Operating Systems and Systems Integration Tutorial: File Permissions — Solutions 1 Background For the background information you need to answer these questions, please refer to Module 5, Basic Filesystems, in the Linux Training workshop notes. 2 Questions 1. A system administrator lists information about files in the current directory: $ ls -l -rw-rw-rw-rw-rw-r--rw-r--r--rw-r-----rw-------r--------------------r-----------r-- 1 1 1 1 1 1 1 1 1 jimmy jenny jasmine jacob julian jacky jill juliet jeremy students staff jasmine students staff students students students students 5185 5191 2785 25920 13465 736 179665 13840 8418 Feb Oct Oct Oct Oct Oct Oct Feb Oct 17 7 15 15 15 15 15 17 12 08:18 17:21 11:58 11:58 11:58 11:58 11:58 08:18 2001 file1.txt file2.txt file3.txt file4.txt file5.txt file6.txt file7.txt file8.txt file9.txt For each file, say which user(s) has(have): (a) read access? (b) write access? (c) no access? Nick Urbanik ver. 1.3 Solutions Tutorial: File Permissions Operating Systems and Systems Integration 2 read file1.txt all file2.txt all file3.txt all file4.txt jacob and members of group students write all jenny, members of group staff jasmine jacob no access none none none users who are not jacob and who are not members of the group students all users except julian all users except jacky all juliet and users who are not members of the group students jeremy and users who are members of the group students file5.txt julian file6.txt jacky file7.txt none file8.txt members of students who are not juliet file9.txt users who are not jeremy and who are not members of the group students julian none none none none 2. For each of the permissions (i.e., the first column only) in question 1, write a umask value that will result in all files created by the user having the default permission shown. It may seem that umask 111 would be suitable for setting permissions as for file1.txt, but it would have the horrible side effect that anyone with this umask will create directories that no one can change into, and will compile programs that are not executable. So a better answer will be umask 0. file permission umask file permission umask file1.txt -rw-rw-rw- 0 file2.txt -rw-rw-r-- 002 file3.txt -rw-r--r-- 022 file4.txt -rw-r----- 027 file5.txt -rw------- 077 file6.txt -r-------- 277 file7.txt ---------- 777 file8.txt ----r----- 727 file9.txt -------r-- 772 3. For each of the permissions in question 1, write a chmod command to change the permission using a: (a) numeric mode, (b) symbolic mode. Nick Urbanik ver. 1.3 Solutions Tutorial: File Permissions Operating Systems and Systems Integration 3 Your answer should work regardless of the permissions that existed previously. file permission numeric chmod 666 chmod 664 chmod 644 chmod 640 chmod 600 chmod 400 chmod 0 chmod 040 chmod 004 symbolic chmod a=rw chmod a=rw,o-w chmod a=r,u+w chmod u=rw,g=r,o= chmod a=,u=rw chmod a=,u+r chmod a= chmod a=,g+r chmod a=,o+r file1.txt -rw-rw-rwfile2.txt -rw-rw-r-file3.txt -rw-r--r-file4.txt -rw-r----file5.txt -rw------file6.txt -r-------file7.txt ---------file8.txt ----r----file9.txt -------r-- 4. A directory has the following permissions: $ ls -ld directory drwxrwxr-x 1 jimmy students 376 Feb 17 08:18 file1.txt The following users are members of the following groups: user jimmy nicku andy jenny primary group jimmy nicku andy jenny secondary groups project year2 csa staff laboratory students year2 csa students year3 csa For each of the four users, (a) Can he/she create a file in the directory? (b) If the user can create a file, i. who is the owner of the file? ii. which group owns the file? iii. If the umask is 002, what are the file permissions on a file created in that directory? iv. Which of the other users above can: A. read the file? B. write to the file? C. delete the file? Nick Urbanik ver. 1.3 Solutions Tutorial: File Permissions Operating Systems and Systems Integration 4 jimmy can create file: owner of file: group: permissions: users can read: users can write: users can delete: yes jimmy jimmy -rw-rx-r-all none andy, jenny nicku no andy yes andy andy -rw-rx-r-all none jimmy, jenny jenny yes jenny jenny -rw-rx-r-all none jimmy, andy 5. Now the sgid (set group id) permission is added to the directory shown in question 4 on the preceding page. (a) Write a command to add this permission, leaving other permissions unchanged. $ chmod g+s directory (b) Write the permissions on the directory as they would be shown as the first field of the output of ls -ld directory $ ls -ld directory drwxrwsr-x 1 jimmy students 376 Feb 17 08:18 file1.txt (c) Answer the questions from question 4 on the page before for each user again, but write “unchanged” where the result is the same, but where the result is different, explain how. jimmy can create file: owner of file: group: permissions: users can read: users can write: users can delete: yes jimmy students -rw-rx-r-all andy, jenny andy, jenny nicku no andy yes andy students -rw-rx-r-all jenny jimmy, jenny jenny yes jenny students -rw-rx-r-all andy jimmy, andy 6. Now the restricted deletion flag (or “sticky bit”) permission is added to the directory shown in question 4 on the preceding page, as well as the sgid permission. (a) Write a command to add this permission, leaving other permissions unchanged. $ chmod o+t directory (b) Write the permissions on the directory as they would be shown as the first field of the output of ls -ld directory $ ls -ld directory drwxrwsr-t 1 jimmy students 376 Feb 17 08:18 file1.txt Nick Urbanik ver. 1.3 Solutions Tutorial: File Permissions Operating Systems and Systems Integration 5 (c) Answer the questions from question 4 on page 3 for each user again, but write “unchanged” where the result is the same, but where the result is different, explain how. jimmy can create file: owner of file: group: permissions: users can read: users can write: users can delete: yes jimmy students -rw-rx-r-all andy, jenny only jimmy nicku no andy yes andy students -rw-rx-r-all jenny andy and jimmy jenny yes jenny students -rw-rx-r-all andy jenny and jimmy Nick Urbanik ver. 1.3