Jeffimgcls Hi, I'm Jeff! Resume Linkedin Mail

Working With Linux Files And Permissions

Linux is an ultra efficient, powerful, and secure operating system. There are many distributions of Linux, but once you learn the command syntax, it's pretty much the same accross all the varients. Here are some of the basics to get you started working with directories, files, and users.

List File/Directory Permissions

ls -l -h

(1st - file or directory - = file d = directory)
(2nd (---) Owner permissions)
(3rd (---) Group permissions)
(4th (---) Other (the world) permissions)
r = read permission
w = write permission
x = execute permission
- = no permission

Change File/Directory Permissions

sudo chmod 777 filename

Number / Permission / Symbol
0 / No Permission / ---
1 / Execute / --x
2 / Write / -w-
3 / Execute + Write / -wx
4 / Read / r--
5 / Read + Execute / r-x
6 / Read + Write / rw-
7 / Read + Write +Execute / rwx

Change File/Directory Ownership

sudo chmod jeff filename

sudo chown user:group filename
sudo chgrp groupname filename

List all users

cat /etc/passwd

List all groups and members

cat /etc/group

List what users are members of a spcific group

grep groupnamehere /etc/group

List what users are members of a spcific group

grep groupnamehere /etc/group

Add new user with home directory, ability to log in, and password

sudo useradd -m testuser -p NewUserPassword

sudo useradd -m jeff -p userpasswordgoeshere

Add a new group

sudo groupadd testgroup

Add a user to a group

sudo usermod -a -G testgroup testuser

sudo usermod -a -G adm, dialout, cdrom, floppy, sudo, audio, dip, video, plugdev, netdev, lxd jeff

Give A User SUDO Access

sudo visudo

allow the user to run sudo commands without being asked for a password.

Another typical example is to allow the user to run only specific commands via sudo. For example, to allow only the mkdir and rmdir commands you would use:
username ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir

Instead of editing the sudoers file, you can accomplish the same by creating a new file with the authorization rules in the /etc/sudoers.d directory. Add the same rule as you would add to the sudoers file:
echo "username ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/username

Listing ACLs

sudo usermod -a -G testgroup testuser

getfacl testdirectory

Add A Group/User/Other to File/Directory ACL

sudo setfacl -R -m g:groupname:rwx
sudo setfacl -R -m g:groupname:rwx
sudo setfacl -R -m u:username:rwx
sudo setfacl -R -m u:username:rwx
sudo setfacl -R -m o:rwx
sudo setfacl -R -m o:rwx

Removing a Group from an ACL

setfacl -x g:groupname

Set ACL Mask

setfacl -m m:---

©, All rights reserved.