How to change the permission mode in Linux? - linux

To grant read and write permissions to the owner and to remove execution permission from the group should it be two commands as,
chmod u +rw Test
chmod g -x Test
or could it be can done in a single command?

To change directory permissions in Linux, use the following:
chmod +rwx filename to add permissions.
chmod -rwx directoryname to remove permissions.
chmod +x filename to allow executable permissions.
chmod -wx filename to take out write and executable permissions.
r: Read permissions. The file can be opened, and its content viewed.
w: Write permissions. The file can be edited, modified, and deleted.
x: Execute permissions. If the file is a script or a program, it can be run (executed).
We can change Using numbers as well
chmod 754 filename 7 for owner (read write and execute), 5 for group(read and execute), 4 for other users (only read)

$ chmod u+rw,g-x Test
$ ls -ls Test
0 -rwx-----x 1 dave dave 0 Sep 30 09:28 Test
$ chmod -u-rw,g+x Test
$ ls -ls Test
0 ------x--- 1 dave dave 0 Sep 30 09:28 Test
$ chmod u+rw,g-x Test
$ ls -ls Test
0 -rw------- 1 dave dave 0 Sep 30 09:28 Test

Related

Hpw to set -rw-rw-r-- this permission to a file on a linux server

I have a file on a server which has a permission like
-rw-rw-r--
Now , I want to set this permission by using chmod or some other way
How to set this permission. I tried using
chmod 700 filename
can any one help me with this ?
When amending file permissions on a given file/directory, you have to set permissions for user (u), group (g) and other (o)
This can be done by specifying the permissions in octal format where:
1 is execute
2 is write
4 is read
So in your scenario, you would need to add the numbers together to get the permissions required for each of u, g and o so:
chmod 664 filename
As an alternative, you can get the permissions in the following format:
chmod u+rw,g+rw,o+r filename
So you can add permissions with + and you can also remove permissions with - e.g.
chmod o-r filename
This would remove read permission from "others"
You should try with chmod 664 <filename>, this will make the permission -rw-rw-r--

How to change file permissions on Linux?

When I clear Linux caches, I use this:
echo 3 > /proc/sys/vm/drop_caches
It tells me: Insufficient permissions
Then I inspect the file drop_caches with:
ls -l /proc/sys/vm/drop_caches
and I get this:
-rw-r--r-- 1 root root 0 1月 22 01:21 /proc/sys/vm/drop_caches
So I use:
chmod 777 /proc/sys/vm/drop_caches
to change the file permissions, but insufficient permissions is printed again.
Current user is root, how can I change the permissions of this file?
As root, echo 3 > /proc/sys/vm/drop_caches should work. Run whoami to make sure you are root.
If not, type sudo -i or su to open a root shell where you can run these commands.
You can't.
Permissions on /proc nodes are defined in the kernel, and cannot be changed at runtime.

Handle permissions with groups in linux

I can't understand how exactly this works in Linux.
For example, I want only users in some group have access to execute some file (I hope this is possible without visudo).
I create a system user and system group like:
useradd -K UID_MIN=100 -K UID_MAX=499 -K GID_MIN=100 -K GID_MAX=499 -p \* -s /sbin/nologin -c "testusr daemon,,," -d "/var/testusr" testusr
I add my current user user to the group testusr (may be not cross platform):
adduser user testusr
I create some test shell file and set permissions:
touch test.sh
chmod ug+x test.sh
sudo chown testusr:testusr test.sh
But I still can't start test.sh as user:
./test.sh
-> Error
Now I look for some system groups like cdrom to check how they work. My user is in cdrom group and can use the cd rom on my computer:
$ ls -al /dev/cdrom
lrwxrwxrwx 1 root root 3 апр. 17 12:55 /dev/cdrom -> sr0
$ ls -al /dev/sr0
brw-rw----+ 1 root cdrom 11, 0 апр. 17 12:55 /dev/sr0
Addition:
./test.sh command starts to work as I want after system reboot. Strange...
I'm on Ubuntu Studio 15.10
The group changes are reflected only upon re-login.

Can't write on hard drive owned by user and with permissions to write, read and execute

I am very puzzled by this problem I am having. I am trying to execute a file in Ubuntu 12.04 LTS via command line. I have a script that calls a program to run and write the results in a hard drive. I changed the permissions and ownership of everything to be wxr. Here is the ls -l of my script (called TEST-star):
-rwxrwxrwx 1 root root 950 Nov 15 13:16 TEST-star
Here is the ls -l of the package my script calls:
-rwxrwxrwx 1 root root 1931414 Nov 10 12:37 STAR
Finally the ls -l of the hard drive mounted in /media/CLC"
drwxrwxrwx 1 root root 8192 Nov 15 13:04 CLC
I have been trying to run it since yesterday and always get a message that I don't have permission to write the results:
EXITING because of FATAL ERROR: could not create output file ./_STARtmp//Unmapped.out.mate1.thread14
Solution: check that you have permission to write this file
I thought if I change the permissions to rwx and run my script as root it would not have a problem (using sudo). Right now I run out of options. Any suggestion would be appreciated. Please let me know what other information you would need solve this issue.
Thank you.
Here is the first line of script I am trying to run:
#!/bin/sh
cd /media/CLC/ANOPHELES-STAR-v2.4f1/; mkdir GambFemAnt1 && cd GambFemAnt1; echo $PWD && echo Starting mapping of GambFemAnt1; /home/aedes/Documents/STAR_2.4.0f1/STAR --genomeDir /media/Galaxy/Galaxy_data/Anopheles/STAR/Genome --readFilesIn /media/Galaxy/Galaxy_data/Anopheles/QC/GambFemAnt1/GambFemAnt1.fastq --runThreadN 23 --outFilterMismatchNmax 4 --outFilterMatchNminOverLread 0.75 --seedSearchLmax 30 --seedSearchStartLmax 30 --seedPerReadNmax 100000 --seedPerWindowNmax 100 --alignTranscriptsPerReadNmax 100000 --alignTranscriptsPerWindowNmax 10000 --outSAMstrandField intronMotif --outFilterIntronMotifs RemoveNoncanonical --outSAMtype BAM SortedByCoordinate --outReadsUnmapped Fastx; mv Aligned.sortedByCoord.out.bam GambFemAnt1.bam; mv Unmapped.out.mate1 GambFemAnt1-unmapped.fastq; cp *.fastq /media/CLC/ANOPHELES-STAR-v2.4f1/UNMAPED-reads/; cd /media/CLC/ANOPHELES-STAR-v2.4f1 && echo $PWD && echo GambFemAnt1 mapping finished;
I also posted a question for the authors of the package.
Turns out all the permissions were set correctly. The problem resigns within the package. I found out that it works using --runThreadN 12 instead of --runThreadN 23.

