Linux Commands

s

a accept access aclocal aconnect acpi acpi_available acpid addr2line addresses agetty alsactl amidi amixer anacron aplay aplaymidi apm apmd apropos apt ar arch arecord arecordmidi arp as at atd atq atrm audiosend aumix autoconf autoheader automake autoreconf autoscan autoupdate b badblocks banner basename bash batch bc biff bison bzcmp bzdiff bzgrep bzip2 bzless bzmore c c++ c++filt cal cardctl cardmgr cat cc cdda2wav cdparanoia cdrdao cdrecord cfdisk chage chattr chfn chgrp chkconfig chmod chown chpasswd chroot chrt chsh chvt cksum clear cmp col colcrt colrm column comm compress cp cpio cpp crond crontab csplit ctags cupsd cut cvs d date dd deallocvt debugfs depmod devdump df diff diff3 dig dir dircolors dirname disable dlpsh dmesg dnsdomainname dnssec-keygen dnssec-makekeyset dnssec-signkey

dnssec-signzone doexec domainname dosfsck du dump dumpe2fs dumpkeys e e2fsck e2image e2label echo edquota egrep eject elvtune emacs enable env envsubst esd esd-config esdcat esdctl esddsp esdmon esdplay esdrec esdsample etags ex expand expr f factor false fc-cache fc-list fdformat fdisk fetchmail fgconsole fgrep file find finger fingerd flex fmt fold formail free fsck ftp ftpd fuser g g++ gawk gcc gdb getent getkeycodes gpasswd gpg gpgsplit gpgv gpm gprof grep groff groffer groupadd groupdel groupmod groups grpck grpconv gs gunzip gzexe gzip h halt hdparm head hexdump host hostid hostname htdigest hwclock i iconv id ifconfig imapd inetd info init insmod install ipcrm ipcs iptables iptables-restore iptables-save isodump isoinfo isosize isovfy ispell j join

k kbd_mode kbdrate kernelversion kill killall killall5 klogd kudzu l last lastb lastlog ld ldconfig ldd less lesskey lftp lftpget link ln loadkeys locale locate lockfile logger login logname logrotate look losetup lpadmin lpinfo lpmove lpq lpr lprm lpstat ls lsattr lspci lsmod lsusb m m4 mail mailq mailstats mailto make makedbm makemap man manpath mattrib mbadblocks mcat mcd mcopy md5sum mdel, mdeltree mdir mdu merge mesg metamail metasend mformat mimencode minfo mkdir mkdosfs mke2fs mkfifo mkfs mkfs.ext3 mkisofs mklost+found mkmanifest mknod mkraid mkswap mktemp mlabel mmd mmount mmove modinfo modprobe more mount mountd mpartition mpg123 mpg321 mrd mren mshowfat mt mtools mtoolstest mtype mv mzip n named namei nameif netstat newaliases newgrp newusers nfsd nfsstat nice nm nohup nslookup nsupdate o objcopy objdump od openvt

p passwd paste patch pathchk perl pidof ping pinky pmap portmap poweroff pppd pr praliases printenv printf ps ptx pwck pwconv pwd python q quota quotacheck quotaon quotaoff quotastats r raidstart ramsize ranlib rarpd rcp rdate rdev rdist rdistd readcd readelf readlink reboot reject rename renice repquota reset resize2fs restore rev rexec rexecd richtext rlogin rlogind rm rmail rmdir rmmod rndc rootflags route routed rpcgen rpcinfo rpm rsh rshd rsync runlevel rup ruptime rusers rusersd rwall rwho rwhod s sane-find-scanner scanadf scanimage scp screen script sdiff sed sendmail sensors seq setfdprm setkeycodes setleds setmetamode setquota setsid setterm sftp sh sha1sum showkey showmount shred shutdown size skill slabtop slattach sleep slocate snice sort split ssh ssh-add ssh-agent ssh-keygen ssh-keyscan sshd stat statd strace strfile

strings strip stty su sudo sum swapoff swapon sync sysctl sysklogd syslogd t tac tail tailf talk talkd tar taskset tcpd tcpdump tcpslice tee telinit telnet telnetd test tftp tftpd time tload tmpwatch top touch tr tracepath traceroute troff true tset tsort tty tune2fs tunelp u ul umount uname uncompress unexpand unicode_start unicode_stop uniq uptime useradd userdel usermod users usleep uudecode uuencode uuidgen v vdir vi vidmode vim vmstat volname w w wall warnquota watch wc wget whatis whereis which who whoami whois write x xargs xinetd y yacc yes ypbind ypcat ypinit ypmatch yppasswd yppasswdd yppoll yppush ypserv ypset yptest ypwhich ypxfr z zcat zcmp zdiff zdump zforce zgrep zic zless zmore znew

-----------------------------------------------------------------------------------------------------------------
Topics will be covered in this Blog are : Linux System Administrator - Memory Performance Tuning - File System - User Group - Linux / Unix Commands Processes - Virtual Swap Memory - Mail Server - Remote Access - Linux Permissions - Boot procedure system Logging - Network (xinetd) Configuration (ifconfig) - DNS - DHCP - Web Server - Kernel - Shell Script - Tuning Optimization High Availability Heart-BeatClustering-Backup and Recovery - Network Time Protocol - NIS - NFS - RPM Partition - /proc - Scheduling (crontab) - mount unmount - secured shell (ssh) - Remote Access - Virtual Network Computing (VNC) Default Ports - Services
-----------------------------------------------------------------------------------------------------------------

Linux Access Control List (ACL)

Linux - How to setup Access Control List (ACL)

Basic Linux permissions are having following limitations:

1. We cannot set more than one entity as the user or group owner of a file.
2. We cannot set permission on a per file or directory basis.

