The Official CompTIA Linux+ Student Guide Exam XK0-004 Lesson 3
Which is not an operator use by chmod in symbolic mode?
*
How do you remove the SUID and SGID
- (minus) operator in symbolic mode Setting the first permission bit to 0 in absolute mode.
What does the second, third, and fourth character represent in the following example? d rwx r-x r-x DirA
Denote owner permissions. Read Write and Execute
Command: chmod -v
Display a diagnostic entry for every file processed.
A group of system administrators were discussing file permissions and decided that setting a particular root-owned text file to read-only for everyone is a best practice. What do the permissions for this file look like?
Either 664 or rw-rw-r-- is correct.
setfacl -s
Set the ACL of an object, replacing any existing ACL.
chattr -v {version}
Set the version number of a file.
What is the order that umask values are calculated.
System-wide umask: set in /etc/bashrc and /etc/profile Default umask: set per-user in ~/.bashrc umask set manually with umask command
Context Group (g) is what?
The file or directory's group and all users belonging to that group.
As an administrator, you've created a shared directory and made the necessary permissions changes to allow a group of users access to that directory. You've also added users to the group. When a user (susan) who is a member of the group creates a file in the shared directory, what user and group permissions will the new file have?
The file's user and group ownership will both be susan.
Context Owner (u) is what?
The owner of the file or directory, also simply referred to as the user.
Command chmod 640 file1
User = rw Group = r Others = -
Command chmod 700 file1
User = rwx Group = - Others = -
Command chmod 764 file1
User = rwx Group = rw Other = r
The ____ command is used to change the attributes of a file or directory.
chattr
The syntax of the chattr command is
chattr [-R] [-v {version}] [+-{attributes}] {file/directory names}
The Linux command used to change group ownership of a file/directory is the __________ command.
chgrp
What command is equivalent to issuing chown :mygrp file1?
chgrp mygrp file1 Both commands change the file's group to mygrp without changing the owner.
The syntax of the chgrp command is
chgrp {group name} {file/directory name}
The Linux command used to change permission on a file/directory is the __________ command.
chmod
The syntax for setting the sticky bit is
chmod +t {directory names} chmod 1### {directory names} clear sticky bit use the - or 0
A user changed the permissions of a script (myscript.sh) in a shared directory. The user is curious why everyone can execute the script if the user owns the script and everyone else only has read access. To make the script executable, what command did the user mistakenly issue?
chmod +x myscript.sh The permissions changed to rwxrwxr-x or 775, which gives everyone execute permission. To limit execute permission to the user and group only, the command should have been: chmod ug+x myscript.sh
Your team lead is tired of receiving help desk tickets to restore deleted files from a directory that contains hundreds of files and subdirectories. She decides to have you fix the problem by making all of the files read-only. How do you change all the files to read-only without having to traverse each directory?
chmod -R 644 * This command changes all files in the current directory to 644 recursively.
The syntax of the chmod command is
chmod [options] {mode} {file/directory name}
Syntax for setting the SGID on a directory
chmod g+s {directory names} chmod 2### {directory names}
Command to add read and write permissions to myfile for the owner and the group:
chmod u+rw, g+rw myfile
Syntax for setting the SUID on a file
chmod u+s {file names} chmod 4### {file names}
A user cannot execute a script (collect.sh) she created and has sent you the contents of the script via email to inspect. After looking at the script, you determine the script is correctly written but permissions are the problem. What command can you issue to adjust the file's permissions as necessary?
chmod u+x collect.sh
In symbolic mode, the syntax of the chmod command is:
chmod {access context} {operators} {permission attributes} {file/directory names}
In absolute mode, the syntax of the chmod command is
chmod {numbers} {file/directory name}
The ____ command is used to change the owner, the group, or both for a file or directory.
chown
The Marketing manager contacts you stating that the shared directory you set up for the Marketing group works, but not exactly like they'd planned. When one of the group members creates a file in the directory, the file takes on the user's user and group permissions. For example, when Linda creates a new file, the permissions are -rw-rw-r-- linda linda. The manager wants the files to all retain the mkt group permission, if possible, rather than having the users change the group themselves. What actions can you take to fulfill this request?
sudo chmod -R g+s /opt/marketing By setting the SGID on the directory, every file created by anyone in the mkt group will have the mkt group ownership.
