Help for a beginner

kiwa · October 7, 2023, 4:16pm

Hello Unix Linux Community,

I am new to your community and very happy to be among you, and I am a student. I registered on the forum to learn.

I'm stuck on an exercise and I can't find a solution, I don't want a turnkey solution because I like to understand how things work, so if there is a soul who can give me a clue I I would really appreciate it, thank you very much.

Here are the instructions :

An administrator wants to ensure every morning that all files placed under /tmp/TPRT are readable only by their owner and group members, but not modifiable and not executable.
1- What should be the mode of these files and directories?
2-- Give a command to display the list of paths of files which do not have the correct mode.

Distribution : Debian 12

Thanks.

vbe · October 7, 2023, 7:24pm

Welcome on board

As we are here to help you, and not do the work for you, writing "I'm stuck on an exercise and I can't find a solution" is not much of a help for us to understand what you don't...
Normally here, we ask and expect the O/P to show us what he has done so far, and where he is stuck...
As I did teach Unix 25 years ago, I will use another approach, Q1 is dead easy if you understood the question, or I might have not hehehe
you are asked what would look like in terms of permissions, files under /tmp/TPRT that would suit the admin's request.
So I will start by asking you to give me an explanation of UNIX file permissions:
What are they, for who,

-rwxrwxr-x    1 vibe  staff   553 Mar 15  2021 test

What perms does test have, file or directory?

drwxr-xr-x    3 vbe  staff    96 Jun  2  2021 test1

Same question

dr-xrws--x    3 vbe  staff    96 Apr 23  2020 tst1

and again, only what is the difference between this one, and the previous?

For Q2
What commands have you already learned? which are familiar, which you are not?

kiwa · October 7, 2023, 8:54pm

Hello, nice to meet you, many thanks for your approach,
I apologize, I should have expressed myself differently,

My current level is minimum basics, I know there are 3 separate blocks in the permissions, example: rwx-rwx-rwx
corresponds to a total right for groups, users, and “others” (I don't really have any explanation for the third block) maybe the others correspond to the public?

Read = 4
Write = 2
Execution = 1

-rwxrwxr-x 1 vibe staff 553 Mar 15 2021 test
Permission: (4+2+1) * 2 = (77) + (1) = 771

In your example it's interesting because there are only 2 blocks, I deduce that there is read/write/execution rights for the group (id1) and the user vibe?

drwxr-xr-x 3 vbe staff 96 June 2, 2021 test1
Permissions : (4+2+1+4) = 11 + (1+4) + (1) = 1151 / in this example the values exceed 7, I don't know at all how to react to this
This example is also very interesting... because I had never seen the "d" in the permissions, I don't know what it corresponds to..

For example 2: the group (id3) to which the user (vbe) is attached has an rwxr right, the user (vbe) has an xr right

In fact I don't know what the last block "x" corresponds to, I know that the first block is for the group, the other in the middle for the user, but for the third I don't know, if you can m Bringing your explanation would be great.

dr-xrws--x 3 vbe staff 96 Apr 23 2020 tst1
(4)+(1+4+2)+(1) = 471 / I didn't count the "d and the "s""
In this third example the user vbe has more rights than the group (id3), in the previous command the group had more rights than the user, but there is also another letter "s" that I did not have never seen before and whose functionality I don't know.

I started school at the beginning of September but I knew a little about the Unix world, but let's say that today we are really learning the "fundamentals", and I find that very interesting...

The commands I learned today (which I know by heart) are:

# id (find out my user's group details)
#mkdir (create directory)
#rmdir (delete a directory)
# / (go to root)
# cp (copy file)
# ls -l (show files in detail (users, groups, permissions)
# ls-1 (show online directories)
# head (display the contents of a file)
# chmod /directory (change the permissions of a directory or file)
# chmod 700 -R (change permissions recursively)
# chgrp -R 1000 /secret/ (assign a directory to a group with the group id)
I learned this command which I find brilliant:
# cd /apt/ && ls -l (&& to perform 2 commands on a single line)
#sudo tar -czf /home/archive.tar.gz home (to compress the /home/ directory)
# tar -ztvf archive.tar.gz (to show the content of the archive)
# df (show space disk used)
# top (show processus in execution)
# du /repository/ (show size of files)
# du -b /repository/ (show size on bytes of files)

