Scribd
Upload
38 views13 pages

Controlling Access To Files

Uploaded by

sc425000
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
38 views13 pages

Controlling Access To Files

Uploaded by

sc425000
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

System Admin

886428:Controlling Aceess to File


Linux File permision
• Viewing file/directory permissions
and ownership
marik14$ ls -la aaa
-rw-r--r-- 1 athakorn syseng 0 Jan 22 21:03 aaa
marik14$
Effects of permissions
Changing file/directory permissions
The command used to change permissions from the
command line is chmod, short for "change mode“
(permissions a re a lso called the mode of a file). The
chmod command takes a permission instruction followed
by a list of files or directories to change. The permission
instruction can be issued either symbolically (the symbolic
method) or numerically (the numeric method).
Symbolic Method
• chmod WhoWhatWhich file | directory
- Who is u, g, o, a (for user, group, other, all)
- What is +, -, = (for add, remove, set exactly)
- Which is r, w, x (for read, write, executable)

Example :
#chmod u+x filename
Numberic Method
• chmod ### file l directory
- Each digit represents an access leve l: user,
group, other.
- # is sum of r=4, w=2, and x=1

Example :
#chmod 750 filename
Changing file/directory Ownership
A newly created file is owned by the user who creates
the file. By default, the new file has a group ownership
which is the primary group of the user creating the file.
This group is often a group with only that user as a
member. To grant access based on group membership,
the owner or the group of a file may need to be changed.
File ownership can be changed with the chown command

# chown user1:group1 filename


Special Permission
• The setuid (or setgid) permission on an
executable file means that the
command will run as the user (or group)
of the file, not as the user that ran the
command
[student@desktopX -]$ l s - 1 /usr/bin/passwd
-rwsr-xr-x. 1 root root 35504 Jul 16 2010 /usr/bin/passwd
Special Permission (con’t)
• setgid on a directory means that files
created in the directory will inherit the
group affiliation from the directory,
rather than inheriting it from the
creating user. This is commonly used
on group collaborative directories to
automatically change a file from the
default private group to the shared
group
Special Permission (con’t)
• The sticky bit for a directory sets a
special restriction on deletion of files:
Only the owner of the file (and root)
can delete files within the di rectory

[student@desktopX -]$ ls - ld /tmp


drwxrwxrwt . 39 root root 4096 Feb 8 20 : 52 /tmp
Effect of Special Permission
Setting Special Permission
• Symbolically:
setuid = u+s; setgid = g+s; sticky = o+t
example : #chmod g+s directory

• Numerically (fourth preceding dig it):


setuid = 4; setgid = 2; sticky = 1
example : #chmod 2770 directory
Default File Permission
• Use the umask command with a single
numeric argument to change the umask of
the current shell. The numeric argument
should be an octal value corresponding to
the new umask value. If it is less than 3
digits, leading zeros are assumed
• umask is storing in /etc/profile file

You might also like