linux_wiki:list_set_and_change_standard_ugo_rwx_permissions

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
linux_wiki:list_set_and_change_standard_ugo_rwx_permissions [2016/02/28 22:58]
billdozor created 		linux_wiki:list_set_and_change_standard_ugo_rwx_permissions [2019/05/25 23:50] (current)
Line 3: Line 3:
 **General Information** **General Information**
  
-About this page/how-to/script+Ownership and permissions
  
 ---- ----
Line 43: Line 43:
 ===== Change Permissions ===== ===== Change Permissions =====
  
-=== Symbolic ===+==== Symbolic ====
  
   * u => user owner   * u => user owner
Line 67: Line 67:
   * For user owner and group => Adds execute to dir1 and all sub directories, not files.   * For user owner and group => Adds execute to dir1 and all sub directories, not files.
  
-=== Octal ===+---- 
 + 
 +==== Octal ====
  
   * 4 => read   * 4 => read
Line 81: Line 83:
   * group => read(4) permissions   * group => read(4) permissions
   * others => no(0) permissions   * others => no(0) permissions
 +
 +----
 +
 +===== Setuid, Setgid, sticky bits =====
 +
 +  * Setuid => execute file with owner's permissions
 +  * Setgid => execute file with group's permissions (most often set on directories to keep files created in that dir owned by the group)
 +  * Sticky bit => when set on a directory, prevents file deletion unless the user is the owner. (even if they have write permissions)
 +
 +Add setuid to script1
 +<code bash>
 +chmod u+s script1
 +</code>
 +
 +\\
 +Same scenario, octal mode
 +<code bash>
 +chmod 4740 script1
 +</code>
 +
 +When there are four numbers in chmod, the first is for setuid/gid/stickybit:
 +  * 4 => setuid
 +  * 2 => setgid
 +  * 1 => sticky bit
 +
 +----
 +
 +===== umask: default file/directory permissions =====
 +
 +  * umask permissions are "masking" the permissions that we don't want to have.
 +  * New files will **not** be created with execute permissions by default.
 +  * New directories **will** be created with execute permissions by default.
 +
 +View current defaults
 +<code bash>
 +umask
 +0022
 +</code>
 +  * Defaults show above are in octal
 +  * Owner => 0 (don't mask any)
 +  * Group => 2 (mask write permissions)
 +  * Others => 2 (mask write permissions)
 +
 +\\
 +The above yields a file with the following permissions by default:
 +<code bash>
 +-rw-r--r--   1 user user    0 Jun 22 14:01 file1
 +</code>
 +
 +\\
 +Temporarily change the default for this session only
 +<code bash>
 +umask 266
 +
 +touch testfile
 +ls -l
 +dr-x--x--x   2 user user 4096 Jun 22 14:09 testdir
 +-r--------   1 user user    0 Jun 22 14:08 testfile
 +</code>
 +
 +\\
 +Permanent umask changes (system wide)
 +<code bash>
 +vim /etc/bashrc
 +vim /etc/profile
 +
 +if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
 +       umask 002
 +    else
 +       umask 022
 +fi
 +</code>
 +  * User accounts with a user id greater than 199 and the group name is the same as their username => umask of 002.
 +  * All other users => umask of 022
 +  * Note: Need to make this change in /etc/bashrc and /etc/profile
  
 ---- ----
  
  • linux_wiki/list_set_and_change_standard_ugo_rwx_permissions.1456718326.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)