This lab will be very helpful to understand the commands for managing file permissions and ownership, set up ACLs, hard and soft links.
Managing File Permissions and Ownership
• List files in /sbin directory
Ans. $ ls -l /usr/sbin
• Create a file and change its permissions so that owner can only read the file and the respective group can read/write the file while other can read/write/execute the file using octal values
Ans. $ chmod 467 file_name
• Change the permissions of the file so that user can read/write/execute the file, group can read/execute the file and others can only read the file without using octal values
Ans. $ chmod u=rwx,g=rx,o=r file_name
• Create a new user “Lab_user” and change the ownership of the file to this new user
Ans. $ sudo useradd lab_user
$ sudo chown lab_user file_name
• Create a new group “Lab_users” and assign this group to the file
Ans. $ sudo groupadd lab_users
$ sudo chgrp lab_users file_name
• Change the default permissions to rwx rw- r--
Ans. $ umask 013
• Create directory so that only the owner or root can delete the directory
Ans. $ mkdir test
$ chmod o+t test or or $ chmod 100 test
• Create a file so that when it is executed, the group ID of the process is changed to the group ID of the file
Ans. $ mkdir directory_name
$ sudo chown lab_user directory_name
Set up ACLs
• As root, create a dir ‘acl_test’ in /tmp and set its permission as 700
Ans. $ sudo mkdir /tmp/acl_test
$ sudo chmod 700 /tmp/acl_test
• As username, try to change into this dir
Ans. "you do not have permissions necessary to open the file"
• Using ACL, allow username to change into this dir
Ans. $ setfacl -m u:username:rwx /tmp/acl_test
• As root, create a file in this dir
Ans. $ touch /tmp/acl_test/test_acl_file
• Change default ACL of this dir, giving username rw- access
Ans. $ setfacl -d -m u:username:rw_ /tmp/acl_test
• Create another file in the same dir
Ans. $ touch /tmp/acl_test/test_acl_file2
• Compare the two files ACLs using getfacl
Ans. $ getfacl /tmp/acl_test/test_acl_file, getfacl /tmp/acl_test/test_acl_file2
• Remove ACLs from this directory completely
Ans. $ setfacl -x u:username /tmp/acl_test
Hard and Soft Links
• Go into the tmp directory
Ans. $ cd tmp
• Make a directory called original
Ans. $ mkdir original
• Copy the /etc/host.conf file or any file to test with here
Ans. $ cp /etc/host.conf /tmp/original
• List the contents and take note of the inode (first column)
Ans. $ cat original/host.conf
$ ls -i original/host.conf or stat original/host.conf
• Create a symbolic link to host.conf called linkhost.conf
Ans. $ ln -s host.conf linkhost.conf
• Now list out the inodes again
Ans. $ ls -i
• Notice if the the inode for the link is different?
Ans. Yes, inode for the softlink is different.
• Now create a hard link to the same file called hardhost.conf
Ans. $ ln host.conf hardhost.conf
• Now list the inodes one more time
Ans. $ ls -i
• Notice if the the inode for the link is different?
Ans. No. inode for the hardlink is same as of the file inode.
• Open up linkhost.conf and edit it and save it
Ans. $ gedit linkhost.conf
• Now look in host.conf and notice if the changes were made
Ans. Yes, changes are made in both host.conf and linkhost.conf.
• Lets cut/paste host.conf up one directory and see if it causes any problems
Ans. Yes, it causes problems. 'linkhost.conf' becomes invalid. 'hardhost.conf' is valid.
• Do ls and see what is the result?
Ans. Now using ls command. linkhost.conf is displayed in red. hardhost.conf is displayed blue.
• What is the result of cat linkhost.conf?
Ans. $ cat linkhost.conf
Result: - cat: linkhost.conf: No such file or directory
• What is the result of cat hardhost.conf?
Ans. $ cat hardhost.conf
Result: - Whole file content is shown