File Operation & Sudo Operations

Add the Linux groups to your server:

[ tmp]# groupadd parents
[ tmp]# groupadd children
[ tmp]# groupadd soho

Add the Linux users and assign them to their respective groups tmp]# useradd -g parents ram
[ tmp]# useradd -g parents jagmohan
[ tmp]# useradd -g children ramesh
[ tmp]# useradd -g children hema
[ tmp]# useradd -g soho accounts
[ tmp]# useradd -g soho sales

User root changing the password for user ram

[ root]# passwd ram
Changing password for user ram.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[ root]#

Delete Users

userdel ram

There is also an optional -r switch that additionally removes all the contents of the user’s home directory.

# userdel -r ram

How to Tell the Groups to Which a User Belongs

[ root]# groups ram
ram : parents
[ root]#

How to Change the Ownership of a File

[ tmp]# ll test.txt
-rw-r–r–  1 root root 0 Nov 17 22:14 test.txt
[ tmp]# chown testuser:users test.txt

[ tmp]# ll test.txt
-rw-r–r–  1 testuser users 0 Nov 17 22:14 test.txt

[ tmp]#

SUDO Operation

Temporarily Gaining root Privileges

[ bob]$ more /etc/sudoers
/etc/sudoers: Permission denied

[ bob]$

Bob tries again using sudo and his regular user password and is successful:

[ bob]$ sudo more /etc/sudoers

[ bob]$

Becoming root for a Complete Login Session

The su command allows a regular user to become the system’s root user if they know the root password. A user with sudo rights to use the su command can become root, but they only need to know their own password, not that of root as seen here.$ sudo su –

The /etc/sudoers file contains all the configuration and permission parameters needed for sudo to work.

Granting All Access to Specific Users

You can grant users bob and bunny full access to all privileged commands, with this sudoers entry.

bob, bunny  ALL=(ALL) ALL

This is generally not a good idea because this allows bob and bunny to use the su command to grant themselves permanent root privileges thereby bypassing the command logging features of sudo. The example on using aliases in the sudoers file shows how to eliminate this prob

Granting Access To Specific Users To Specific Files

This entry allows user peter and all the members of the group operator to gain access to all the program files in the /sbin and /usr/sbin directories, plus the privilege of running the command /usr/local/apps/ Notice how the trailing slash (/) is required to specify a directory location:

peter, %operator ALL= /sbin/, /usr/sbin, /usr/local/apps/

Granting Access to Specific Files as Another User

The sudo -u entry allows allows you to execute a command as if you were another user, but first you have to be granted this privilege in the sudoers file.

This feature can be convenient for programmers who sometimes need to kill processes related to projects they are working on. For example, programmer peter is on the team developing a financial package that runs a program called monthend as user accounts. From time to time the application fails, requiring “peter” to stop it with the /bin/kill, /usr/bin/kill or /usr/bin/pkill commands but only as user “accounts”. The sudoers entry would look like this:

peter ALL=(accounts) /bin/kill, /usr/bin/kill, /usr/bin/pkill
User peter is allowed to stop the monthend process with this command:

[ peter]# sudo -u accounts pkill monthend

Granting Access Without Needing Passwords

This example allows all users in the group operator to execute all the commands in the /sbin directory without the need for entering a password. This has the added advantage of being more convenient to the user:

%operator ALL= NOPASSWD: /sbin/

To create a Tar file
tar -czf archive.tar.gz *.txt

To list files in a compressed Tar file
tar -tzf archive.tar.gz.

Leave a Comment

Your email address will not be published. Required fields are marked *