Lesson 3: Managing Permissions and Ownership Flashcards
True of False ls -l will allow you to view permission set
True
What are the following permission symbols d-r-w-x–
Directory-read-write-executable-none
What common command do you use to modify per
qmission?
The change file mode command “chmod”
In symbolic mode, the syntax of the chmod command is:chmod {access context} {operators} {permission attributes} {file/directory names}
example: to add read and write permissions to my file for the owner and the group: chmod u+rw,g+rw myfile
What are the types of users and entities can you give permission to?
Owner (u): The owner of the file or directory, also simply referred to as the user
Group (g): The file or directory’s group and all users belonging to that group
Other (o): All other users (neither owner nor group member)
Where does default permission come from?
The default permission come from the in /etc/profile for all users OR ~/.bashrc for one user
How do we define who the owner or group is?
chown - which can be used to change owner
or chgrp - which can change group of a file
The syntax of the chown command: chown {user name}:{group name} {file ordirectory name} -> to change the owner to the specified user, as well as the specified group.
How do you seize ownership of every directory and its sub directories?
chown -R [user] directory/*
What is FACL?
File Access Control List
made up of ACE - Access Control Entries
How do you confirm if ACL is enable of a object?
getfacl {object_name} and see what returns
How do give access to an object to another user without changing ownership?
You can use setfacl -m modify
the option -s allow you to set permission which may override what is already set
What limitations do we have with basic permissions?
Limitations only allow one user and one group. It is not very flexible and the users apply their primary group by default.
How can you overcome the limitations of basic permissions?
Be using ACLs/FACLs, which allows assigning permissions to more than one user/group
How do you assign group permission using FACL?
You use setfacl -m g::rwx
The syntax of the setfacl command is setfacl [-bR] [-mx {acl_spec}] {file/directory names}
How do you assign permission using FACL on a directory?
Directory permissions can be passed down to files through enable inheritance or use setfacl -m d:g::rwx
Note: The d: indicates it is a directory default and f: can be used to set a file default
What advanced permission prevent files from being deleted by anyone other then root or the file owner?
Sticky bit, files with the sticky bit can only be deleted/renamed by root or the file owner and allows for “Friendly” shared directories.
example: chmod o+t