Proper use of '/opt' folder on linux - linux

Linux System: Ubuntu 14.04 LTS
I copy some app (like xxx) to the /opt folder to be used also by another user-accounts. Then to start it I use:
sudo /opt/xxx_folder/xxx
(of course, links to /usr/local/bin or /usr/bin, etc.) to start it;
Problem: I'm storing the results/projects of the app to my local folder ( like /home/myuser/xxx_data). And of course the folder and it's data xxx_data belongs to root (not myuser). So I have to change the owner every time I want to edit those files using another app not as a root.
Question: is there a way to install an app xxx to /opt so, that I don't need to start them as a root?
OR maybe you see another way to solve this 'root-user-problem?'

You can add execute permission to any file like this.
sudo chmod +x file.sh
If you want to do that for all files in that folder try this:
sudo chmod +x /opt/*
Note the +x just adds execute permission to your logged in user. I think all users have read (+r) by default so if you also want to add write permission:
sudo chmod +xw /opt/*
Personally I keep all my custom scripts in a bin folder e.g. /opt/bin/ and just do:
sudo chmod +x /opt/bin/*
To run the script without the full path add the bin or full opt folder to your path by adding the following to ~/bashrc file:
PATH=$PATH:/opt/bin
If you don't end up using the bin folder, edit above to be /opt instead of /opt/bin.

Related

How to give permissions for specific commands in linux

I am new to linux. I have a build.sh file which consists of a lot of mkdir commands and some rm commands. But as I have installed this new in my VB, each time I run the .sh file, it says "Permission Denied for creating directory" and fails.
So is there any way that I grant directory privileges to all users.
Can anyone help me with this
Add "sudo" in the beginning of the directory creation command i.e
sudo mkdir dir_name
The issue might be with the directory in which the mkdir command is being run.
Use the command ll or ls -l to check the directory permissions.
If your directory doesn't have write privilege for the current user, you can run
chmod -R u+w /path/to/directory
This might require you to use sudo if permission is denied.
If you want to enable it for all users, run
chmod -R ugo+w /path/to/directory
Alternatively, a quick fix would be to run the build.sh file as root
sudo /path/to/build.sh
However, this approach is not advised unless you always run it as root

cp: target '/root/var/www/html/' is not a directory

I am using Ubuntu windows 10 bash and I'd like to move a project from /mnt/i/Projects/Template to run it on Apache server which located in /var/www/html.
I tried to copy a folder from a direct to new directly but unfortunately I got an error which is:
cp -r /mnt/i/Projects/Template ~/var/www/html/
cp: target '/root/var/www/html/' is not a directory
I would like to test those templates with Apache and I tried to change Apache directly.
Another test I did:
root#DESKTOP-4PBGG1N:/var/www# ls -ld ~/var ~/var/www ~/var/www/html
ls: cannot access '/root/var': No such file or directory
ls: cannot access '/root/var/www': No such file or directory
ls: cannot access '/root/var/www/html': No such file or directory
First of all the directory for the apache server is not in root it's just "/var/www/html". If it still doesn't work you probably doesn't have apache installed, you can do that by running these two lines "lsb_release -a" and "sudo apt-get install apache2". There will come an error when trying to launch the apache server (with "sudo service apache2 start"), but just ignore it you can still use it without any problems. Hope it helps ;)
try creating directory if the only problem is '/root/var/www/html/' not being a directory
# mkdir -pv ~/var/www/html/
# cp -r /mnt/i/Projects/Template ~/var/www/html/
before that just make sure that apache is installed and configured
have a nice day
For instance you have a file in Documents called index.php and to be copied in the /root/var/www/html/ directory you have to do it this way:
First don't forget to use sudo to be super user and then
- sudo cp -Rv index.php /var/www/html or
- sudo cp -Rv index.php /root/var/www/html
And you will get this output: 'index.php' -> '/var/www/html/index.php'
-R for copy folders &
-v for see what folders and files are copied

