‫المملكـــــــة العربيــــة السعوديـــــة‬

KINGDOM OF SAUDI ARABIA

‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

Week 6 – Lab 1
Part 1: User and Group Accounts
In these tasks, you will learn about user accounts and the files and commands that display user
account information. Now open the terminal application and complete the following tasks

1. User and system accounts are defined in the /etc/passwd and /etc/shadow files. View the
first ten lines from the /etc/passwd file:

head /etc/passwd

Your output should be similar to the following:

Notice that this file contains a colon delimited database of all user and system accounts available on
this system.

User accounts are assigned to users, to allow them access to the operating system. The sysadmin
account that you used to log in to the system is a typical user account.

The root account is a special user account that has virtually unlimited access and control over the
system. It is sometimes referred to as the "superuser" account.

System accounts are used by the operating system or services running processes on it. By not
having these services run as the root user, the system is kept more secure by limiting the damage
that a comprised service account could cause. System accounts are never used directly by regular
users.

Designed by Aiman Alobadi 1 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

2. Use the grep command to view the record for users accounts:

grep 114 /etc/passwd

Write the users accounts on your system

By using the grep command, the output only includes the account information for that one
username.

Another way to retrieve the account information for a user is by running the following
command: getent passwd username. The getent command has the advantage over the grep
command as it is also able to access user accounts that are not defined locally. In other words,
the getent command is able to get user information for users who may be defined on network
directory servers such as LDAP, NIS, Windows Domain, or Active Directory Domain servers.

3. You can view the documentation of the fields in the /etc/passwd file with the following
command:

man 5 passwd

The colon delimited /etc/passwd file has the following fields:

account:password:UID:GID:GECOS:directory:shell

A breakdown of these fields:

a. The account field is the username.

b. This field was originally used to store the password, however, it is now typical for the
password to be stored in the etc/shadow file. The "x" is serving as a placceholder."
c. The UID is user's identification number.
d. The GID is the user's primary group identification number.
e. GECOS is the field that is typically used to store the full name of the user.
f. The directory is the home directory of the user, where they are placed upon first logging
into the system.
g. The shell field defines the shell such as /bin/bash for a normal user, or /sbin/nologin
for an account used by the system or a service.

Designed by Aiman Alobadi 2 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

4. You can view account information for your account, or a specified user account, using the id
command:

id
id root

Write the results of the previous commands

The output of the commands shows your user identity as a number and name:
uid=1001(sysadmin). It also displays your primary group identity, gid=1001(sysadmin), and
all the groups that you belong to, groups=1001(sysadmin), 4(adm) and 27(sudo). In this case,
your user account only belongs to three groups.

The file /etc/group, together with /etc/passwd, determines your group memberships. Your
default primary group is determined by matching your GID found in /etc/passwd to the GID
defined for a group in the /etc/group. Any secondary group memberships are defined in the
/etc/group file.

The format of entries in the /etc/group file for each line is:

group_name:password:GID:user_list

5. Two commands with simple output for understanding your identity are whoami and groups. The
groups command can also be used get the list of groups for another user. Use the whoami and
groups command for your account and the groups command for the root user:

whoami
groups
groups root

Write the results of the previous commands

Designed by Aiman Alobadi 3 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

Part 2: Who is on the System

In these tasks, you will execute some commands to see who is logged into the system. Now open
the terminal application and complete the following tasks

1. Use the who command to get the current list of users on the system:

who

Your output should be similar to the following:

The output of the who command has four columns:

Username: the first column shows the name of the user (sysadmin in the example above).

Terminal: the second column shows an identifier for a terminal type (tty in the example above).
Each terminal has a separate name that is used by the superuser to control processes.

Date/Time: the third column is the date and time that the login was initiated (Dec 16 16:42 in
the first line of output in the example above).

Host: although there is no output for the fourth column in this case, it can be the name or IP
address of a local or remote host. The following forms indicate local logins: (:#) or (:#.#).
Otherwise, a remote host may be shown by name (if resolvable) or by IP address.

