Skip to content

43.Group_Permissions.md

Latest commit

 

History

History
375 lines (297 loc) · 8.28 KB

43.Group_Permissions.md

File metadata and controls

375 lines (297 loc) · 8.28 KB
# Create a new directory named session44
mkdir session44

# Navigate to session44 directory
cd session44

# Add a new group named coursegroup
sudo addgroup coursegroup

# Try to view the contents of a non-existent etc/group file (produces an error)
cat etc/group

# View the contents of the system group file
cat /etc/group

# Add a new user 'cuser1' and assign it to the coursegroup
sudo adduser --ingroup coursegroup cuser1

# View the contents of the system password file
cat /etc/passwd

# Add another user 'cuser2' and assign it to the coursegroup
sudo adduser --ingroup coursegroup cuser2

# Add a new group named empgroup
sudo addgroup empgroup

# Add a user 'empuser1' to the empgroup
sudo adduser --ingroup empgroup empuser1

# Display the username of the current user
whoami

# Switch to the user 'cuser1'
su - cuser1

# Display the username of the current user (now switched to cuser1)
whoami

# Print the current working directory
pwd

# Attempt to navigate to the Desktop directory (produces an error since it doesn't exist for cuser1)
cd Desktop

# Create a new file named demo.txt
touch demo.txt

# List the contents of the current directory in long format
ls -l

# Append text to demo.txt
cat >> demo.txt

Switching to cuser1 and Changing Permissions

  1. Switch to cuser1:

    su - cuser1

  2. Check the file permissions of demo.txt:

    ls -l demo.txt

    Output (example):

    -rw-r--r-- 1 cuser1 coursegroup 0 Dec  2 15:04 demo.txt

  3. Change the file permission to allow only the owner to read and write (rw-------):

    chmod g+r demo.txt

  4. Verify the changes:

    ls -l demo.txt

    Output:

    -rw------- 1 cuser1 coursegroup 0 Dec  2 15:04 demo.txt

Adding Group Permissions

  1. Grant the group coursegroup write permissions for demo.txt:

    chmod g+w demo.txt

  2. Verify the changes:

    ls -l demo.txt

    Output:

    -rw-rw---- 1 cuser1 coursegroup 0 Dec  2 15:04 demo.txt

  3. Add execute permission to the group:

    chmod g+x demo.txt

  4. Verify the new permissions:

    ls -l demo.txt

    Output:

    -rw-rwx--- 1 cuser1 coursegroup 0 Dec  2 15:04 demo.txt

Switch to Another User (cuser2)

  1. Switch to cuser2:

    su - cuser2

  2. Check access to demo.txt as cuser2:

    ls -l /home/cuser1/demo.txt

  3. Attempt to edit the file:

    nano /home/cuser1/demo.txt

    If cuser2 does not have sufficient permissions, it will display a permission denied error.

Changing Ownership and Group

  1. Switch back to akshay:

    su - akshay

  2. Change the owner of demo.txt to empuser1:

    sudo chown empuser1 /home/cuser1/demo.txt

  3. Verify the ownership:

    ls -l /home/cuser1/demo.txt

    Output:

    -rw-rwx--- 1 empuser1 coursegroup 0 Dec  2 15:04 demo.txt

  4. Change the group of demo.txt to empgroup:

    sudo chgrp empgroup /home/cuser1/demo.txt

  5. Verify the new group:

    ls -l /home/cuser1/demo.txt

    Output:

    -rw-rwx--- 1 empuser1 empgroup 0 Dec  2 15:04 demo.txt

Assigning Special Permissions

  1. Add the sticky bit to a directory (session44):

    chmod +t /home/akshay/Desktop/operations/session44

  2. Set the setgid bit to inherit the group of session44:

    chmod g+s /home/akshay/Desktop/operations/session44

  3. Verify the directory permissions:

    ls -ld /home/akshay/Desktop/operations/session44

    Output:

    drwxrws--T 2 akshay empgroup 4096 Dec  2 15:04 session44

# Switching back to the original user
cuser1@myubuntu:~$ exit
logout
akshay@myubuntu:~/Desktop/operations/session44$

# Verifying ownership of the file
akshay@myubuntu:~/Desktop/operations/session44$ ls -l /home/cuser1/demo.txt
-rw-r--r-- 1 cuser1 coursegroup 0 Dec  2 15:04 demo.txt

# Changing ownership of the file to another user and group
akshay@myubuntu:~/Desktop/operations/session44$ sudo chown empuser1:empgroup /home/cuser1/demo.txt

