Finding Files, and Assigning Permissions and Ownership

15 minutes
  • 5 Learning Objectives

About this Hands-on Lab

Knowing how to work with files in Linux is an integral part of being a sysadmin. We need to be able to find them, give and revoke permissions on them, and assign or reassign ownership. This hands-on lab is going to give us some practice doing all of those things.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Find Custom Application Files under /opt/myapp and Display a Detailed Listing of Them

We’re going to need elevated privileges for this lab, so once we’re logged in let’s just become root right off with sudo -i.

Use the find command to provide a detailed listing of the /opt/ directory:

find /opt

Our myapp directory is sitting in there, now let’s see what happening in there as far as files go, like who owns them:

find /opt/myapp -ls

The root user owns everything. That’s not good. We’ve got to change that.

Change the /opt/myapp Directory to be Owned by the cloud_user and the Group devop

Use the chown command to change user ownership to the cloud_user and the group devop for the /opt/myapp directory and its contents:

find /opt/myapp -exec sudo chown cloud_user:devop {} ;

To test, run find /opt/myapp -ls again, and see if our chown command actually changed ownership on these files.

It worked. Now we’ve got some permissions problems though.

Set Permissions for /opt/myapp Files

Use the chmod command to set rw-rw----, or 660, permissions on all /opt/myapp files, except for the directory itself and the /opt/myapp/ script:

find /opt/myapp -name "d*" -ok chmod 660 {} ;

Just type y for each yes/no prompt.

Next, change permissions on anything that does not start with d (the directory itself and the script):

find /opt/myapp '!' -name "d*" -ok chmod 770 {} ;

Again, type y for each yes/no prompt.

Find a Directory under /home Which Is Not Owned by a User or Group

Use the find command to find any directories in /home files which lack a user and group owner:

find /home -nouser -nogroup -ls
Execute the chown Command with the find Command

Find files and directories that were owned by devuser:

find /home -ls

Check for anything that doesn’t have user or group ownership:

find /home -nouser -a -nogroup -ls

Run chown with find to modify files that have no current user or group ownership:

sudo find /home -nouser -nogroup -exec sudo chown cloud_user:cloud_user {} ;

Check that we got them all:

find /home -nouser -a -nogroup -ls

See if cloud_user owns them now:

find /home/devuser -ls

Additional Resources

After a recent system upgrade, members of the devop group are reporting problems when trying to access the /opt/myapp directory, which contains their custom application. The developer, devuser, that was managing a custom application stored there has left the company.

We need to give any members of the devop group write access to /opt/myapp, so that they can work on the application. We also need to give the user cloud_user ownership of the directory. devop members and cloud_user need to be able to execute the application, as well. Finally, we need to make sure that anyone who is not cloud_user or in the devop group has absolutely no access to /opt/myapp whatsoever.

Note: Please provide the lab an extra minute or two before starting to make sure the lab resources have finished provisioning.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?