Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
slackbook:filesystem_permissions [2012/09/12 21:31 (UTC)]
mfillpot updated code block to syntax highlighting
slackbook:filesystem_permissions [2012/10/15 22:28 (UTC)] (current)
gerardo.zamudio [SUID, SGID, and the Sticky Bit]
Line 12: Line 12:
  
  
-<​code ​bash>+<​code>​
 darkstar:~$ ls -l /bin/ls darkstar:~$ ls -l /bin/ls
 -rwxr-xr-x 1 root root 81820 2007-06-08 21:12 /bin/ls -rwxr-xr-x 1 root root 81820 2007-06-08 21:12 /bin/ls
Line 23: Line 23:
 case, the permissions are rwxr-xr-x, the user is root and the group is case, the permissions are rwxr-xr-x, the user is root and the group is
 also root. The permissions section, while grouped together, is really also root. The permissions section, while grouped together, is really
-three seperate ​pieces. The first set of three letters are the+three separate ​pieces. The first set of three letters are the
 permissions granted to the user that owns the file. The second set of permissions granted to the user that owns the file. The second set of
 three are those granted to the group owner, and the final three are three are those granted to the group owner, and the final three are
Line 36: Line 36:
 |Others |r-x |Everyone else may read and execute| |Others |r-x |Everyone else may read and execute|
  
-he permissions are pretty self explainatory ​of course, at least for+The permissions are pretty self explanatory ​of course, at least for
 files. Read, write, and execute allow you to read a file, write to it, files. Read, write, and execute allow you to read a file, write to it,
 or execute it. But what do these permissions mean for directories?​ or execute it. But what do these permissions mean for directories?​
Line 51: Line 51:
  
  
-<​code ​bash>+<​code>​
 darkstar:~$ ls -ld /home/alan darkstar:~$ ls -ld /home/alan
 drwxr-x--- 60 alan users 3040 2008-06-06 17:14 /home/alan/ drwxr-x--- 60 alan users 3040 2008-06-06 17:14 /home/alan/
Line 76: Line 76:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# ls -l /tmp/foo darkstar:~# ls -l /tmp/foo
 total 0 total 0
Line 93: Line 93:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# chown root:root /tmp/foo/b darkstar:~# chown root:root /tmp/foo/b
 darkstar:​~# ​ ls -l /tmp/foo darkstar:​~# ​ ls -l /tmp/foo
Line 108: Line 108:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# chown -R root:root /​tmp/​foo/​b</​code>​ darkstar:~# chown -R root:root /​tmp/​foo/​b</​code>​
  
Line 116: Line 116:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# chown :wheel /tmp/foo/a darkstar:~# chown :wheel /tmp/foo/a
 darkstar:~# ls -l /tmp/foo darkstar:~# ls -l /tmp/foo
Line 166: Line 166:
 By adding these values together, we can reach any number between 0 and By adding these values together, we can reach any number between 0 and
 7 and specify all possible permission combinations. For example, to 7 and specify all possible permission combinations. For example, to
-grant both read and write privilages ​while denying execute, we would+grant both read and write privileges ​while denying execute, we would
 use the number 6. The number 3 would grant write and execute use the number 6. The number 3 would grant write and execute
 permissions,​ but deny the ability to read the file. We must specify a permissions,​ but deny the ability to read the file. We must specify a
Line 174: Line 174:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# ls -l /tmp/foo/a darkstar:~# ls -l /tmp/foo/a
 -rw-r--r-- 1 root root  0 2008-06-06 22:29 a -rw-r--r-- 1 root root  0 2008-06-06 22:29 a
Line 205: Line 205:
 group, and //"​o"//​ for all others. You must also specify whether you are group, and //"​o"//​ for all others. You must also specify whether you are
 adding or removing permissions with the //"​+"//​ and //"​-"//​ signs. Multiple adding or removing permissions with the //"​+"//​ and //"​-"//​ signs. Multiple
-sets can be changed at once by seperating ​each with a comma.+sets can be changed at once by separating ​each with a comma.
  
