32. File Permissions and Ownership Flashcards

1
Q

Learning Objectives

By the end of this chapter, you should be able to:

  • Explain the concepts of owner, group, and world.
  • Set file access rights (read, write, and execute) for each category.
  • Authenticate requests for file access, respecting proper permissions.
  • Use chmod to change file permissions, chown to change user ownership, and chgrp to change group ownership.
  • Understand the role of umask in establishing desired permissions on newly created files.
  • Use ACLs to extend the simpler user, group, world and read, write, execute model.
A

test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Owner, Group and World

When you do an ls -l, as in:

$ ls -l a_file
-rw-rw-r– 1 coop aproject 1601 Mar 9 15:04 a_file

1) what is the 1st character represented character slot (in bold) represent?
2) what the 3 groups that are represented via access right in the 9 character slots?

A
  1. owner: the first 3, the user who owns the file (also called user)
  2. group: the next 3, the group of users who have access
  3. world: the last 3, the rest of the world (also called other).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

File Access Rights

If you do a long listing of a file, as in:

$ ls -l /usr/bin/vi
-rwxr-xr-x. 1 root root 1206144 Jun 14 08:49 /usr/bin/vi

what does r, w, x represent?

A
  • r: read access is allowed
  • w: write access is allowed
  • x: execute access is allowed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

chmod

What utility is used to change the file permission of a file?

A

chmod

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

chmod

What the difference between a non superuser (regular user) changing file permissions vs a superuser changing their file permission?

A

A regular user can only change the file permissions of a file they own vs and superuser can change the file permission of any files even if they don’t own it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

chmod

What are the 2 forms that can be used to change a files permissions?

A
  • 1st form (symbolic form)
    • u+rwx
    • u-rwx
    • g+rwx
    • g-rwx
    • o+rwx
    • o-rwx
    • Combination example
      • chmod u+rwx,g+rw,o-r filename
  • 2nd form (bitmap - octal form)
    • 0755
    • ect..
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Octal Digits

What are the 3 octal digits used to change a files permission and which value do they represent?

The octal form is a short hand form to change user, group, others in a set of 3 numbers which represent a sumed value of the selected octal digits. EX: chmod 755 filename

A
  • 4 - read permission desired
  • 2 - write permission desired
  • 1 - execute permission desired

4 + 2 = 7 = read + write permission desired

4 + 1 = read + execute permission desired

EX:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Changing file user ownership

What command is used to change the user ownership of a file?

A

chown

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Changing file user ownership

What is the command to change a file named “somefile” to the owner “billy”?

A

sudo chown billy somefile

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Changing file owner and group ownership

What is the command to change both user and group ownership?

A

chown newUser:newGroup filename

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Changing file owner and group ownership recursively

What is the command to change all files in the current directory and all its subdirectories?

A

chown -R newUser:newGroup filename

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Changing file group ownership

What is the command to change the file group ownership?

A

chgrp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Changing file group ownership

What is the command to change the group to “researchers” on the file named “biology”?

A

chgrp researchers biology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

umask

What is the purpos of umask?

A

It is a tool used to globally configure denial of file permissions r,w,x on either the user, group, other worlds using octal format.

It subtracts a octal number from the default or preset file permission.

Example:

The current value can be shown by:

$ umask
0002

which is the most conventional value set by system administrators for users. This value is combined with the file creation permissions to get the actual result; i.e.,

0666 & ~002 = 0664; i.e., rw-rw-r–

You can change the umask at any time with the umask command, as in

$ umask 0022

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Filesystem ACLs

What is the linux filesystem ACL?

A
  • Commands:
    • getfacl
    • setfacl

It is extends the simpler user, group, world and read, write, execute model file/directory access protocal.

Particular privileges can be granted to specific users or groups of users when accessing certain objects or classes of objects. Files and directories can be shared without using 777 permissions.

While the Linux kernel enables the use of ACLs, it still must be implemented as well in the particular filesystem. All major filesystems used in modern Linux distributions incorporate the ACL extensions, and one can use the option -acl when mounting. A default set of ACLs is created at system install.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Filesystem ACLs

What is the utility to see ACL of a file or directory?

A

getfcl filename|directory name

17
Q

Filesystem ACLs

What is the utility to set ACL?

A

setfacl options permissions filename|directory

Note that new files inherit the default ACL (if set) from the directory they reside in. Also note that mv and cp -p preserve ACLs.

18
Q

Filesystem ACLs

Using ACL give the user billy read and execute access for the file named file1.

A

setfcl -m u:billy:rx file1

setfcl -m u:billy file1

-m is the modify permissions flag

-x is the remove permissions flag

19
Q

Filesystem ACLs

Using ACL what is the command to set the ACL default for a directory named somedir? for the user billy but also allow the user to have rx access on top of the ACL default configs?

A

$ setfacl -m d:u:billy:rx somedir