Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
so i made a script in the /usr/local/bin directory. I can run it under root, however when i change users and try to run the script it says permission denied, actually if i even try to run the command ls it says "ls: cannot open directory .: Permission denied"
if i run getfacl /usr/local/bin/script1 it shows this:
# file: usr/local/bin/script1
# owner: root
# group: root
i tried with user gnobile had these issues so i created user test and had same issues. Thanks for the help guys.
here is what I'm trying to do I would believe Lab 2 would be more important because it's what I'm having issues with.
In this lab you'll explore the role of permissions and the SUID bit. To do so, you'll create a simple script in the /usr/local/bin directory. Call it script1.
1. In a text editor, open file script1 in the /usr/local/bin directory.
2. Enter the following lines in that file:
/bin/ls > filelist
3. Save the file.
4. Try to execute that script as the root administrative user. What happens?
5. Set up execute permissions for the user owner of the script1 file with the chmod u+x /usr/local/bin/script1 command. Can you now execute the script as the root administrative user?
6. Now set up execute permissions for other users in the script1 file. Log in as a regular user. Can you now execute the script as a regular user?
7. As it's a big security risk to set SUID permissions on a shell script, don't do that on the script1 file. Instead, remove SUID permissions on the /usr/bin/passwd executable file with the chmod u-s /usr/bin/passwd command.
8. Try to run the passwd command as a regular user. What happens? Did your password change? Try again. What worked when prompted for the current password?
9. Return to the root user account, and restore SUID permissions on the /usr/bin/passwd file.
10. Try to run the passwd command again as a regular user. Change your password. What happens this time?
In this lab, you'll use the script created in Lab 1. You'll set up regular permissions on that script, and then configure ACLs for that script to be executed by a regular user. It also assumes that the filesystem with the /usr/local/bin directory is the top-level root directory, and is not already mounted with ACLs.
1. Change the permissions on the script1 file created in Lab 1 with the chmod 644 /usr/local/bin/script1 command.
2. Log in as a regular user. Try to execute that script. What happens?
3. Remount the top-level root directory (/) with ACLs with the following command:
# mount -o remount,acl /
As long as the /etc/fstab file is configured in the top-level root directory (/), this command should work. To verify, run the mount command by itself; it should show output similar to:
/dev/vda2 on / type ext4 (rw,acl)
4. Now you'll be able to set ACLs on the noted script. Configure read and execute ACLs for one regular user on the script1 file. Verify with the getfacl command.
5. Repeat Step 2, logging in as the regular user given ACL privileges to the script1 script. What happens?
6. If you want to restore the original configuration, delete the script1 file from the /usr/local/bin directory. If your original configuration did not include ACLs on the top level root directory, you can restore that situation with the following command: