Linux systems employ a robust user and group management system to control access to files, directories, and other system resources. This system is based on the principle of least privilege, ensuring that users only have the necessary permissions to perform their tasks.
Users:

   User Accounts: Each individual or service that interacts with the Linux system has a unique user account.
   Username: A human-readable identifier for the user (e.g., john).
   UID (User ID): A unique numerical identifier assigned to each user account.
   Home Directory: A dedicated directory where the user's personal files and configuration settings are stored (e.g., /home/john).
   Default Shell: The command-line interpreter used when the user logs in (e.g., /bin/bash).
   Password: Used for authentication to access the system.

Groups:

   Group Accounts: Collections of user accounts that share common access permissions to resources.
   Group Name: A human-readable identifier for the group (e.g., developers).
   GID (Group ID): A unique numerical identifier assigned to each group.
   Primary Group: Every user belongs to exactly one primary group, which is typically created with the same name as the user during user creation. New files and directories created by the user are usually associated with their primary group.
   Secondary (Supplementary) Groups: Users can belong to multiple secondary groups to gain additional permissions beyond those provided by their primary group.

How they work together:

   File and Directory Permissions:
   Every file and directory in Linux has associated permissions that define who can read, write, or execute it. These permissions are set for three categories:
       Owner: The user who owns the file or directory.
       Group: The group associated with the file or directory.
       Others: All other users on the system.
   Access Control:
   When a user attempts to access a file or directory, the system checks their user ID and group memberships against the file's permissions. If the user is the owner, a member of the associated group, or falls under the "others" category, and the corresponding permission (read, write, or execute) is granted, access is allowed.
   Simplified Management:
   Groups simplify permission management by allowing administrators to grant or revoke access to multiple users simultaneously by modifying group permissions, rather than individually managing each user's permissions. For example, all users in the developers group could be granted read and write access to a source code repository, while users in the administrators group might have broader system-level permissions.

Key Files:

   /etc/passwd: Stores user account information.
   /etc/group: Stores group account information and lists of group members.
   /etc/shadow: Stores encrypted user passwords.
   /etc/gshadow: Stores encrypted group passwords (less common).