Sunday, February 25, 2018

Week 3

John George Bauer-Buis
2018-02-24
NET-140-001N

Synopsis: Chapter 6 Permissions
This first section is a synopsis of this chapter using the headings and subheadings from the textbook, with descriptions in my own words.
  • Intro and Decoding Permissions
    • There are different categories for files.  Various different characters or symbols are used to represent them, such as a - (hyphen/dash) for regular files such as text files and binaries, b for block files, c for character files
    • There are three types of permissions that can be granted for a file or directory/folder: read (r), write (w), and execute/run (x).
  • Changing Permissions
    • Changing permissions is actually fairly simple. There are two methods:  Symbolic (letter based) permissions and Numeric Based Permissions.  Both methods use the change mode command, chmod, to apply them.
    • Symbolic permissions are the rwx as already described.  They are applied or removed with the chmod command and the +,-, and = operator to add, remove or set as equivalent, respectively, the read, write, and execute bits of the underlying binary permissions settings.  
    • Numeric Based Permissions are the underlying method that permissions are applied with.  To use them directly, they are applied in 3 digit (owner, group, and everyone) codes.  Each digit has multiple possible values with specific meanings. 7 grants all permissions (read, write, execute), 6 grants read and write, 5 read and execute, 4 read only
    • Commonly Used Permissions include:  rwx------ or 700, allowing the owner full permissions and none for their group nor everyone else; rw-rw-r-- or 664, which allows the user and their group to read and write but not execute the file
    • Working with Groups
      • As I’d mentioned, groups are users that share the same permissions for a file.  Groups can be used to control permissions for shared computers, such as file servers or workstations.  The chgrp command is used to change the group a file is shared with.
    • Directory Permissions
      • Directories can have permissions set the same way as files can, although directories need their permission set carefully or it may be impossible to run files within them.
    • Default Permissions and the File Creation Mask
      • Adding or subtracting permissions allows the setting of different permissions for files than the directory they are located in.
    • Special Modes
      • It is possible to run files as other users, so the umask (user mask) will return a fourth digit when the command umask is run by itself, to display the actual umask.

Observations and questions:
I notice that odd digits of permissions are always executable, although even numbers can be read, write, or both.  It can often be easier to add permissions for a user or group than to change the entire permissions settings.  I tend towards adding permissions as needed rather than just granting all permissions to everyone if I can’t do something with a file that I need to do, usually writing to a directory or editing a file, sometimes running a file without moving it to some obscure spot.  This is definitely a chapter that I will refer back to as needed, since numerical commands are not terribly memorable, at least for me, although I already remember that 7 is all permissions for a given user, group or for all users depending on position, and 6 just read and write.

This article on umask (user mask) might be useful:  https://www.linuxnix.com/umask-define-linuxunix/

I may add to this post at a later date if I discover more useful information that I think I should feature here.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)