Register for EarthWeb's Million Dollar Sweepstakes!
home account info subscribe login search My ITKnowledge FAQ/help site map contact us


 
Brief Full
 Advanced
      Search
 Search Tips
To access the contents, click the chapter and section titles.

Complete Idiot's Guide to Linux
(Publisher: Macmillan Computer Publishing)
Author(s): Manuel Ricart
ISBN: 078971826x
Publication Date: 12/22/98

Bookmark It

Search this book:
 
Previous Table of Contents Next


Permissions are displayed as a series of ten dashes and/or letters at the beginning of each line.

  The first character position tells you about the file’s type. Regular files such as reme.txt show a dash (-) in this space. Directories such as “stuff” in the previous example show a d. Links display an l, and other special files—such as devices, sockets, and pipes—display c or b, s, and =, respectively.
  The next nine positions represent the nine permission switches. The first three switches apply to the file’s owner, the middle three to members of the file’s group, and the last three to “other” users. Each group of three switches contains a read switch, a write switch, and an execute switch, in that order. When a switch is on (permission granted), a letter appears: r for read, w for write, and x for execute. When a switch is off (permission denied), a dash (-) appears. In the case of readme.txt, above, you can see that the owner has permission to read and write, the group has permission to read and write, and others only have read permission. In the case of the above directory called stuff, all users have read and execute permission (which means that all users can cd into the directory). However, only the owner and group have write permission and will be allowed to create files in the stuff directory.

The Effective User Id

Access to files and processes will depend on your current username and current group affiliations. I say “current” because during a session it is possible for you to assume the id of a different user (that is, if you know that user’s password).

To see a list of your effective user id and group affiliations, you can use the id tool. The id command prints information about your current username, current group, and a list of all the groups that you belong to. This information can also be obtained using the commands whoami and groups. However, the id command provides more information and can be used for other purposes as well.

To see what groups you belong to, in a shell, type id:

     [alberto@digital alberto]$ id
     uid=501(alberto) gid=501(alberto) groups=501(alberto)

As you can see by issuing this command, my username, alberto, has been assigned a user id (UID) of 501 and a group id (GID) of 501. The operating system keeps track of your username and group affiliations by number. This system is more efficient and can keep track of about 65,536 different UIDs!

Running the same command as the superuser (root) yields different information:

     [root@digital alberto]# id
     uid=0(root) gid=0(root) groups=0(root)

As you can see, root has both a UID and GID of 0. The root user on any UNIX system is UID 0 and will always belong to at least one group, whose ID is also 0. It is possible for root also to belong to many more groups.

Substitute User: su

Often while working with and configuring software, it is necessary to become the root user—or any other user, for that matter. Instead of logging out and logging in again as a different user, a better alternative might be to issue the su command. This command effectively substitutes your current UID and GID with those of the user you want to become and grants you all the permissions of the user you su’ed to. Here’s an example:

      [alberto@digital alberto]$ su root
     Password:
     [root@digital alberto]# cd
     [root@digital /root]# exit
     exit
     [alberto@digital alberto]$

In this example, I issued the su command. As an argument I provided the name of the user that I wanted to become. In this case I specified root; note that su used alone assumes “su root” by default.

Notice that su will require the password of the user you are su’ing into. To return to my regular user account, I issued an exit command (you can also hit Ctrl+D). This action terminated the root shell and returned me to my original session. Always remember to return to your user account after you are finished with the task that required the su.

Beware of the Powers of Root!

Root is a special administrative account that grants unrestricted access to the entire system. This power is very valuable when you need to perform system administration-type tasks, but it is not an account that you want to use for any other purpose. The root account can perform certain actions that are irreversible, such as erasing all files on the disk or some other catastrophic type of thing!

Until you know more about Linux and UNIX in general, I would recommend that you don’t use the root account unless it is absolutely necessary. Examples include adding software or configuring some aspect of your system that specifically requires you to log on as root.

Changing Groups: newgrp

Whenever you create a file, your default group is the one assigned to the group ownership of the file. If you are a member of multiple groups, you can change your effective GID by using the newgrp tool. The newgrp tool is analogous to su in that you provide the name of the group you want to use as a default for the session. If you are not a member of the group in question, you are not allowed to change your effective GID.

Special Users

Your Linux system already comes with several accounts created.

Many of these accounts (bin, adm, lp, sync, halt, mail, and so on) exist for the benefit of a program or some other system functionality. These pseudouser accounts, as they are called, are important for the system to be able to perform certain tasks while still upholding the permissions mechanism.

Home Directories

Each username has its own home directory. By default, Linux puts home accounts inside of the /home directory. The one glaring exception are accounts of pseudousers. (You should not try to change the location of those accounts.)

Traditionally, UNIX-like operating systems have not arrived so thoroughly configured out of the box. Rather, system administrators have had to explicitly organize home directories by themselves. Standard Linux systems, however, keep user accounts in /home.


Previous Table of Contents Next


Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home

Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement.