Linux File Permissions - aaralik1/SYS-255 GitHub Wiki

In today's lab, we will be exploring the Linux file permissions. To start off, we will be diving into how to add users on Linux, how to set up password ...

First of all, you have to be in the root directory so make sure to type sudo -i before you begin.

---

I used the command useradd to add new users.

The image above shows that I already had a username bob.

---

In this screenshot, I used to command passwd in order to add a password for the user bob.

The same steps will be repeated for alice and fred as well.

---

You can used the command ls /home in order to view the users added.

---

You may use the groupadd command to add a group of your choice. In this case, we had to create a marketing and management group.

---

Using the command usermod -aG you can append a group to a user.

---

In this screenshot, I used the mkdir command to make a new directory. You can also use the ls -l / command to look at the root of the file systems. It is highlighted in yellow visible in the image

---

Instead of logging out of root and logging in as alice. You can simply use the su - alice command to access alice's system.

To create a file in alice's home directory. I will be using the command echo alice

---

You may use the chgrp marketing /marketing command to apply the marketing group to the marketing directory.

---

After that, I made a file called bobreview.txt by using the command echo "alice file" > /management/bobreview.txt. However, I didn't have access so I had to go to root and then try the command, chmod g+w /management/ and then I used the command again.

---

In the image below, I had to go to the management directory and add the bobreview.txt to that directory so I used the chgrp management bobreview.txt. You can see that what directory it is part of by using the command ls -l bobreview.txt.

---

So in this case, we don't want bob and fred to access the management directory nor do we want them to read, write, or execute. I used the command chmod o-rwx /management/. Using this command, fred and bob now do not have access to the bobreview.txt file located in the management directory. The image below indicates that only alice has access to the file due to them being part of the management directory.

I will be doing the same thing for bob and fred, except this time, alice doesn't have access to the marketing directory.

---

Using the command chmod 600 newproducts.txt in the user fred and when changed the directory to marketing, I gave him access to ownership and modification of the file.

---

So, apparently, I totally cut out bob's access to the /marketing/newproducts.txt which I then had to go back to the root directory and use the command chmod 644 /marketing/newproducts.txt in order to allow read access to its the marketing users.

---

Later, I wanted to double check so I went to fred's account and did nano /marketing/newproducts.txt which fred was perfectly able to modify it.

Then, I went to bob's account to double check that he only had read access and yes, he only had read access!!