone intending to harm a running Linux system must gain root privileges first. This is why it is much harder to create viruses for Linux systems. They must overcome the root barrier first.

Groups

Every user in a Linux system belongs at least to one group. A group, in this case, can be defined as a set of connected users with certain collective privileges. Groups are usually defined according to functional roles or the data and resources the members of the group need to access. When a new user account is created on your system, the user is usually assigned to a default, primary group. The system administrator can change this primary group or assign the user to an additional group, if necessary.

Figure 7.1. Group Membership for a User in YaST

Group Membership for a User in YaST