In Linux systems file access is controlled as follows.
Access is defined by three permissions;
A set of permissions may be designated by a string such as r-- meaning read only or rw- meaning read and write or --x meaning execute only. These permissions can also be represented as octal and would be 4,6,1 consecutively. These are binary 100, 110 and 001.
Every file belongs to a user and a group and must have permissions set for;
In a Linux commands this is done with a string such as
When a person tries to access a file
Thus one could create a group called "jerks" and use it to deny some people access to a file that was accessible to anybody who was not a member of the group. Of course this is of limited value because it would require the file to belong to the group jerks! Also on most systems a user can remove themselves from a group.
Directories are controlled in the same way but;
Directories also have some other access controls;
By setting the "sticky bit" users can only delete their own files.
TODO what about rename?
set group id bit if set forces a files group to be the directories group.
Add Execute by User permission;
chmod u+x <file descriptor>
Assign Read Write Execute permission to User, Read Execute permission to Group, Execute permission to Others;
chmod 751 <file descriptor>
chmod u=rwx,g=rx,o=x <file descriptor>
Assign Read only permission to file for All that means User Group and Others;
chmod =r <file descriptor>
chmod a-wx,a+r <file descriptor>
chmod 444 <file descriptor>
Change the owner of file or files to "root";
chown root <file descriptor>
Likewise, but also change its group to "staff";
chown root:staff <file descriptor>
Change the owner of file or files and subfiles to "root";
chown -hR root <file descriptor>
Change the group of file or files to "staff";
chgrp staff <file descriptor>
Change the group of file or files and subfiles to "staff";
chgrp -hR staff <file descriptor>
© Tom de Havas 2011. The information under this section is my own work it may be reproduced without modification but must include this notice.
Information on users is stored in the file;
Groups are defined in the in the file;
It contains a list of the users that are members of each group.
When you create a file it will be assigned to your primary group. To assign it to another group you must either;
newgrpbefore you create the file or
When you switch the system on if it goes directly to the command prompt then it displays a message which it gets from the file
You can display information for your account with the
The following commands are not simple and need to be looked at before use;
passwd- Change the password for the current user
file <filename>- Display file type of file with name filename
cat <textfile>- Throws content of textfile on the screen
pwd- Display present working directory
exit or logout- Leave this session
man <command>- Read man pages on command
info <command>- Read Info pages on command
apropos <string>- Search the whatis database for strings
tty- tells you about terminals that are are running
ps- tells you far more useful stuff about terminals than tty
uname -a- Prints the name of the operating system, the systems internet name, operating system release number etc
who -H- tells you which users are logged on to which terminals
dmesg- display all messages from the kernel ring buffer