When viewing file attributes, the lowecase ___ character indicates that the immutable flag is set.
i
What does the first character represent in the following example? d rwx r-x r-x DirA
indicates the type of file; d for directory hyphen (-) for file
Multiple users have complained about file access in a shared directory, but you've checked your daily backup reports and there are no corrupt files. Which command can you issue in the directory in question to investigate the problem further?
ls -l This command displays the permissions of all files in the directory to help you sort out the problem. It's likely that the directory's group permissions are incorrectly set.
The ____ command is used to list the attributes of a file or directory.
lsattr
The syntax of the lsattr command is
lsattr [options] {file/directory names}
Command: ls -al
you can see the sticky bit in the execute position for other users (last position) as the letter t, or the capitalized letter T if the execute permission is not set for others.
By default, ____ of a file or directory is the user who created that file or directory.
owner
ownership
refers to the property by which a user can apply and modify the permissions of a file or directory.
Which is not a type of user or entity that is given permission attributes?
root
Who can set or remove the immutable flag?
root user
In Linux, two main special permissions are:
set user ID (SUID) set group ID (SGID)
The _____ command is used to change the permissions associated with the ACL of a file or directory.
setfacl
Command modifying the ACL on a directory where the user http is given read access:
setfacl -m u:http:r-- /home/directory
The syntax of the setfacl command is
setfacl [-bR] [-mx {acl_spec}] {file/directory names}
Ruth has searched for a solution to her problem: A few of her training documents keep getting changed or removed by system administrators removing files that haven't been accessed in excess of 180 days. She has found that a file can be made immutable, but she cannot make her own files immutable and needs your assistance. How can you make the files /home/ruth/training1_doc.txt and /home/ruth/training2_doc.txt immutable?
sudo chattr +i /home/ruth/training*_doc.txt
chmod absolute mode 600 is what in symbolic mode?
u=rw g= o=
chmod absolute mode 644 is what in symbolic mode?
u=rw g=r o=r
chmod absolute mode 700 is what in symbolic mode?
u=rwx g= o=
chmod absolute mode 755 is what in symbolic mode?
u=rwx g=rx o=rx
What are the three permission attributes associated with a file or directory?
Read (r) Write (w) Execute (x)
chown -R
Recursively change ownership through a directory structure.
chattr -R
Recursively change the attributes of directories and their contents.
lsattr -R
Recursively list the attributes of directories and their contents.
setfacl -R
Recursivley set ACL options for directories and their contents.
setfacl -b
Remove all ACL entries (not includng the standard permissions).
setfacl -x
Remove entries from an existing ACL.
chattr -i
Remove the read-only, or immutable, attribute of the file. Requires superuser privileges.
Command: chmod -c
Report changes that are made in permissions.
Is the permission that allows a user to have similar permissions as the group owner of the file.
SGID or setgid
Is the permission that allows a user to have similar permissions as the owner of the file.
SUID or setuid
The ____ command alters the default permissions on newly created files and directories.
umask
If I wanted to change the default directory permission from 755 to 733 how would I do that?
umask 022
The syntax of the umask command is
umask {number}
"In order to modify a file, you need the _____ attribute set."
write
In order to modify files in a directory, you need the _____ attribute set.
write
Gina wants to share some marketing files with two other members of her team but doesn't want them to access those files in her home directory. She also wants the directory and its files to only be available to the Marketing group. What steps can you take as an administrator to accomplish this request?
1) You need to create a new group (mkt): sudo groupadd mkt 2) Add users to the group: sudo usermod -aG mkt gina linda mark 3) Create the shared directory: sudo mkdir /opt/marketing 4) Change group ownership to mkt: sudo chgrp mkt /opt/marketing 5) Change permissions so that the Marketing group has full control of the directory and its contents and remove everyone else: sudo chmod 770 /opt/marketing
What octal number represents the permissions in absolute mode?
4 = Read 2 = Write 1 = Execute
Context Other (o) is what?
All other users (neither owner nor group member).
Permissions
Are access rights assigned to users, which enable them to access or modify certain files and directories.
chmod operator =
Assigns permissions exactly as provided, rather than being additive or subtractive.
What must a user do in a shared directory to ensure that each group member has full read and write access to files they create?
Change the group ownership to the group: chgrp accounting salaries.txt The user doesn't have to be root or use sudo to change group ownership because the file creator is the file's user and group owner, and therefore may change its permissions at will.
chown : {group name} {file/directory name}
Changes the group but not the owner. This is the same as using the chgrp command.
chown {user name} : {group name} {file/directory name}
Changes the owner and the group.
chown {user name} : {file/directory name}
Changes the owner and the group. The group will be changed to the specified user's login group.
chown {user name} {file/directory name}
Changes the owner but not the group.
