-
Laurent Modolo authoredLaurent Modolo authored
title: Users and rights
Users and rights
Objective: Understand how rights works in GNU/Linux
GNU/Linux and other Unix-like OS are multiuser, this means that they are designed to work with multiple users connected simultaneously to the same computer.
There is always at least one user: the root user
- It’s the super user
- he has every right (we can say that he ignores the rights system)
- this account should only be used to administer the system.
There can also be other users who
- have rights
- belong to groups
- the groups also have rights
File rights
Each file is associated with a set of rights:
-
-nothing -
rreading right -
wwriting right -
xexecution right
Check your set of rights on your .bashrc file
ls -l ~/.bashrcThe first column of the ls -l output show the status of the rights on the file
rwxr-xr--
\ /\ /\ /
v v v
| | others (o)
| |
| group (g)
|
user (u)- the 1st character is the type of the file (we already know this one)
- he 3 following characters (2 to 4) are the user rights on the file
- the characters 5 to 7 are the group rights on the file
- the characters 8 to 10 are the others’ rights on the file (anyone not the user nor in the group)
To change the file rights you can use the command chmod
Use the command ls -l to check the effect of the following options for chmod
chmod u+x .bashrcchmod g=rw .bashrcchmod o+r .bashrcchmod u-x,g-w,o= .bashrcWhat can you conclude on the symbols + , =, - and , with the chmod command ?
Numeric notation
Another method for representing Unix permissions is an octal (base-8) notation as shown by
stat -c %a.
Symbolic notation Numeric notation English ----------0000 no permissions -rwx------0700 read, write, & execute only for owner -rwxrwx---0770 read, write, & execute for owner and group -rwxrwxrwx0777 read, write, & execute for owner, group and others ---x--x--x0111 execute --w--w--w-0222 write --wx-wx-wx0333 write & execute -r--r--r--0444 read -r-xr-xr-x0555 read & execute -rw-rw-rw-0666 read & write -rwxr-----0740 owner can read, write, & execute; group can only read; others have no permissions
The default group of your user is the first in the list of the groups you belong to. You can use the command groups to display this list. What is your default group ?
The command id show the same information, but with some differences what are they ?
Can you cross this additional information with the content of the file /etc/passwd and /etc/group ?
What is the user id of root ?
When you create an empty file, system default rights and your default groups are used. You can use the command touch to create a file.
touch my_first_file.txtWhat are the default rights when you crate a file ?
You can create folders with the command mkdir (make directories).
mkdir my_first_dirWhat are the default rights when you create a directory ? Try to remove the execution rights, what appends then ?
You can see the /root home directory. Can you see it’s content ? Why ?
Create a symbolic link (ln -s) to your .bashrc file, what are the default rights to symbolic links ?
Can you remove the writing right of this link ? What happened ?
Users and Groups
We have seen how to change the right associated with the group, but what about changing the group itself ? The command chgrp allows you to do just that:
chgrp audio .bashrcNow the next step is to change the owner of a file, you can use the command chown for that.
chown ubuntu my_first_file.txtYou can change the user and the group with this command:
chown ubuntu:audio my_first_file.txtWhat are the rights on the program mkdir (the command which can help you find where program file are) ?
Can you remove the execution rights for the others ?
The command cp allows you to copy file from one destination to another.
man cp