Able to override the root permission of a readonly file with a non-sudo user

I was performing some experiments in Docker and found a strange behaviour.
I was able to override the ownership of a file created with the root
user inside the Docker with another user without root permissions.
Below are the steps to reproduce it:
$> docker run -dit ubuntu:16.04 bash
$> docker exec -it cont_id bash
$> apt update && apt install -y vim
$> useradd cp -m
$> vim /home/cp/hello.txt
# Write some text and save it
$> su cp
$> cd ~/ && ls -latr;
# Will list hello.txt with user and group as root
$> vim hello.txt
# Write some text and try saving it normally which will fail.
# Try saving it with `:wq!`
Voila, it is saved and the user and group to which the file belongs also change to the new user.
I have done a terminal recording for this and the same is posted here.
This is not related to docker, but just normal behavior in vim. As the file is under user directory /home/cp, hence cp user will have all permissions. What wq! command does is to delete the the old one and put new content into /home/cp/hello.txt.
You can quickly test it by creating one more file in the folder that cp has no full permission.
You were able to do it because you have all permission to directory /cp.
For doing it there are only two options:
If you're the owner of the file. Then vim changes permission to write(w)and rewrite the file. and after saving it, restores the old permissions of the file.
If you are not the owner of the file, but if you have write permissions in the current directory, Vim will delete the original file and write the document to a new file with the same name. The new file will then be assigned the same permissions as the original file, but will be owned by you.
These are only two conditions in which read-only file can be overridden.

Linux Sudo users disable change directory to /

We are using sudo users with limited commands to execute and assigned default home directory /home/sudouser but if that particular sudo user is running command cd \ its changing the directory to the main root directory /. This behaviour is totally insecure for us.
We need it such that if the sudo user is entering cd / or cd it changes directory to their home directory /home/sudouser
Please let us know how we can implement this?
Don't ever try to restrict a sudo user to only a directory or a command, a sudo user can by definition do what he wants.
In your case, having a script that assigns the home directory is I think a better idea. To solve the trouble of permissions look for the suid bit in permissions: http://www.linuxnix.com/suid-set-suid-linuxunix/
For example: create a sh file that has the following permissions: "-rwsr--r--" that is owned by root and as a group that can be accessed by the user whom you want to use the script.
Then in the file you create a simple script to execute the command to change default directory with let's say two parameters (username and directory)

Copy files from one user home directory to another user home directory in Linux

I have the logins and passwords for two linux users (not root), for example user1 and user2.
How to copy files
from /home/user1/folder1 to /home/user2/folder2, using one single shell script (one single script launching, without manually switching of users).
I think I must use a sudo command but didn't found how exactly.
Just this:
cp -r /home/user1/folder1/ /home/user2/folder2
If you add -p (so cp -pr) it will preserve the attributes of the files (mode, ownership, timestamps).
-r is required to copy hidden files as well. See How to copy with cp to include hidden files and hidden directories and their contents? for further reference.
sudo cp -a /home/user1/folder1 /home/user2/folder2
sudo chown -R user2:user2 /home/user2/folder2
cp -a archive
chown -R act recursively
Copies the files and then gives permissions to user2 to be able to access them.
Copies all files including dot files, all sub-directories and does not require directory /home/user2/folder2 to exist prior to the command.
(shopt -s dotglob; cp -a /home/user1/folder1/* /home/user2/folder2/)
Will copy all files (including those starting with a dot) using the standard cp. The /folder2/ should exist, otherwise the results can be nasty.
Often using a packing tool like tar can be of help as well:
cd /home/user1/folder1
tar cf - . | (cd /home/user2/folder2; tar xf -)
I think you need to use this command
sudo -u username /path1/file1 /path2/file2
This command allows you to copy the contents as a particular user from any file path.
PS: The parent directory should be list-able at least in order to copy files from it.
Just to add to fedorqui 'SO stop harming' answer.
I had this same challenge when I tried to change the default admin user for a server from stage_user to prod_user on an Ubuntu 20.04 machine:
First, I created a prod_user using the command below:
sudo adduser prod_user
And then I added the newly created prod_user to the sudo group:
sudo adduser prod_user sudo
Next, I copied all the directories that I needed from the home directory of the stage_user to the prod_user:
sudo cp -r /home/stage_user/folder1/ /home/prod_user/
Next, I changed the ownership of the copied folders from stage_user to prod_user to avoid permission issues:
sudo chown prod_user:prod_user /home/prod_user/folder1
That's all.
I hope this helps
The question has to to do with permissions across users.
I believe by default home permission does allow all people to do listing and changing working directory into another's home:
eg. drwxr-xr-x
Hence in the previous answers people did not realise what you might have encountered.
With more restricted settings like what I had on my web host, nonowner users cannot do anything
eg. drwx------
Even if you use su/sudo and become the other user, you can still only be ONE USER at one time, so when you copy the file back, the same problem of no enough permission still apply.
So. . . use scp instead, treat the whole thing like a network environment let me put it that way and that's it. By the way this question had already been answered once over here (https://superuser.com/questions/353565/how-do-i-copy-a-file-folder-from-another-users-home-directory-in-linux), only cared to reply because this ranked 1st result from my search.

Resources