What does the fifth, sixth, and seventh characters represent in the following example? d rwx r-x r-x DirA
Denote group permissions. Read and Execute
What does the eight, ninth, and tenth characters represent in the following example? d rwx r-x r-x DirA
Denote other permissions. Read and Execute
chmod operator -
Denies permissions
In order to run a software file, you need the _____ attribute set.
Execute
What does the Read (r) attribute do?
Files: The ability to access and view the contents of a file. Directories: The ability to list the contents of a directory.
What does the Execute (x) attribute do?
Files: The ability to run a script, program, or other software file. Directories: The ability to access a directory, execute a file from that directory, or perform a task on that directory (e.g., a search)
What does the Write (w) attribute do?
Files: The ability to save changes to a file. Directories: The ability to create, rename, and delete files in a directory. (Requires the execute attribute to also be set.)
chmod operator +
Grants permissions
Command: chmod -f
Hide most error messages.
access control list (ACL)
Is a list of permissions attached to an object.
sticky bit
Is a special permission bit that provides protection for files in a directory.
immutable flag
Is an attribute of a file or directory that prevents it from being modified, even by the root user.
lsattr -a
List all files in directories.
lsattr -d
List directories like files, instead of listing their contents.
lsattr -v
List the version number of the file.
chattr +i
Mark the file as read-only, or immutable. Requires superuser privileges.
Command: chmod -R
Modify permissions of files and directories recursively.
setfacl -m
Modify the existing ACL of an object.
What are the contexts that you can apply permission attributes to?
Owner (u) Group (g) Other (o)
What defines exactly what a user is allowed to do with a particular file or directory?
Permission Attributes
Symbolic mode of the chmod enables you to set permissions using three components, what are they?
Permission contexts: u/g/o/a (a applies the permissions to all three contexts). Permission operators: +/-/= Permission attributes: r/w/x
d rwx r-x r-x DirA What is this an example of?
Permission string
You created a shared directory for the Marketing planners, Linda and Mark, named /opt/MPlans. Their group, mplan, has exclusive access to this directory. No other user can access the directory or its contents. Linda decides that Gina needs read-only access to a single file, history.txt, inside the /opt/MPlans directory. Is this kind of restrictive access possible? If so, how can you grant it to Gina?
Yes, it is possible through ACLs. First, grant Gina read and execute access to the directory: setfacl -m u:gina:rx /opt/MPlans and then, set read access to the history.txt file inside the MPlans directory: setfacl -m u:gina:r /opt/MPlans/history.txt You can check your work by executing getfacl on the directory and its contents.
A user, John, opened a ticket complaining that he has files in his home directory that he cannot remove, although they are his files and he is the user and group owner. He requests that you remove the files /home/john/billing1.txt, billing2.txt, and summary.txt. However, when you attempt to remove the files, you receive an error that you cannot remove the files as the root user. What is a possible resolution for John?
You can issue the lsattr command to see if immutable flag has been set on those files. If it has, you can resolve the problem by removing the immutable flag and then removing the files: 1) sudo chattr -i /home/john/billing1.txt 2) sudo chattr -i /home/john/billing2.txt 3) sudo chattr -i /home/john/summary.txt 4) sudo rm /home/john/billing1.txt 5) sudo rm /home/john/billing2.txt 6) sudo rm /home/john/summary.txt
Gina, a member of the Marketing group, has decided that she wants her files protected so that only she can delete them, although other Marketing group members need to be able to work on and edit the files. What can she do to fix the problem of others deleting her files?
You can show Gina the following command to set the sticky bit on her files: chmod +t filename.txt This command also works on directories.
A user (Bob Smith -- username: bsmith) calls you to request that you restore a group of files he accidentally deleted from his home directory. You copy the files for him but he later complains that he can no longer edit the files. What do you need to do so that he can edit his files?
You need to change ownership of the files to him. Change user and group ownership recursively so that Bob owns all files and directories. For example: sudo chown -R bsmith:bsmith *
What are the default permissions for files and directories created by the root user?
files = 664 directories = 775
The ____ command is used to retrieve the ACLs of files and directories.
getfacl
Command: ls -l
gives you a long list of the files and directories in your current working directory.
Who can can change the permissions of an object that is owned by someone else.
superuser
What two modes does chmod support?
symbolic mode absolute mode