Scripting: useful permissions commands
DigitalBox- Scripting
- June 2, 2025
Haiku is not a multi-users system, however permissions commands from the unix world can be used for some specific usages.
In this article we will review a use case where permissions commands can be useful.
| Command | Description |
| useradd | Adds a new user to the system |
| groupadd | Creates a new user group |
| passwd | Sets or changes the password for a user |
| su | Switches to another user account |
| groups | Displays the groups the current user belongs to |
| id | Shows the user ID (UID), group ID (GID), and associated groups for a user |
| whoami | Displays the username of the currently logged-in user |
| chown | Changes the ownership of a file or directory |
| chgrp | Changes the group associated with a file or directory |
| chmod | Modifies access permissions (read, write, execute) on a file or directory |
| userdel | Deletes an existing user from the system |
| groupdel | Deletes an existing group from the system |
useradd
First, let's check the existing users list.
In a Terminal type:
cat /etc/passwd
You should see in this file, users like :
- user : who is the default user in Haiku
- sshd : who is the user linked to sshd server
- nginx : who is the user linked to nginx web server
Now let's add a new user named "haiku" in Haiku.
For that type:
useradd haiku
groupadd
What about creating a new group and associate this group to the new user "haiku"?
In a Terminal type:
groupadd os
You can see the groups list inside the "/etc/group" file.
The new "os" group is having id "105".
To associate the "os" group to the user "haiku", edit the /etc/passwd file:
lpe /etc/passwd
Then replace the default group "100" by the value "105" corresponding to the "os" group id.
Save the file.
passwd
In order to change the password for the new "haiku" user, type:
password haiku
Confirm by typing the password twice.
su
This command stands for "substitute user" and is useful to change the current user.
From the Terminal, let's connect with the "haiku" user:
su haiku
groups
Let's verify what is the group of the "haiku" user:
groups haiku
The "os" group is the one associated to the "haiku" user.
id
Now let's review the current user uid / gid (user id / group id).
Type in the Terminal:
id
The user is defined by the "1003" id and the group by the "105" id.
whoami
This command is used to displayed the current user:
whoami
This is correct as the current user is named "haiku".
chown
Let's create a kind of home folder for the "haiku" user:
cd /boot/
mkdir home_haiku
chown haiku home_haiku
The last command "chown" which stands for "change owner", is changing the owner of the folder "home_haiku" to "haiku" user.
Let's check if it has been changed accordingly:
cd /boot/
ls -l
We can see that the owner of the "home_haiku" folder is indeed "haiku".
chgrp
What about changing the group of the "home_haiku" folder ?
In a Terminal type:
chgrp os home_haiku
Checking the details of the owner / group of "home_haiku" folder, now we have :
- group is "os"
- owner is "haiku"
chmod
This command is used to change the permissions of a file.
If you would like - for instance - to give all accesses to everyone on the folder "home_haiku", type:
chmod 777 home_haiku
If you would like to know more about permission rights, you can check the dedicated article on that topic named "Files permissions".
Use case
Now let's review a possible use case where customized users and permissions can be useful.
Let's suppose we would like to use the Haiku SSH server where:
- The default "user" must not be authorized to connect
- Only the "haiku" user will be allowed to connect
From the previous commands already launched, it's the case because:
- a new user "haiku" has been created
- a new group "os" has been created
- the user "haiku" was associated to the "os" group
- a specific password was defined for "haiku" user
Now, edit the "sshd_config" file to only authorized user "haiku" to connect:
lpe /system/settings/ssh/sshd_config
And the line:
AllowUsers haiku
Restart your system.
Now the SSH server will only allow the user "haiku" to connect.
Let's check that.
Verify the IP address of your Haiku machine:
ifconfig | grep inet
The IP address to use in my case is "192.168.64.29".
Let's connect from another machine to Haiku via SSH:
ssh haiku@192.168.64.29
Once the password for "haiku" user has been entered, as you can see he's connected!
Now, if you try to connect with the default user named "user", you will see that he's no more authorized.
It could be interesting to do that kind of setup to improve the security of your Haiku machine:)
userdel
Now that the showcase is completed, we can delete the "haiku" user:
userdel haiku
If you check the content of the "/etc/passwd" file, you will notice the entry for "haiku" user has been removed.
groupdel
Let's delete also the "os" group.
Type in the Terminal:
groupdel os
The content of the "/etc/group" file will be updated, and the entry for the "os" group will be removed.
Moving forward
We can see that even if Haiku is today not a multi-users system, there are some use cases - like the SSH server - where customizing users/groups can be useful.
Do you find any other usages for users / groups customization?
If so, you can put a comment below:)