ACL is one of the system to overcome these limitations.

Important Note:

Have a look into /etc/fstab to make sure acl is enabled for the device is mounted. Content of /etc/fstab looks like below if acl is enabled:



#cat /etc/fstab

/dev/hda1 / reiserfs acl,user_xattr 1 1
/dev/hda2 swap swap defaults 0 0
proc /proc proc defaults 0 0
.
.
.

If acl is not added for the device in /etc/fstab, you have to add this option and remount.

setfacl - Setting File Access Control List

Once acl is set for a device, using setfacl command, we can create Access Control List. To make user alexander as trustee for a file somefile do the following:

setfacl -m u:alexander:rwx somefile

In addition to that, to add the group sales as trustee group for the file somefile.

setfacl -m g:sales:rw somefile

This command does not make any difference in file permissions, but add a '+' sign behind the permissions list

getfacl - Setting File Access Control List

getfacl somefile displays the acl to somefile

For more information on these commands man setfacl and man getfac

-----------------------------------------------------------------------------------------------------------------
Topics will be covered in this Blog are : Linux System Administrator - Memory Performance Tuning - File System - User Group - Linux / Unix Commands Processes - Virtual Swap Memory - Mail Server - Remote Access - Linux Permissions - Boot procedure system Logging - Network (xinetd) Configuration (ifconfig) - DNS - DHCP - Web Server - Kernel - Shell Script - Tuning Optimization High Availability Heart-BeatClustering-Backup and Recovery - Network Time Protocol - NIS - NFS - RPM Partition - /proc - Scheduling (crontab) - mount unmount - secured shell (ssh) - Remote Access - Virtual Network Computing (VNC) Default Ports - Services

Edit this page (you have permission)

Edit this page (if you have permission) Report spam

Google Docs -- Web word processing, presentations and spreadsheets.

Setting Permissions

Linux works with three entities that can be set as the owner of the file or directory. Those are owner, group owner and others.

ls -l command provide the detailed information of files in a directory. The first column of the output shows 10 permission bits something like -rwxr-xr-x

For example:

# ls -l
-rwxr-xr-x 1 alexander users 1024 2008-05-06 11:20 somefile

(# in above example, is command prompt)

The first bit says the type of the file. Mostly it is - which means it is a regular file. If it is d means, it is a directory and etc.

The next three bits says the permissions (r-read, w-write, x-execute) for owner of the file.

The next three bits says the permissions for the group and last three bits says the permission for others.

The owner of the file or Administrator can change the permission of a file using chmod command.

chmod entity + or - permission(s)

For example, to remove executable permission for others for file somefile

chmod o-x somefile

to add write permission for group for file somefile

chmod g+w somefile

Permissions are

r - read
w - write
x - execute
s - set user or group id
t - sticky bit

If set user or group id is given for a file, the execute (x) permission of respective entity (user or group) will be replaced with s

For example, if set user id is given fo somefile, it looks like below output

-rwsr-xr-x 1 alexander users 1024 2008-05-06 11:20 somefile

If sticky bit is set to a file, t will be added at last bit of permissions

For example, if sticky bit is set to somefile, it looks like below output

-rwsr-xr-t 1 alexander users 1024 2008-05-06 11:20 somefile

Set User ID, Group ID and Sticky Bit

SUID: Set User ID means, when this permission is applied to the executable file, the user who execute the file will have the permissions of the owner of the file while executing.

SGID: Set Group ID


Sticky Bit: When sticky bit is applied to a file, user can remove only if (1) the user is owner of the file (2) the file is in a directory of which the user is the owner OR (3) the user has the write permissions on the file.

Change Group Ownership

To check the list of groups a user belongs to ....

groups user

To change the group owner for temporary ...

newgrp groupName

Example:

To see the list of groups the user alexander belongs to ...

groups alexander

To change the primary group of alexander to sales, as user alexander, type below command.

newgrp sales

Changing File Ownership

chown {user|.group} file

It is a command to change the owner of the file or directory.

For example

(1) to change the owner of file example to alexander

chown alexander example


(2) to change the group owner of file example to development

chown .development example

(3) to change the owner of file example to alexander and group owner to development in one command

chown alexander.developent example

(4) to change the owner of directory example and all its sub-directories to owner alexander.

chown -R alexander example

Note: The option -R means Recursively

Deleting User

userdel

This is the command to delete user in your local system.

delete an user

userdel sikkandar

User sikkandar will be deleted from your local machine without home directory.

Delete an user with home directory

userdel -r sikkandar

Delete an user with home directory including files owned by other users

userdel -rf sikkandar