| | 483 | === File Permission === |
| | 484 | |
| | 485 | - Commands preceded with "$" imply that you should execute the command as a general user - not as root. |
| | 486 | - Commands preceded with "#" imply that you should be working as root with "sudo" |
| | 487 | - Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>") imply that you are executing commands on remote equipment, or within another program. |
| | 488 | |
| | 489 | '''chmod''': Change file read write permission |
| | 490 | '''chown''': Change the owner of the file |
| | 491 | '''chgrp''': Change the group of the file |
| | 492 | |
| | 493 | ==== Reference ==== |
| | 494 | |
| | 495 | If you look at files in a directory using "ls -al" you will see the permissions for each file and directories. Here is an example: |
| | 496 | {{{ |
| | 497 | drwxrwxr-x 3 root root 4096 Feb 25 09:49 directory |
| | 498 | -rwxr--r-- 12 root root 4096 Feb 16 05:02 file |
| | 499 | }}} |
| | 500 | |
| | 501 | So, the directory has r (read), w (write), x (execute) access for the User and Group. For Other it has r (read) and x (execute) access. The file has read/write/execute access for User and read only access for everyone else (Group and Other). |
| | 502 | |
| | 503 | To change permissions you use the '''chmod''' command. chmod uses a base eight (octal) system to configure permissions. Or, you can use an alternate form to specify permissions by column (User/Group/Other) at a time. |
| | 504 | |
| | 505 | Permissions have values like this: |
| | 506 | {{{ |
| | 507 | Letter Permission Value |
| | 508 | |
| | 509 | R read 4 |
| | 510 | W write 2 |
| | 511 | X execute 1 |
| | 512 | - none 0 |
| | 513 | }}} |
| | 514 | |
| | 515 | Thus you can give permissions to a file using the sum of the values for each permission you wish to give for each column. Here is an example: |
| | 516 | {{{ |
| | 517 | Letter Permission Value |
| | 518 | |
| | 519 | --- none 0 |
| | 520 | --x execute 1 |
| | 521 | -w- write only (rarely used) 2 |
| | 522 | -wx write and execute (rare) 3 |
| | 523 | r-- read only 4 |
| | 524 | r-x read and execute 5 |
| | 525 | rw- read and write 6 |
| | 526 | rwx read, write, and execute 7 |
| | 527 | }}} |
| | 528 | This is just one column. Since we have three areas of permissions (User, Group, Other), it looks like this will all 3 sets: |
| | 529 | {{{ |
| | 530 | Permissions Numeric Description |
| | 531 | equivalent |
| | 532 | |
| | 533 | -rw------- 600 User has read & write permission. |
| | 534 | -rw-r--r-- 644 User has read & write. |
| | 535 | Group and Other have read permission. |
| | 536 | -rw-rw-rw- 666 Everyone (User, Group, Other) have read & write |
| | 537 | permission (dangerous?) |
| | 538 | -rwx------ 700 User has read, write, & execute permission. |
| | 539 | -rwxr-xr-x 755 User has read, write, & execute permission. |
| | 540 | Rest of the world (Other) has read & execute |
| | 541 | permission (typical for web pages or 644). |
| | 542 | -rwxrwxrwx 777 Everyone has full access (read, write, execute). |
| | 543 | -rwx--x--x 711 User has read, write, execute permission. |
| | 544 | Group and world have execute permission. |
| | 545 | drwx------ 700 User only has access to this directory. |
| | 546 | Directories require execute permission to access. |
| | 547 | drwxr-xr-x 755 User has full access to directory. Everyone else |
| | 548 | can see the directory. |
| | 549 | drwx--x--x 711 Everyone can list files in the directory, but Group |
| | 550 | and Other need to know a filename to do this. |
| | 551 | }}} |
| | 552 | ==== Exercise ==== |
| | 553 | |
| | 554 | - Go to the numbers directory and get a detailed list |
| | 555 | {{{ |
| | 556 | $ cd numbers |
| | 557 | $ ls -al |
| | 558 | total 24 |
| | 559 | drwxr-xr-x 3 dilum dilum 4096 Nov 17 13:53 . |
| | 560 | drwxrwxrwx 50 dilum dilum 4096 Nov 17 13:10 .. |
| | 561 | -rw-r--r-- 1 dilum dilum 42 Nov 17 13:08 numbers2.txt |
| | 562 | -rw-r--r-- 1 dilum dilum 91 Nov 17 13:08 numbers3.txt |
| | 563 | -rw-r--r-- 1 dilum dilum 49 Nov 17 13:08 numbers.txt |
| | 564 | drwxr-xr-x 3 dilum dilum 4096 Nov 17 13:08 one |
| | 565 | |
| | 566 | }}} |
| | 567 | - Change file permission as follows |
| | 568 | {{{ |
| | 569 | $ chmod 044 numbers.txt |
| | 570 | }}} |
| | 571 | Now you have remove read privilege try view the file using cat |
| | 572 | {{{ |
| | 573 | $ chmod 444 numbers.txt |
| | 574 | }}} |
| | 575 | Now you have set privilege as read only. Open the file via vi editor and try to edit the file |
| | 576 | |
| | 577 | - Switch to root user |
| | 578 | {{{ |
| | 579 | $ sudo su |
| | 580 | }}} |
| | 581 | |
| | 582 | - Change the ownership and group of the numbers2.txt to root and make it read only for all the other users. |
| | 583 | - Change the ownership and group of the numbers3.txt to root and remove all the privileges from all the other users. |
| | 584 | - Switch back to your user and try to view numbers3.txt and try to edit numbers2.txt |
| | 585 | {{{ |
| | 586 | # chown root numbers2.txt |
| | 587 | # chgrp root numbers2.txt |
| | 588 | # chown root numbers3.txt |
| | 589 | # chgrp root numbers2.txt |
| | 590 | # chmod 700 numbers3.txt |
| | 591 | # chmod 744 numbers2.txt |
| | 592 | # su 'Your username' |
| | 593 | $ cat numbers3.txt |
| | 594 | cat: numbers3.txt: Permission denied |
| | 595 | $ cat > numbers2.txt |
| | 596 | bash: numbers2.txt: Permission denied |
| | 597 | }}} |
| | 598 | |
| | 599 | === More Linux Commands === |
| | 600 | |
| | 601 | '''who am i''': |
| | 602 | '''df -dh''': |
| | 603 | '''man''': |
| | 604 | '''date''': |
| | 605 | '''time''': |
| | 606 | '''ln''': |
| | 607 | '''ps''': |
| | 608 | '''kill''': |
