Permissions Utilities (Demo)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey, Cybrarians, welcome back to
00:00
the Linux plus course here at Cybrary,
00:00
I'm your instructor Rob Gills,
00:00
and in this lesson we're going to
00:00
be covering Permissions Utilities.
00:00
Upon completion of today's lesson,
00:00
you're going to be able to understand
00:00
how permissions are modified.
00:00
We're going to talk about how ownership is modified,
00:00
and then we're going to use the commands: change mod,
00:00
change own, and change group.
00:00
First of all, permissions modifications
00:00
are done with the change mode command,
00:00
which I just say chmod [LAUGHTER].
00:00
Now this command accepts
00:00
octal or symbolic notation and
00:00
>> we've talked about octal,
00:00
>> for example, octal notation indicates that
00:00
something that has read permissions
00:00
>> has the number four.
00:00
>> Something that has write permissions
00:00
>> has the number two,
00:00
>> and something has execute permissions
00:00
>> has the number one.
00:00
>> We can see for example,
00:00
if we have a user with read and write
00:00
and then group and other with just read,
00:00
the permissions would be 644.
00:00
But we can also use symbolic notation.
00:00
Symbolic notation talks about user group other UGO and
00:00
RWX to indicate permissions
00:00
as well as A to change permissions for all.
00:00
We could use plus to add these permissions,
00:00
minus to remove permissions on the user group or owner,
00:00
and we could use equal to set permissions,
00:00
and we'll see all this in the demo later.
00:00
For example, to set user owner to
00:00
read and write in group or and other to
00:00
just have read only on file.txt we can say
00:00
change mode or chmod
00:00
644 file.tex or we use a symbolic option.
00:00
We can say change mode, user=rw,
00:00
group and other only get r for read
00:00
on file.txt and that's the same thing,
00:00
>> works either way.
00:00
>> Now if you want to modify
00:00
the ownership on a file or directory object,
00:00
we use the change owner command
00:00
>> or I just call it chown.
00:00
>> The chown command accepts the user and
00:00
group owner separated by a colon or a period.
00:00
Both are valid, so we can see
00:00
chown user colon group or user dot group.
00:00
Both of those work fine.
00:00
You can also specify just the user owner
00:00
>> or group owner.
00:00
>> For example, we could say chown user file.txt
00:00
or chown colon group file.txt.
00:00
If you put a colon in front of the name,
00:00
chown understands that we're changing
00:00
the group if we don't put any colons there at all,
00:00
it just assumes that we're changing the user owner.
00:00
If we want to change the user
00:00
owner and the group owner to be the
00:00
same or the default group that is applied to the user,
00:00
for example, my user account is
00:00
Rob and I'm also have a group account called Rob.
00:00
If I say chownrob colon file.txt,
00:00
now that file is going to have rob,
00:00
rob for the user owner and group ownership permissions.
00:00
The very last command we're going to look at before we
00:00
get into the demo is the change group command,
00:00
and this command is used to change
00:00
just the group that's
00:00
assigned to a file or directory object.
00:00
Chang group takes the name of
00:00
the new group that we want on the object to change.
00:00
For example, if you have a directory, directory one,
00:00
we want to modify it by root
00:00
so that the group ownership is changed,
00:00
we could do that by just using change group.
00:00
For example, is owned by me,
00:00
so Rob's a user,
00:00
Rob's a group owner directory one.
00:00
We can say change group Engine X on directory one.
00:00
Now if we look it again with ls dash l,
00:00
we'll see Rob's the user owner,
00:00
but engine X is the group owner on directory one.
00:00
Let's take a little bit of a closer look at all of
00:00
these commands with some demo time.
00:00
Here we are back in our demo environment,
00:00
and just so that we can do things a little bit faster,
00:00
I'm going to go ahead and become
00:00
root just so that
00:00
we don't run into any issues running these commands.
00:00
The first thing that we'll see if we do an ls dash l
00:00
here is that we have a file called file.txt.
00:00
This is the file that we're going to pick on
00:00
all day-to-day in our demo.
00:00
If we look at this,
00:00
we can see that the permissions it currently
00:00
has on file.txt are read write,
00:00
read write and read.
00:00
The way that we can change this is by setting
00:00
the file permissions with
00:00
change mode or chmod as I call it.
00:00
For example, if we want to change
00:00
everyone to be able to read or write to the file,
00:00
we could do that with chmod
00:00
and we can say 666 because remember,
00:00
read plus write, four plus two is six on file.txt.
00:00
But, just for purposes of illustration,
00:00
let's do this instead of using app limitations.
00:00
Let's use the symbolic notation because again,
00:00
we want to set it to be read write,
00:00
read write, read write for everybody.
00:00
We could just say all equals rw on file.txt.
00:00
Now when we do an ls dash l,
00:00
we'll see that on file.txt,
00:00
everyone has read write,
00:00
read write and read write permissions.
00:00
If we want to mess with this and say that we want
00:00
to have the file executable,
00:00
but have it only be able to be run by
00:00
any user, for example,
00:00
be able to be run as any user as me,
00:00
we can mess with the SUID bit.
00:00
We could say that we want to do change mode four,
00:00
because that's the SUID bit, 766.
00:00
Let's turn this into an executable
00:00
and we'll do that on file.txt.
00:00
Now if we do an ls dash l,
00:00
what we'll see is that this file.txt
00:00
has read write execute for
00:00
users and any user will be able to
00:00
execute it as me because of this s bit that's set there,
00:00
and then everybody else can read and write.
00:00
Now, if we want to change the object ownership,
00:00
let's just make the user owner different.
00:00
Right now, this user-owner setup is Rob.
00:00
Let's go ahead and do it chown,
00:00
and we can change the owner.
00:00
Let's change the owner to route on file.txt.
00:00
Let me do an ls dash l. We'll see that
00:00
the user ownership has changed to root.
00:00
If we want to change that to the group,
00:00
we can do a chown colon group on file.txt,
00:00
and now we do an ls dash l,
00:00
and we'll see that the user and group
00:00
have both been changed to root.
00:00
If we want to set it up so that
00:00
it is back to me as the group owner,
00:00
we can use a change group command,
00:00
chgroup and we'll set the user or set
00:00
the group ownership back to Rob on file.txt.
00:00
Now if we do an ls dash l,
00:00
we can see that that is set back to
00:00
your root Rob and file.txt.
00:00
If we want to set everything back
00:00
>> to just one user owner,
00:00
>> we can do that whith chown Rob file.txt,
00:00
and notice where I put the semicolon here or
00:00
the colon here rather is after me.
00:00
Now when we do an ls dash l,
00:00
we'll see that Rob has the user
00:00
and group ownership permissions on this file.
00:00
We've also set this back so that
00:00
it doesn't have the SUID bit.
00:00
It's just back to 766 on this file.txt.
00:00
One other thing that I should talk about real quickly,
00:00
if we do a touch on,
00:00
we'll do file test and we do an LL,
00:00
we can see that on file.txt we have read write,
00:00
read write and read permissions.
00:00
If I become root and I do SUID bash,
00:00
and I do touch file test two and do an LL,
00:00
we can see that file test two gives read write,
00:00
read, and read permissions,
00:00
and that is because depending upon
00:00
what user type you are,
00:00
your permission is set differently.
00:00
This is because of something called the UMASK.
00:00
We're going to talk about that coming up
00:00
pretty soon in the course.
00:00
With that, we've reached the end of this lesson,
00:00
and in this lesson, we covered
00:00
how permissions are modified.
00:00
We talked about changing ownerships and
00:00
then also how to use the commands change mode,
00:00
change own, and change group.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next