Linux Permissions Basics: Users, Root, and Sudo Explained

Linux Permissions Basics: Users, Root, and Sudo Explained

I still remember the first time I broke a Linux server.

I was poking around as root, feeling powerful, and decided to “clean up” a few files I didn’t recognize. Five minutes later, a service wouldn’t start, the site was down, and I had no idea why. That little disaster is what finally forced me to sit down and understand how Linux users and permissions actually work.

This guide is for you if:

  • You’re new to Linux servers.
  • You’ve seen root, sudo, and /etc/passwd but aren’t sure what they really mean.
  • You just want a clear, practical explanation so you can stop guessing.

Let’s walk through users, the superuser, and sudo step by step.

Understand What Linux Users Actually Are

Linux is a multi-user system. That means the OS is built to handle many different users on the same machine, each with their own files and permissions.

Before you think about permissions, you need to understand users and groups, because those are what permissions apply to.

In Linux, there are two main types of users:

  1. System users
  2. Regular users

They live side by side on the same machine, but they’re used for different purposes.

System Users vs Regular Users

Let’s break down what those two types actually mean in practice.

System users:

  • Used to run non-interactive or background processes.
  • Don’t usually log in like a normal human.
  • Are often created automatically when you install the OS or services.

When you first initialize and log in to a Linux system, it already has a bunch of system users created. These accounts are there so services (like web servers, databases, etc.) can run under their own user identities.

That’s normal. You’re not expected to manage all of them manually.

Regular users:

  • Used for logging in and running commands interactively.
  • These are the accounts people actually use.
  • You create them for yourself and other humans who need access.

So, on a typical server:

  • System users are mostly invisible helpers.
  • Regular users are you and your team.

Peek Inside /etc/passwd (List All Users)

If you want to see the actual list of users on your system, Linux keeps that information in a plain text file: /etc/passwd.

Each line in /etc/passwd represents one user.

The first field on each line (before the first :) is the username.

To see the full list of users, run:

cat /etc/passwd

This prints all the users defined on the system.

Things to pay attention to:

  • You’ll see many users you never created manually.
  • Most of those are system users used by services.
  • Your login user will be somewhere in that list too.

You don’t have to memorize everything in /etc/passwd. For now, just understand:

  • It’s the master list of users.
  • Each line = one user.
  • Username = the text before the first colon.

Meet the Superuser (root)

On every Linux system, there is a superuser, usually called root.

This account is special because it can override any file ownership and permission restrictions.

In practice, that means:

  • Root can read, write, or delete any file.
  • Root can start or stop any service.
  • Root can change any setting on the system.

The root user is used to make system-wide changes.

So when you:

  • Install software.
  • Edit system config files.
  • Manage users and groups.

…those are usually root-level tasks.

Because root can do anything, it can also break anything. That’s why many setups try to avoid logging in as root directly all the time.

Why sudo Exists (Temporary Superuser Powers)

Instead of logging in as root, many systems use sudo.

sudo lets a normal user temporarily run commands with superuser rights, by prefixing the command with sudo.

Example pattern:

sudo <admin-level-command>

So instead of:

# as root
apt-get update

you do:

sudo apt-get update

Key idea:

  • Some users are configured with sudo privileges.
  • These users can temporarily gain superuser rights for specific commands.
  • sudo is about control and safety: you don’t stay root all day, you just borrow root’s power when needed.

Practical Steps: Check Users and Understand Who You Are

Let’s do a quick, practical mini-checklist so you understand your own system.

Step 1: See which user you are right now

Run:

whoami

This prints your current username.

That’s the regular user you’re operating as (unless you’re actually logged in as root).

Step 2: Confirm that user in /etc/passwd

Run:

cat /etc/passwd | grep "$(whoami)"

You should see a line with your username at the start.

This connects the idea:

  • You are a user.
  • That user is defined as a line in /etc/passwd.

Step 3: List all users for context

Run again:

cat /etc/passwd

Scroll a bit and look around:

  • You’ll see your user.
  • You’ll see root.
  • You’ll see many system users you likely didn’t create.

That’s your system’s user landscape.

How sudo Fits Into Your Daily Work

On many servers, especially cloud servers, the recommended pattern is:

  • Use a regular user for day-to-day stuff.
  • Give that user sudo privileges for admin tasks.

In that setup, you don’t log in as root, but you can still run admin commands with:

sudo <command>

From the description we have:

  • It’s possible to configure other user accounts to assume superuser rights.
  • This is often referred to as having sudo.
  • Users with this capability precede admin-level commands with sudo.

Sometimes, when setting up a fresh server, you’ll:

  • Create a normal user.
  • Configure that user with sudo privileges.

That way, you’re not stuck as root, and you still have full control when needed.

Safety Tips When Working With Users and Root

Even at this basic level, there are a few habits that can save you time and drama.

1. Avoid living as root

Because root can override everything, a small typo can do real damage.

Using a normal user plus sudo helps you:

  • Make most mistakes with limited impact.
  • Be more aware when you’re doing something sensitive (because you’re typing sudo).

2. Be careful editing /etc/passwd

/etc/passwd is a core system file.

  • Reading it with cat is perfectly safe.
  • Randomly editing it without knowing what you’re doing can lock users out or break logins.

If you’re new, treat /etc/passwd as read-only until you learn the proper tools to manage users.

3. Know when a command needs root/sudo

In everyday use:

  • Commands that touch your own files usually don’t need sudo.
  • Commands that change the system (software install, config changes in system dirs, service management) usually do.

If a command fails with “permission denied” when doing system tasks, that might be your cue to rerun it with sudo (assuming your user is configured for it).

Quick Recap

You don’t need to be a Linux guru to work safely on a server, but you do need a few core ideas clear in your head:

  • Linux is a multi-user system.
  • There are system users (for background services) and regular users (for real people logging in).
  • All users are listed in /etc/passwd, one per line, with the username before the first :.
  • The superuser (root) can override any file ownership and permission restriction.
  • sudo lets a normal user temporarily gain superuser rights by prefixing commands with sudo.

Once you’re comfortable with who the users are and what root/sudo really mean, the next step is to dig into actual file ownership and permissions—but that’s another article.

Need more help? Check the latest CrushEdge posts.

No Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.