  
-<​code ​bash>+<​code>​
 darkstar:/​tmp/​foo#​ ls -l darkstar:/​tmp/​foo#​ ls -l
 total 0 total 0
Line 224: Line 224:
 -rwxr-x--- 1 alan users 0 2008-06-06 23:37 c* -rwxr-x--- 1 alan users 0 2008-06-06 23:37 c*
 -r-xr----- 1 alan users 0 2008-06-06 23:37 d* -r-xr----- 1 alan users 0 2008-06-06 23:37 d*
-</​code ​bash>+</​code>​
  
  
Line 250: Line 250:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# ls -l /​usr/​bin/​passwd \ darkstar:~# ls -l /​usr/​bin/​passwd \
   /etc/passwd \   /etc/passwd \
Line 268: Line 268:
 soon as you look at the two files it modifies. Neither soon as you look at the two files it modifies. Neither
 ''/​etc/​passwd''​ nor ''/​etc/​shadow''​ ''/​etc/​passwd''​ nor ''/​etc/​shadow''​
-are writeable ​by anyone other than root. Since users need to change+are writable ​by anyone other than root. Since users need to change
 their personal information,​ **//​passwd//​** must be their personal information,​ **//​passwd//​** must be
 run as root in order to modify those files. run as root in order to modify those files.
Line 282: Line 282:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# ls -ld /tmp darkstar:~# ls -ld /tmp
 drwxrwxrwt 1 root root   34844 2008-03-24 16:11 /tmp drwxrwxrwt 1 root root   34844 2008-03-24 16:11 /tmp
Line 288: Line 288:
  
  
-Naturally, being a directory for the storage of temporary files sytem +Naturally, being a directory for the storage of temporary files system 
-wide, ''/​tmp''​ needs to be readable, ​writeable, and+wide, ''/​tmp''​ needs to be readable, ​writable, and
 executable by anyone and everyone. Since any user is likely to have a executable by anyone and everyone. Since any user is likely to have a
 file or two stored here at any time, it only makes good sense to file or two stored here at any time, it only makes good sense to
Line 298: Line 298:
  
 **Table 10.5. SUID, SGID, and "​Sticky"​ Permissions** **Table 10.5. SUID, SGID, and "​Sticky"​ Permissions**
-^Permission ​^Type ^Octal Value ^Letter Value|+^Permission Type ^Octal Value ^Letter Value|
 |SUID |4 |s| |SUID |4 |s|
 |SGID |2 |s| |SGID |2 |s|
Line 311: Line 311:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# chmod 1777 /tmp darkstar:~# chmod 1777 /tmp
 darkstar:~# chmod 4711 /​usr/​bin/​passwd darkstar:~# chmod 4711 /​usr/​bin/​passwd
Line 322: Line 322:
  
  
-<​code ​bash>+<​code>​
 darkstar:~# chmod ug+rwx,​o+rwt /tmp darkstar:~# chmod ug+rwx,​o+rwt /tmp
 darkstar:~# chmod u+rws,go+x /​usr/​bin/​passwd darkstar:~# chmod u+rws,go+x /​usr/​bin/​passwd
Line 337: Line 337:
 <!-- Authors are allowed to give credit to themselves! --> <!-- Authors are allowed to give credit to themselves! -->
   * Originally written by Alan Hicks, Chris Lumens, David Cantrell, Logan Johnson   * Originally written by Alan Hicks, Chris Lumens, David Cantrell, Logan Johnson
-<!-- * Contrbutions ​by [[wiki:​user:​yyy | User Y]] -->+<!-- * Contributions ​by [[wiki:​user:​yyy | User Y]] -->
  
 <!-- Please do not modify anything below, except adding new tags.--> <!-- Please do not modify anything below, except adding new tags.-->
 <!-- You must also remove the tag-word "​template"​ below. Otherwise your page will not show up in the Table of Contents --> <!-- You must also remove the tag-word "​template"​ below. Otherwise your page will not show up in the Table of Contents -->
 {{tag>​slackbook filesystem permissions suid sgid sticky_bit chmod chown chgrp}} {{tag>​slackbook filesystem permissions suid sgid sticky_bit chmod chown chgrp}}

In Other Languages
QR Code
QR Code slackbook:filesystem_permissions (generated for current page)