Linux Commands privileges

I have explained the command types in last blog .  Here we will discuss further the  other  essential elements of the Linux host.

One of the important command was type to get path related information . Another one was export to create/modify any environment variable.

How to create/modify a file from CLI One can use any editor vi, vim (vImproved), nano etc for normal user file but use vipw, vigr, visudo for corresponding root files and sudoedit for any other root specific file.

  • vipw for updating user account info in /etc/passwd
  • passwd command for changing password
  • vipw -s for editing  /etc/shadow for admin purpose. Shadow file keeps encrypted user password

This is required to avoid any corruption or wrong data in these root specific configuration files. vipw -s and vigr -s should be used to update corresponding encrypted passwords in /etc/shadow , /etc/gshadow . /etc/passwd keeps user account information such as username, user ID, group ID etc.

Could you try to find location of the utilities(vipw etc) mentioned above using type command ?  -}

One of the basic requirement is to provide SUDO permission to the existing user so that further customization of the system can be done. Please note that sudo gives you additional privileges use it carefully. 

How to set SUDO permission for a user ? Only root or someone with similar privileges can add a user to sudoers’ list

/etc/sudoers entry :

<user list> <host list> = <operator list> <tag list> <command list>

  • user who is provided sudo privilege
  • host in which user can run sudo
  • which users(Groups)  may act as  sudoer
  • tag specifies option like NOPASSWD
  • which commands user may run when using sudo

The first part is the user,  the second part is a list of hostnames on which this sudo entry will be effective, the third part is which users(Groups) he may act as, sudoer and the last one, is which commands he may run when using sudo

Users and Groups :  You may think of different departments like Finance, HR, Sales based groups. All the files from one department will not be accessible by other. Somewhat similar to whatsapp groups and members.

  •     sudo adduser username   //For creating new User
  •     sudo  groupadd groupname // For creating a new Group
  •      sudo adduser username groupname //For Adding user to group
  •      chown   :groupname filename  // Assigning a file to group
  •      chmod  permission  filename  //Changing file access permission
  • Reboot system so that permission specific changes can take effect

Q: Can you add/modify user or group without adduser command ?

Ans: Yes. You can use  vipw,vigr and passwd commands. You need to create user home directory manually using mkdir and change access permissions.

File Metadata : Data of file data  i.e concept of inode

ls -il

  • First number is inode
  • first charactor : d(directory), l( symbolic or soft link),(file)
  • Permission : First rwx tuple for owner , second for Group, Third for others
  • Number of hard Links
  • size

Soft/Symbolic Link vs Hard Link : Soft link is similar to shortcut in Windows. If you delete the original file, shortcut will not work. However hard link means , creating another filename with the same inode. Any restriction on creating hard link ?

  • hardlink file names will have same inode  and is connected directly to data object
  • softlink files will have different inode and is connected indirectly to data object

mv command create hardlink if both source and destination are in the same filesystem . Otherwise it will copy the contents.

Analyze file names related to mytest2 in both the screenshots given below to understand the hard and soft link ,

linux7

In the following screen mytest2 was created using cp, mytest2link using ln and mytest2symlink using ln -s commands.

Could you check help of ln command ?

linux8

Thanks. I am trying to improve usability of my  site. Did you find this discussion helpful ? If so,  Please subscribe to YouTube channel Embedkari for further detail.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.