Using File Attributes and Permissions

Get Started
15 minutes
  • 4 Learning Objectives

About this Hands-on Lab

Both file attributes and permissions determine user and group access to files throughout the file system. Therefore, being able to use file attributes and permissions effectively is an essential system administrator skill. In this Hands-On lab, you will be using commands to view and set permissions and attributes for files. When the lab is complete, you should know how to use file attributes and permissions to control user and group access to files in the file system.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

View the Current Permissions of /opt/myapp/start.sh

Let’s see where we stand, as far as permissions go. Run ls -l and stat on the /opt/myapp/start.sh file:

cd /opt/myapp
ls -l start.sh
stat start.sh
Change Permissions on /opt/myapp/start.sh to Allow Full Privileges for User and Group Only

Currently, the permissions of the file /opt/myapp/start.sh are rw-r--r--, or mode 644. We need the user and group to have all permissions and the others to have none. Using either command will have the same result:

ls -l start.sh
chmod u=rwx,g+wx,o-r start.sh
ls -l start.sh
stat start.sh
chmod 770 start.sh
stat start.sh
Verify That /opt/myapp/start.sh Is Executable

The permissions of the file /opt/myapp/start.sh should now be -rwxrwx--- or mode 770, and the file should execute. Look at the permissions again to make sure:

stat start.sh

Now let’s try running it:

./start.sh
Make the /opt/myapp/start.sh Immutable Using a File Attribute

The i attribute should appear when we run lsattr on the file:

lsattr start.sh

If it doesn’t, then we’ve got to set it:

sudo chattr +i start.sh

Verify that the file is set immutable:

lsattr start.sh

Note the use of sudo there. We’ve got to run chattr as root.

Additional Resources

Our development team has just updated the system to the latest version approved for the organization. The ownership and access permissions to the custom application directory /opt/myapp have already been updated for the cloud_user owner and devop group. But users are complaining that although they have access to the /opt/myapp directory, they are not able to execute the application.

The lead System Administrator for our IT team has assigned us the task of discovering and correcting the permissions and attributes of /opt/myapp/start.sh on the system, so the custom application located under /opt/myapp has the permission to execute. In order to prevent problems with this program, /opt/myapp/start.sh, we are also asked to set the attribute of the file, so that the file cannot be altered or removed accidentally.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!
Thanks for reaching out!

You’ll hear from us shortly. In the meantime, why not check out what our customers have to say about ACG?