Linux for DevOps: Users, Permissions & Log Analysis (with Practical Tasks + Log File)
Whether you're starting with Linux or diving deeper into DevOps workflows, this guide walks you through real-world, hands-on tasks for managing users, permissions, and analyzing logs — all essentials for DevOps engineers.
1️⃣ User & Group Management in Linux 🧑🤝🧑
Managing users and groups is foundational to Linux security and DevOps automation. Let’s walk through real tasks:
🔧 Task 1: Create a User and Group
bashCopyEditsudo groupadd devops_team
sudo useradd -m -s /bin/bash -g devops_team devops_user
-m: creates home directory-s /bin/bash: assigns Bash shell-g: assigns the group
🔑 Task 2: Set a Password
bashCopyEditsudo passwd devops_user
Choose a secure password — it enables SSH login.
🛡️ Task 3: Grant Sudo Access
bashCopyEditsudo usermod -aG sudo devops_user
This gives devops_user administrative (sudo) privileges.
🚫 Task 4: Restrict SSH Login for Certain Users
To block SSH login for specific users (e.g., test users), edit this file:
bashCopyEditsudo nano /etc/ssh/sshd_config
Add at the bottom:
bashCopyEditDenyUsers testuser guest
Then restart the SSH service:
bashCopyEditsudo systemctl restart ssh
✅ Tip: Use id username or groups username to verify assignments.
2️⃣ File & Directory Permissions 📂
Understanding permissions helps secure your files and maintain correct access levels across DevOps teams.
📁 Task: Create Workspace and File
bashCopyEditmkdir /devops_workspace
touch /devops_workspace/project_notes.txt
🔐 Set Custom Permissions:
Owner: edit (read/write)
Group: read only
Others: no access
bashCopyEditchmod 640 /devops_workspace/project_notes.txt
🔍 Verify:
bashCopyEditls -l /devops_workspace/
Expected output:
bashCopyEdit-rw-r----- 1 devops_user devops_team 0 Jul 10 14:20 project_notes.txt
📊 Bonus: Permission Truth Table
| Permission | Binary | Meaning |
7 | 111 | rwx (full access) |
6 | 110 | rw- (read/write) |
5 | 101 | r-x (read/execute) |
4 | 100 | r-- (read only) |
2 | 010 | -w- (write only) |
0 | 000 | --- (no access) |
Use this to understand what chmod 640 really means:
6(rw-) → Owner4(r--) → Group0(---) → Others
3️⃣ Log File Analysis with awk, grep, and sed 📄
In DevOps, analyzing logs is 🔑 to troubleshooting and alerting.
🔗 Log File for Practice
Since many servers don’t have enough logs, I used this test log file:
📁 Download Linux_2k.log
🛠️ Task 1: Find Errors Using grep
bashCopyEditgrep -i error Linux_2k.log
-i: ignore caseShows all lines containing "error"
🧠 Task 2: Extract Timestamps and Log Levels with awk
bashCopyEditawk '{print $1, $2, $3, $6}' Linux_2k.log
- This extracts date + log level (assuming the format fits this pattern)
🕵️ Task 3: Replace All IPs with [REDACTED] Using sed
bashCopyEditsed -E 's/([0-9]{1,3}\.){3}[0-9]{1,3}/[REDACTED]/g' Linux_2k.log
- Hides all IPs for privacy and security — useful for public demos/log sharing.
💬 Let’s Talk!
I just completed these tasks myself — if you're a beginner or DevOps learner, give these a try!
What command did you find most useful?
Want me to post a script that automates this entire setup?
Have your own favorite
awkorsedtrick? Share it below ⬇️
🧠 Final Tip: Learn by Doing
Even basic commands like chmod, awk, and groupadd are incredibly powerful when applied in real-world setups.
Stay consistent, explore logs, write shell scripts, and you'll be automating your infrastructure in no time 💥
🙌 Want More?
I’m planning a Part 2 on:
- Volumes
Follow me on Hashnode or connect on LinkedIn to get it first!
