File Permissions Lab¶
In this lab you will learn how to assign permissions to files and directories to provide a measure of security and privacy to your files on a multiuser system.
Before You Begin¶
Be sure to make the changes to your home directory asked for in the Navigating the Filesystem lab. This lab assumes the new names and directory structures.
Log on to
opus3 so that you have a command line shell at your service. Be sure you are in your home directory to start this lab. Using the
chmod commands, you will modify the permissions on files and subdirectories in your home directory.
From your home directory, do a long listing with the
Who owns these files?
To which group do they belong?
How can you distinguish file entries from directory entries?
Do a long listing of the file,
Who owns it?
Can you move the file to your home directory? Why or why not?
Can you copy the file to your home directory? Why or why not?
Now that you have copied the file
check5to your home directory, who owns it? What are the permissions?
Display the contents of the file
check5on your screen.
Now take away read permission using the command:
chmod -r check5
Try to display the contents of the file as you did above. Does it work?
Now give read permission back but take away write permission:
chmod 444 check5
Verify the success of the above command.
Take away execute (search) permission from the
chmod -x misc
Do short and long listings of the misc directory using the
Try to display the contents of the fruit file with the command:
Try to change directories to
Give yourself back execute permission but take away read permission:
chmod +x,-r misc
Change your current directory to the
Try displaying the contents of the
Display the contents of the
Change back to your home directory and set the misc directory to full permissions:
chmod 777 misc
Set the permissions of your
poemsdirectory and its subdirectories so that you have full permissions as owner, but group and others have no write permission. Group and others should still have read and execute permission.
Set all ordinary files under the
poemsdirectory to be read only for user, group, and others. We want everyone to read our poetry, but no one should modify it, including ourselves.
See if you can do this using a minimum number of commands. (hint: use filename expansion characters).
Change the permissions of your
bindirectory so that you have full permission, group has read and execute, and all others have no permissions.
Set the executable files under bin to have the following permissions:
disallowing others outside the group from executing our commands.
Change the group id of the following directories:
class/teststo be users:
chgrp users class/labs class/tests
classdirectory set the permissions to
labssubdirectory, set permissions to
testssubdirectory, take away all permissions from group and others, leaving full permission for owner.
Make all ordinary files under
read-write for owner
no permissions for group and
no permissions for others.
editsdirectory, give yourself full permission, but no permission for group or others.
For the ordinary files under
edits, take away read permission from group, leaving everything else as it is.
Add read permission for everyone to all the files in the
umaskcommand and note the number displayed.
Create an empty file called
oldand an empty directory called
touch old; mkdir olddir
umaskcommand giving it the argument:
Create an empty file called
newand an empty directory called
touch new; mkdir newdir
Look at the permissions of these four files you’ve created.
Notice how they have changed. Can you figure out what
Try setting the umask to
777and making a
To finish, set your umask back to
002with the command:
There’s a program to help you check your work called
check6. Run it and it tells you what steps you did correctly and which ones need fixing.
Enter key to continue. If you see something that needs fixing, exit the program with
Ctrl-C. After you fix the problem restart the checker. When you finish you’ll see a screen like the following:
============================================================== Submit this tar file on Canvas! ============================================================== I have created a tar file of your home directory in: /tmp/files-simben90-3o340p.tar
A different file will be created for you every run. Submit the file on Canvas.