SYS 255 ‐ Linux File Permissions - connor0329/repository-1 GitHub Wiki

Deliverables

1. Only the marketing group should have access to a file I create called /marketing/newproducts.txt

EX:

  • Be in root
  • Type "chmod" 770 /marketing"
  • Type "touch /marketing/newproducts.txt"
  • Type "ls -ld /marketing/newproducts.txt", both the owner and group should have "read(r), write(w), and execute(x)" priviledges image

2. Bob and Fred should be able to see newproducts.txt, but only Fred should be able to modify the file

EX:

  • Be in root
  • Type "chgrp marketing /marketing/newproducts.txt"
  • Type "chmod 640 /marketing/newproducts.txt"
  • Type "chown fred /marketing/newproducts.txt"
  • Type "ls -l /marketing/newproducts.txt", the owner should have "read(r), write(w)" privileges and group should have "read(r)" privileges image

3. Alice is the manager. The new file, ~/management/bobreview.txt should only be accessible to Alice and the management group

EX:

  • Be in root

  • Type "chgrp management /management"

  • Type "chmod 770 /management"

  • Type "touch /management/bobreview.txt"

  • Type "chown alice /management/bobreview.txt"

  • Type "chgrp management /management/bobreview.txt"

  • Type "chmod 640 /management/bobreview.txt"

  • Type "ls -ld /management", both the owner and group should have "read(r), write(w), execute(x) privileges" image

  • Type "ls -l /management", the owner should have "read(r), write(w)" privileges and group should have "read(r)" privileges
    image

What we did in this lab

1. Creating Alice Bob and Fred on "dchp01"

EX:

  • SSH or start up "dhcp01"
  • Make sure you're in "root"
  • Type "useradd bob"
  • Type "passwd bob", New password: 1
  • Do the same for the names "Fred" and "Alice"

2. Creating the group, "Marketing" and adding "bob and "fred" into that group

EX:

  • Make sure you're in "root"
  • Type "groupadd marketing"
  • Type "usermod -aG marketing bob", and Type "usermod -aG marketing fred"

3. Making the "Marketing" and "Management" directory

EX:

  • Make sure you're in root
  • Type "mkdir /marketing"
  • Type "mkdir /management"

4. Changing the "/marketing/" directory, group from "root' to "marketing"

EX:

  • Make sure you're on root or type "sudo" before the following command
  • Type "chgrp marketing /marketing/"

5. Setting the "write" flag for the group "/marketing/

EX:

  • Makes sure you're in root
  • Type "chmod g+w /marketing"
  • To check it worked, type "su - fred"
  • Then type "echo "fred file" > /marketing/fredfile.txt"
  • If you get no error when executing the above command it worked

6. Making it so "Alice" can't "read" or "execute" the "/marketing/" directory

EX:

  • Make sure your in root
  • Type "chmod o-rwx /marekting/"
  • To check it worked, type "su - alice"
  • Type "cat /marketing/fredfile.txt"
  • Should say "Permission denied" if done correctly

7. Using the user "fred" change the group for "fredfile.txt" from "fred" to "marketing"

EX:

  • Type "su - fred", from root
  • Type "cd /marketing/
  • Type "chgrp marketing fredfile.txt"
  • To make sure it worked type "ls -l", next to fred it should say "marketing"
  • You can also prove it worked by, type "su - bob"
  • Type "echo oops >> /marketing/fredfile.txt", if you get no error it worked

**8. Removing the "read (r)" permission on the file "fredfile.txt" from the "other" users **

EX:

  • Make sure you're the "fred" user
  • Type "chmod o-r *"

9. Removing the "read (r)" and "write (w)" permissions for the file "fredfile.txt" from the group "marketing"

EX:

  • Make sure you're the user fred
  • Type "cd /marketing"
  • Type "chmod -v 600 fredfile.txt"

Important Information in this Lab

What is the format for, "read (r), write (w) and execute (x) when typing "ls -ld" followed by a file or directory"

  • An example of what an output after "ls -ld" looks like is: "drwxr-xr--"
  • The first character "d" (directory) indicates the file type
  • The next 9 characters represent the permissions for three categories
    • Owner: "rwx" (read, write, execute)
    • Group: "r-x" (read, no write, execute)
    • Others: "r--" (read, no write, no execute)

What is a shortcut using numbers for changing or removing permissions using "chmod" for a file type

  • An example of this is something like "chmod 770 /marketing"
  • Each permission, "read (r), write (w), and execute (x)" have a corresponding number assigned to them
    • read (r) = 4
    • write (w) = 2
    • execute (x) = 1
  • So "chmod 770 /marketing" would give the "owner", "read (r), write (w) and execute (x)" privileges (4+2+1 = 7), the "group", "read (r), write (w) and execute (x)" privileges (4+2+1 = 7), and others no privileges (0) to the directory "/marketing"
    • When u add it all up Owner (7), Group (7), and others (0), it becomes 770

Commands

chmod - Changes the permissions of a file or directory

EX:

  • "chmod 770 /marketing"
  • "chmod o-rwx /markeing"

touch - Creates a new, empty file or updates the timestamp of an existing file

EX: "touch /marketing/newproducts.txt"

ls -ld - Lists detailed information about a directory or file without showing the contents f the directory

EX: "ls -ld /marketing"

chgrp - Changes the group ownership of a file or directory

EX: "chgrp marketing /marketing"

chown - Changes the ownership of a file or directory,

EX: "chown fred /marketing/newproducts.txt"

echo - Displays a message or string of text to another output location

EX: "echo "fred file" > /marketing/fredfile.txt"