Objective 5.3 covers basic file permissions and ownership. I already have a guide covering this topic pretty well, so I will refer you to it. For understanding setuid and setgid programs, I wrote a guide demonstrating how they work.
If you end up working with Linux professionally, you will need to understand file permissions very well. I work with permissions almost daily at my job as Linux and UNIX administrator.
In my opinion, the best way to learn this task is to do it. Get on a Linux machine and experiment.
Setting Up Your Environment
I’m not going to provide a comprehensive set of experiments, as there is a lot of value in experimenting on your own. I learn things writing for this site when I am verifying the accuracy of my material. I am going to provide you with a starting point.
Follow these steps:
- Obtain
rooton a Linux machine. - Create a directory called
/permissions. Set the permissions to777. - Create two groups and three users.
- Have four terminals open to the machine. One logged in as each of the users created, and one as
root. - In each terminal, change directory to
/permissions. - Experiment!
Obtain root
The details of how to do this will vary. Ubuntu and Mint are probably the most popular Linux based desktop systems. On these, log in as yourself and in a terminal run the command below:
$ sudo su -Create the Experimentation Directory
Run the command below as root to setup your working area:
# mkdir -m 777 /permissions
ls -ld /permissions
drwxrwxrwx 2 root root 4096 Dec 19 08:58 /permissionsNow create two groups:
# groupadd group1
# groupadd group2Create three users, one in one of the new groups, one in both of the new groups, and one in neither of the groups. They will be called both, one, and none respectively. Don’t worry about setting passwords, you don’t need them.
# useradd -G group1 -g group2 both
# useradd -G group2 one
# useradd noneNow get four terminals logged in as root. Your screen should look something like this:
Four_terminals
In one of the terminals, change your directory to the one created earlier:
# cd /permissionsIn the next, become user both and go to /permissions
# su - both
$ cd /permissionsRepeat for one:
# su - one
$ cd /permissionsFinally, do the same for none:
# su - none
$ cd /permissionsYou are now setup to tinker with permissions and ownership.
Experimenting
I will make a few suggestions, then you will be on your own. Make files and directories with touch and mkdir. Use the root window to alter their owner and group. An easy way to try to write to a file is the standard output redirect (>) with echo. Keep in mind that doing so will overwrite the contents of a file. For example:
$ ls -l
total 4
-rwxr-xr-x 1 root root 0 Dec 20 06:56 not_writable
-rwxrwxrwx 1 root root 0 Dec 20 06:57 writable
$ echo test > writable
$ echo test > not_writable
bash: not_writable: Permission denied
$ cat writable
test
$ cat not_writable
$ Suggestions:
- Have my permissions guide open while you experiment. The Changing Permissions section instructs you on how to use the relevant commands.
- Change ownership using both numeric IDs and user/group names.
- Change permissions using both numeric and symbolic modes.
- Try varying levels of access for each permission set. E.g. have everyone else no permission, group read only, and owner everything.
- After setting permissions and ownership of a file or directory, try reading and writing with all three regular users to check your understanding.