# Verifying ownership change
akshay@myubuntu:~/Desktop/operations/session44$ ls -l /home/cuser1/demo.txt
-rw-r--r-- 1 empuser1 empgroup 0 Dec  2 15:04 demo.txt

# Switching to empuser1
akshay@myubuntu:~/Desktop/operations/session44$ su - empuser1
Password: 
empuser1@myubuntu:~$ whoami
empuser1

# Modifying the file as empuser1
empuser1@myubuntu:~$ echo "Added by empuser1!" >> /home/cuser1/demo.txt

# Verifying the changes
empuser1@myubuntu:~$ cat /home/cuser1/demo.txt
This line added by owner!
Added by empuser1!

# Changing permissions of the file
empuser1@myubuntu:~$ chmod 640 /home/cuser1/demo.txt

# Verifying updated permissions
empuser1@myubuntu:~$ ls -l /home/cuser1/demo.txt
-rw-r----- 1 empuser1 empgroup 42 Dec  2 15:04 /home/cuser1/demo.txt

# Attempting to modify the file as another user (cuser2) - Should fail
empuser1@myubuntu:~$ exit
logout
akshay@myubuntu:~/Desktop/operations/session44$ su - cuser2
Password: 
cuser2@myubuntu:~$ echo "Attempting to add by cuser2!" >> /home/cuser1/demo.txt
-bash: /home/cuser1/demo.txt: Permission denied

# Adding write permissions for the group
cuser2@myubuntu:~$ exit
logout
akshay@myubuntu:~/Desktop/operations/session44$ sudo chmod g+w /home/cuser1/demo.txt

# Verifying permissions
akshay@myubuntu:~/Desktop/operations/session44$ ls -l /home/cuser1/demo.txt
-rw-rw-r-- 1 empuser1 empgroup 42 Dec  2 15:04 /home/cuser1/demo.txt

# Modifying the file again as cuser2
akshay@myubuntu:~/Desktop/operations/session44$ su - cuser2
Password: 
cuser2@myubuntu:~$ echo "Added by cuser2!" >> /home/cuser1/demo.txt

# Verifying changes made by cuser2
cuser2@myubuntu:~$ cat /home/cuser1/demo.txt
This line added by owner!
Added by empuser1!
Added by cuser2!

# Removing group write permissions
cuser2@myubuntu:~$ exit
logout
akshay@myubuntu:~/Desktop/operations/session44$ sudo chmod g-w /home/cuser1/demo.txt

# Making the file executable for the owner
akshay@myubuntu:~/Desktop/operations/session44$ sudo chmod u+x /home/cuser1/demo.txt

# Verifying final permissions
akshay@myubuntu:~/Desktop/operations/session44$ ls -l /home/cuser1/demo.txt
-rwxr--r-- 1 empuser1 empgroup 42 Dec  2 15:04 /home/cuser1/demo.txt

Commands to Remove All Users and a Group in Linux

1. Remove Users

To delete all users associated with the group:

sudo userdel -r <username>

Repeat this for each user in the group.

Example:

sudo userdel -r cuser1
sudo userdel -r cuser2

2. Delete the Group

Once all users are removed, delete the group:

sudo groupdel <groupname>

Example:

sudo groupdel coursegroup

3. Verify Deletion

Check if the group and users no longer exist:

grep <groupname> /etc/group
id <username>

Example:

grep coursegroup /etc/group
id cuser1

Commands to Manage Users and Groups in Linux

1. Remove a User from a Group

To remove a user (<username>) from a specific group (<groupname>):

sudo gpasswd -d <username> <groupname>

Example:

To remove the user cuser1 from the group users:

sudo gpasswd -d cuser1 users

2. Delete a Group

To completely delete a group (<groupname>):

sudo groupdel <groupname>

Example:

To delete the group coursegroup:

sudo groupdel coursegroup

3. Verify Changes

  • To check group membership after modifications: 
    grep <groupname> /etc/group
  • To ensure the group no longer exists after deletion: 
    grep <groupname> /etc/group

4. Reassign Primary Group (if necessary)

If a user is using the group as their primary group, reassign them to another group before deletion:

sudo usermod -g <newgroup> <username>

Example:

To change the primary group of cuser1 to staff:

sudo usermod -g staff cuser1

5. Check File Ownership (Optional)

If files are associated with the group being deleted, find them with:

sudo find / -group <groupname>

Reassign ownership if necessary:

sudo chown -R <newowner>:<newgroup> /path/to/files