The commands that are familiar to me are those that I listed above, but the "$PATH" I do not know, the "grep" I understand how it works but I have not yet assimilated them, basically apart from the commands that I mentioned to you I know nothing,

I hope this will give you an idea of where I am, I am just starting out and I am motivated to learn, if you have any advice to give me or explanations I am at your disposal,

looking forward to reading you,

Thanks again,

munkeHoller · October 7, 2023, 10:39pm

suggest you do some basic searching online wrt permissions.

also, take a look a
https://chmod-calculator.com/
https://onlineconversion.com/html_chmod_calculator.htm

(there are others available, I leave that to you to search for)

kiwa · October 7, 2023, 10:50pm

Thank you very much, these sites are very practical, I will use them to familiarize myself with the different permission combinations.

vbe · October 8, 2023, 10:26am

Yes other is for the rest of the planet... or people who can access the host...

You always water by the most important: like in true life: me, my family and friends, the rest...
Therefore first lot is the user, the second the group, the third, the rest...
A unix account is defined by his UID, then his GID ( I am member of...)
Back to your last post: id then gives your user ID, your GID, and all groups you belong to
In what way is GID important?
Well this partly answers your homework:
Wherever you go on the box, you can only where you have rights, and with the inherited right of where you are, e.g. you are in a directory where you can read only, means you cannot create a new file here unless you are the owner of the directory, but since you have it red for yourself you would have to go and change the permission before...
The GID is important for you because it will be given by default to whatever you create, file or directory
you can test:
Type

touch toto
ls -l toto

I will now add something of a survival thing you must memorise:

man is your friend

So look at the man page of touch... ( man touch ...)

the first char you see when you list with ls -l will always be a - for ordinary files because remember in UNIX all is files...
d means that this (file) is a directory

At this point I think you should be able to answer 1-

Let me think a bit about 2- with what you know

About your answers to my questions
1 is almost correct as by now, you know it is user first the group
and you forgot the read for others, so:
775

2: the perm is 755 but here test1 is a directory, and so the x has a different meaning as for file: here it would be silly to say execute, so what does it mean?
You can traverse the directory... is it important? yes. Because without you cannot go, and with the use of r you can allow people to see or not the content
Which is the case of my 3 example

dr-xrws--x 3 vbe staff 96 Apr 23 2020 tst1

Here user can read the directory, the group can do everything, and the rest can only traverse, which means they can go but see nothing... This allows you have directories within this one you could access and work in without knowing the neighbouring directories because you cannot read the content above
For now ignore the s and consider it as x the directory would be 471

Just to be confusing and why I say ignore s, the real value of tst1 is 2571...
Once you are confident enough, you can start to search about sticky bits...

What does 3 mean in my q2-3 ?

vbe · October 8, 2023, 10:29am

Not quite: you execute cd - and if successful only ( which means /apt exists and you have right to go...) then execute what follows

about $PATH:

type

echo $PATH

What do you see?

You will have to use grep to achieve your second homework...
Have you heard of command find? If not, then it is with grep you will have to work

MadeInGermany · October 8, 2023, 1:20pm

Maybe the following makes it clear.
Output from command ls -l

-rwxrwxr-x 1 vibe staff 553 Mar 15 2021 test
|---           user("vibe") perm rwx or 4+2+1=7
|   ---        group("staff") perm rwx or 4+2+1=7
|      ---     others perm r-x or 4+1=5
|
file type

The file is a plain file,
has permissions u=rwx,g=rwx,o=rx or 775,
has a link count 1,
is owned by user "vibe" and group "staff",
has length 553 bytes,
has an mtime (modification time) of Mar 15 2021,
is named "test".

MadeInGermany · October 9, 2023, 9:40am

Strangely
df
has got a header line. While
ls -l
has none (but the silly "total" that nobody needs).
Regarding owner/permissions you can do a more verbose
getfacl *
While it was made to display ACLs, it also displays the normal user/group/others permissions.
Also try out the following command:
stat *