Change Default Group in Script

Is it possible to change a user's default group inside a script for the duration of that script's execution?
I need to generate files in a script that have the proper user and group but my user's primary group is not who should own the resultant output.
$ groups
groupa groupb
$ ./myscript.sh
$ ls -l
-rw-r--r-- 1 me groupa 0 Sep 17 09:42 myscript_output.txt
But I want "groupb".
myscript.sh:
#!/bin/bash
touch "myscript_output.txt"
Try the newgrp command, which changes the primary group of a user into another group of which that user is a member:
#!/bin/bash
newgrp groupb << END
touch "myscript_output.txt"
END
The sg command can do this pretty well.
#!/bin/bash
sg groupb "touch myscript-output.txt"
The group can be set from a script. It only requires the "if"
statement below. The group is checked and if it is incorrect, then
the script is restarted with the sg command Nate mentioned.
A check for looping is employed(just in case the unforeseeable happens.)
To use, just change the group from "wheel" to the desired. Replace the "DEMO" section with the regular code.
Read on, below(after the script.)
#! /bin/sh
#
# If the group(set with NEEDGRP) is already correct, or this code has already
# run, then this section is skipped and the rest of the
# script is run; otherwise sg is called to restart the script with the
# desired group. Assumes the command "id -ng" returns the group.
if ! [ "${SBREADY:=false}" = true -o $(id -ng) = ${NEEDGRP:=wheel} ] ; then
export SBREADY=true
exec sg $NEEDGRP "$0" "$#"
fi
# ---------------------- DEMO: CUT HERE ---------------------------
# This is a demonstration of creating files.
echo HELLO my group is $(id -ng), GID=$(id -g)
# NOTE: files are created with the current group only if the directory
# is not sgid.
# Show current directory and permissions on it
echo
pwd -P
ls -ld .
echo
# Create and list some new files, the remove them.
touch my-$$.{a,b,c}
echo Created my-$$.{a,b,c}...
ls -l my-$$.{a,b,c}
echo
rm -v my-$$.{a,b,c}
Following are printouts of some tests run in order to explain why just changing groups my not be sufficient to ensure files have the right group ownership. Directory permissions also come into play.
This first log is the output from ruining in a regular directory. The script is run as user frayser, and group frayser. Files are created
with the desired group. Compare to the next listing:
frayser#gentoo ~/src/Answers $ (cd /tmp; $OLDPWD/set-group.sh)
HELLO my group is wheel, GID=10
/tmp
drwxrwxrwt 16 root root 976 Sep 24 04:45 .
Created my-19201.a... my-19201.b... my-19201.c...
-rw-r----- 1 frayser wheel 0 Sep 24 04:53 my-19201.a
-rw-r----- 1 frayser wheel 0 Sep 24 04:53 my-19201.b
-rw-r----- 1 frayser wheel 0 Sep 24 04:53 my-19201.c
removed `my-19201.a'
removed `my-19201.b'
removed `my-19201.c'
Now this next run happens in a director that is sgid "conman" because as a policy, Configuration Management is given group ownership of all src directories.
NOTE: The files inherit the group of the directory.
frayser#gentoo ~/src/Answers $ ./set-group.sh
HELLO my group is wheel, GID=10
/usr/lucho/src/frayser/practice
drwxr-s--- 6 frayser conman 768 Sep 24 04:51 .
Created my-19214.a... my-19214.b... my-19214.c...
-rw-r----- 1 frayser conman 0 Sep 24 04:54 my-19214.a
-rw-r----- 1 frayser conman 0 Sep 24 04:54 my-19214.b
-rw-r----- 1 frayser conman 0 Sep 24 04:54 my-19214.c
removed `my-19214.a'
removed `my-19214.b'
removed `my-19214.c'
frayser#gentoo ~/src/Answers $
Because of directory permissions, it may be necessary for a script to
explicitly set permissions and ownership.
Normally that can be accomplished by applying to a program the modifications:
chgrp groupb myprog
chmod g+s myprog
But that works with normal programs - not with the shell scripts (for security reasons). For a shell script there is no other way (at least I'm not aware (*)) other than from inside script itself to call the chgrp:
#!/bin/bash
FNAME="myscript_output.txt"
GRP=groupb
touch $FNAME
chgrp $GRP $FNAME || { echo 2>&1 "Can't change group of $FNAME to $GRP"; exit 1; }
(*) Some people for the purpose write a tiny wrapper C program. But that is kludgy. Search net for "setuid shell scripts" - there would be lots of such example C programs and replace most commonly found there setuid(0) with getgrnam() + setgid().

Resources