Lesson 3: Managing Permissions and Ownership

Question 1

True of False ls -l will allow you to view permission set

Answer 1

True

Question 2

What are the following permission symbols d-r-w-x–

Answer 2

Directory-read-write-executable-none

Question 3

What common command do you use to modify per

qmission?

Answer 3

The change file mode command “chmod”

In symbolic mode, the syntax of the chmod command is:chmod {access context} {operators} {permission attributes} {file/directory names}

example: to add read and write permissions to my file for the owner and the group: chmod u+rw,g+rw myfile

Question 4

What are the types of users and entities can you give permission to?

Answer 4

Owner (u): The owner of the file or directory, also simply referred to as the user

Group (g): The file or directory’s group and all users belonging to that group

Other (o): All other users (neither owner nor group member)

Question 5

Where does default permission come from?

Answer 5

The default permission come from the in /etc/profile for all users OR ~/.bashrc for one user

Question 6

How do we define who the owner or group is?

Answer 6

chown - which can be used to change owner
or chgrp - which can change group of a file

The syntax of the chown command: chown {user name}:{group name} {file ordirectory name} -> to change the owner to the specified user, as well as the specified group.

Question 7

How do you seize ownership of every directory and its sub directories?

Answer 7

chown -R [user] directory/*

Question 8

What is FACL?

Answer 8

File Access Control List

made up of ACE - Access Control Entries

Question 9

How do you confirm if ACL is enable of a object?

Answer 9

getfacl {object_name} and see what returns

Question 10

How do give access to an object to another user without changing ownership?

Answer 10

You can use setfacl -m modify

the option -s allow you to set permission which may override what is already set

Question 11

What limitations do we have with basic permissions?

Answer 11

Limitations only allow one user and one group. It is not very flexible and the users apply their primary group by default.

Question 12

How can you overcome the limitations of basic permissions?

Answer 12

Be using ACLs/FACLs, which allows assigning permissions to more than one user/group

Question 13

How do you assign group permission using FACL?

Answer 13

You use setfacl -m g::rwx

The syntax of the setfacl command is setfacl [-bR] [-mx {acl_spec}] {file/directory names}

Question 14

How do you assign permission using FACL on a directory?

Answer 14

Directory permissions can be passed down to files through enable inheritance or use setfacl -m d:g::rwx

Note: The d: indicates it is a directory default and f: can be used to set a file default

Question 15

What advanced permission prevent files from being deleted by anyone other then root or the file owner?

Answer 15

Sticky bit, files with the sticky bit can only be deleted/renamed by root or the file owner and allows for “Friendly” shared directories.

example: chmod o+t

Question 16

What command displays permission information?

Answer 16

ls -l

command gives you a long list of the files and directories in your currentworking directory.

Question 17

What two modes does chmod support?

Answer 17

symbolic mode and absolute mode

Question 18

What is chmod absolute mode?

Answer 18

Absolute mode, uses octal (base-8) numbers to specify permissions. Each permission (r/w/x) has an associated number.
4=Read, 2=Write and 1=Execute

the syntax of the chmod command is chmod {number} {file/directory name}

commonly assigned permissions in “Absolute Mode”

• 755u= rwx , g=rx , o=rx
• 700u= rwx , g= , o=
• 644u= rw , g=r , o=r
• 600u= rw , g= , o=

Question 19

How do you view permissions of a directory?

Answer 19

ls -ld {directory name}

Question 20

uHow do you change default permission ?

Answer 20

You can use the umask command to set the default permissions for a session, or the default permissions for each user in their .bashrc file.

Question 21

How do you change group ownership for a file or directory?

Answer 21

chgrp

The syntax of the chgrp command is chgrp {group name} {file/directory name}

Question 22

What is SUID?

Answer 22

SUID or setuid, is a special permissions that allows a user to have similar permissions as the owner of the file.

Question 23

What is SGID?

Answer 23

SGID, or setgid, is the special permission that allows a user to have similar permissions as the group owner of the file.

note: SGID can also be set on directories. Any subdirectories created in this directory will automatically inherit the SGID permission.

Question 24

How do you set the SUID and or SGID special permissions?

Answer 24

SUID and SGID are both set using the chmod command.

the syntax is as follows:

chmod u+s for setting SUID

chmod g+s for setting SGID

Question 25

How do you prevent a file or directory from being modified, even by the root user?

Answer 25

User the “ immutable flag “ attribute.

This is useful for files with a high degree of sensitivity and importance, and which are also not likely to change any time soon.

note: when viewing file attributes, the lowercase i character indicates that the immutable flag is set.

Question 26

What command list the attributes of a file or directory?

Answer 26

lsattr

The syntax of the lsattr command is lsattr [options] {file/directory names}

Question 27

What command changes the attributes of a file or directory?

Answer 27

chattr

The syntax of the chattr command is chattr [-R] [-v {version}] [+-{attributes}] {file/directory names}