Lab 04 ‐ Module 01 ‐ Linux File Permissions - Isaiah-River/SYS-255-02-SYSAdmin GitHub Wiki

For this module we worked on familiarizing ourselves with Linux file permissions. I started by remote connecting to my DHCP computer, and using the command awk -F: '{print $1}' /etc/passwd to get a clean list of all the user's currently on the system.

I then used the command sudo useradd NAME to add the users Bob, Fred, and Alice.

I then gave each of these accounts passwords with the command passwd Bob.

After this I looked at the directory for Alice by navigating to home using /ls home then ls -ld /home/Alice to see the user permissions for the directory.

I then created the groups marketing and management using the command groupadd NAME and then the command usermod -aG accounting NAME to add users to the appropriate groups. In my case I added Bob and Fred to the marketing group and Alice in the Management group.

I then navigated back to the root folder, and made two directories using the command mkdir /DIRECTORYNAME.

I then navigated to the newly created marketing folder and created a file using the command touch newproducts.txt

I then changed the group for the marketing directory by using the command chgrp marketing /marketing.

I then repeated this step for the /management directory. After this I modified the access mode of the /marketing directory so that others could not read, write, or and execute using the command chmod o-rwx /marketing/.

After this members outside the marketing group, like Alice, were unable to access the file newproducts.txt, while Bob and Fred, who are in the marketing group, could. However neither Bob nor Fred could write this file.

In order to resolve this issue and solve the other file access control issues, I had to change the access mode of the file and directories using the command chmod and change ownership of files using the chown command.

chown - Used to change the ownership of a file. Example : chown username filename - this would change the owner of filename to username

chmod - Used to change the access mode of a directory or file. Example : chmod u+rwx /directory/filename- this would allow the owner of filename contained in directory to be able to read, write, and execute.

Using these commands I set the marketing directory to allow individuals to read, write, and execute within the directory, and others to not have access at all. I repeated this for the management directory. I then set the ownership for newproducts.txt to Fred, and modified its access mode to allow those in the group to read and execute, but not to write, and the owner to be able to read, write, and execute, while others could not access it at all. I then went to the bobreview.txt in the management group and set it so that users in the group could read, write, and execute, while others could not access it (though they did not even have permission to access the directory). I also set the group ownership of newproducts.txt to the marketing group, and the group ownership of bobreview.txt to the management group. Below I've attached screenshots of the various access modes of the files and directories.