Certification Guides Practice Quizzes IT Career Insights

START HERE New to IT or Cybersecurity?
Begin with CompTIA ITF+ →

Certification Guides› Practice Quizzes› IT Career Insights›

Free resource. No signup needed. Disclosure

CompTIA Cyber Path • Linux / Admin Basics • Lesson 18

Lesson 18 — Users, Groups & Permissions Troubleshooting Lab

whoami + id + groups + ls -l + chmod / chown / sudo

This lab puts earlier Linux concepts together into one real troubleshooting sequence. The goal is not memorizing isolated commands. The goal is learning how a support tech thinks when a user says, “I can see the file, but I cannot open, edit, or run it.”

Core idea:

Good troubleshooting moves in order: identify the current user → check groups and access level → inspect file ownership and permissions → apply the smallest correct fix.

What you’ll be able to do:

Diagnose whether a problem is caused by the wrong user, missing group access, bad file permissions, wrong ownership, or the need for elevated privileges.

Linux troubleshooting lab users + groups permissions + ownership local progress saved

Progress: 0%

Check Userwhoami / id

Check Group Accessgroups

Inspect Filels -l

Apply Correct Fixchmod / chown / sudo

Good troubleshooting flow: Who am I? → What groups am I in? → Who owns the file? → What permission is missing? → Use the smallest correct fix

Lab Scenario

Ticket

A user named alex reports:

“I can see the deployment script in /srv/tools, but when I try to run it I get Permission denied. I also cannot edit the config file in that folder.”

Your job is to determine whether the issue is:

The wrong current user
Missing group membership or access
Missing execute permission
Wrong file ownership
The need for sudo

1) Identify the Current User

Check who you are

whoami id

Start by confirming which account is being used. Do not troubleshoot permissions before knowing who the current user actually is.

Why this matters

If the wrong account is logged in, everything after that can look confusing. Always anchor the problem to the actual user context first.

Important habit:

Permission problems are not abstract. They are always permission problems for a specific user or process.

2) Check Group Membership

Group access often determines whether a user can read or modify shared files.

Check groups

groups id

This helps you see what groups the current user belongs to.

What to look for

Whether the user belongs to the expected team or project group
Whether group access could explain why one user works and another does not
Whether root-level access is actually required

Example thought process

If the file belongs to group deploy and the current user is not in that group, group permissions may not help them at all.

3) Inspect Ownership and Permission Bits

Now inspect the file itself.

Check the script

ls -l /srv/tools/deploy.sh

Example output:

-rw-r—– 1 root deploy 842 Mar 20 09:10 /srv/tools/deploy.sh

Here, the script is not executable because the x bit is missing.

Check the config file

ls -l /srv/tools/app.conf

Example output:

-rw-r—– 1 root deploy 214 Mar 20 09:12 /srv/tools/app.conf

This may be readable by the group, but not writable. Ownership and write bits matter here.

What you are deciding

Does the user need read, write, or execute?
Is the file owned by the right user or group?
Would changing permissions or ownership be safer?

Real-world habit:

Do not use broad permission changes like chmod 777 as a shortcut. That is sloppy and unsafe. Fix the actual problem instead.

4) Apply the Correct Fix

Once you know the cause, apply the smallest correct fix.

Fix missing execute permission

sudo chmod +x /srv/tools/deploy.sh

Use this when the script should be executable but currently is not.

Fix ownership or group

sudo chown root:deploy /srv/tools/app.conf

Use this when the file should belong to a different group or owner.

Fix write access carefully

sudo chmod 664 /srv/tools/app.conf

This could make sense if the owner and group should be able to write, while others should not.

Use sudo when needed

sudo nano /srv/tools/app.conf

Sometimes the file is intentionally protected, and the correct fix is not changing permissions at all. The correct answer may be using elevated privileges for an admin-only task.

5) Verify the Fix

Re-check permissions with ls -l
Try running the script again
Try editing the file again if appropriate
Confirm the result matches the intended access model

ls -l /srv/tools/deploy.sh ls -l /srv/tools/app.conf /srv/tools/deploy.sh

6) Fast Troubleshooting Pattern

Identify the current user
Check user and group membership
Inspect file owner, group, and permission bits
Decide whether the issue is execute, write, ownership, or privilege
Apply the smallest safe fix
Verify the result

whoami id groups ls -l /srv/tools/deploy.sh ls -l /srv/tools/app.conf sudo chmod +x /srv/tools/deploy.sh

Practical — Solve the Ticket

This practical is meant to feel like a real support task, not a trivia exercise.

Practical Task

Identify the current user with whoami or id
Inspect user groups
Inspect the script and config file with ls -l
Decide whether to use chmod, chown, or sudo
Write one sentence describing the root cause and the fix

Walkthrough

whoami id groups ls -l /srv/tools/deploy.sh ls -l /srv/tools/app.conf

If the script lacks execute permission, apply:

sudo chmod +x /srv/tools/deploy.sh

If the config file is owned correctly but only needs group write:

sudo chmod 664 /srv/tools/app.conf

If the user should not directly edit the file, the correct path may be:

sudo nano /srv/tools/app.conf

The point is to think, not guess.

Example Ticket Note

Verified current user context and group membership, inspected file ownership and permissions, identified missing execute permission on deployment script and limited write access on config file, applied targeted correction, and confirmed expected access behavior after retest.

Write Your Observation

Use a simple note like a junior admin or help desk tech would write.

Mini Knowledge Check

Score 75% or higher to unlock the next lesson link. Your score is saved on this browser.

1) Which command is best for identifying the current user?

df -h whoami top tar -cvf

2) Which command is strongest for viewing owner, group, and permission bits on a file?

free -h crontab -l ls -l apt update

3) Which command commonly fixes a script that exists but will not run because execute permission is missing?

chmod +x script.sh ping script.sh free -h script.sh crontab -e script.sh

4) What is the strongest troubleshooting habit in this lab?

Use chmod 777 immediately Guess the problem without checking the user Only inspect the file and ignore the user context Identify user context, inspect group access and file permissions, then apply the smallest correct fix

Next Lesson

🔒 Locked until quiz ≥ 75% and you mark complete

Lesson 19 — Linux Networking Troubleshooting Lab

Tip: update the next lesson link when your page exists.

Lesson 18 — Users, Groups & Permissions Troubleshooting Lab

whoami + id + groups + ls -l + chmod / chown / sudo

Lab Scenario

Ticket

1) Identify the Current User

Check who you are

Why this matters

2) Check Group Membership

Check groups

What to look for

Example thought process

3) Inspect Ownership and Permission Bits

Check the script

Check the config file

What you are deciding

4) Apply the Correct Fix

Fix missing execute permission

Fix ownership or group

Fix write access carefully

Use sudo when needed

5) Verify the Fix

6) Fast Troubleshooting Pattern

Practical — Solve the Ticket

Practical Task

Walkthrough

Example Ticket Note

Write Your Observation

Mini Knowledge Check

Next Lesson

Leave a Comment Cancel reply