Now, write the your output:

2. Use the w command to get a more detailed view of the users who are currently on your system:

Designed by Aiman Alobadi 4 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

Your output from the w command displays:

A summary of how long the system has been running, how many users are logged in and the
system load averages for the past 1, 5, and 15 minutes.

An entry for each user with their login name, tty name, host, login time, idle time, JCPU(CPU
time used by background jobs), PCPU (CPU time used by the current process) and what is
executing on the current command line.

Part 3: The root user

In these tasks, you will learn how to access the root user account in a couple of different ways.

The account of the root user is special in Linux as it has a practically unlimited amount of control
and access to the system. It's actually not the name of the user, but the UID with a value of zero that
grants this authority.

In general, it is not considered a good practice to login to the system as the root user. This is
especially true of the graphical environment.

To access the root user account, the su or sudo commands are normally used.

The su command usually is used to switch users to start a new shell as another user; the default
being the root user. The su command is normally used when a series of commands need to be
executed as the root user.

The sudo command is typically used to execute a single command as the root user by prefixing that
command with sudo. The sudo command must be configured by the root user before an ordinary
user can use it.

1. To set up the sudo command for regular users, use the visudo command. This requires root
access as the visudo command will fail when regular users execute the command. Attempt to
configure access to the sudo command:

Designed by Aiman Alobadi 5 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

visudo

The output shows that the visudo command failed because it attempts to modify the
/etc/sudoers file, a file that regular users can't modify due to permissions. This file controls
access to the sudo command and should never be modified directly, but rather with the visudo
command.

2. Switch users to the root user and provide the root password of Pa$$W0rd when prompted:

su –
Pa$$W0rd

The dash or hyphen after the su command is an abbreviation for the option -l, which makes the
login performed by su a complete login by executing the login scripts belonging to the root
user.

Without the -, or -l, the su command will switch your user identity, but it will not execute the
login scripts of the new user. This can cause some problems, especially when switching to the
root account. In most cases when you switch users you want a complete login to be performed
so that environment variables, functions and aliases that are normally initialized for a user will
be initialized.

3. Now that you are logged in as the root user, you should be able to execute the command to
configure sudo access:

visudo

Designed by Aiman Alobadi 6 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

4. To enable basic access to the use of the sudo command, an entry must be added to the
/etc/sudoers file that you are now editing. Since you are in the vi editor by default, type the
following to find this entry:

What to Type Meaning

G Go to the end of the file
o Open a new line below cursor
114………………. ALL=(ALL) ALL The entry permitting sysadmin sudo access
ESC The Escape key returns to command mode
:wq Save changes and exit

If you type the data into the file correctly, you should be placed back at a shell
prompt.

However, if upon exiting the edit, you are presented with a prompt that says "What
now?", then press Enter to see your choices. It is recommended that you type "x" to
exit without saving changes to the sudoers file and repeat this step over.

5. Return to your user account to verify that sudo provides root access by typing the following:

exit

Try to view the first few lines of /etc/shadow file, a file that contains the users' encrypted
passwords and information about aging them:

head -3 /etc/shadow

Notice the error message the head command displays. This is because your user account has no
rights to view this file. The root user, however, can display this file.

Designed by Aiman Alobadi 7 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

6. Notice that the permissions on the /etc/shadow file indicate that only members of the shadow
group have permission to view the file:

ls -l /etc/shadow

Keep in mind that the root user can view any file. This is due to the root account having special
privileges that transcend regular file permissions.

7. Use the sudo command to view the first few lines of /etc/shadow file:

sudo head -3 /etc/shadow

(provide the password of your user account)

Important Note:
The password that you provided was for your user account, not the root account. Once
sudo has been configured for your account, you don't need to know the root password
to run sudo commands as the root user.

Part 4: Creating Users and Groups

Group accounts can be helpful to be able to assign permissions on files shared by a group of users.

User accounts in Linux distributions based upon Red Hat, like the CentOS distribution, start with
the first User ID (UID) at 500, the next UID given at 501, and so on. The current trend followed by
many other distributions is to have the first UID be 1000, the second to be 1001, and so on.

If managing accounts for multiple systems, then it is desirable to have a network-based

authentication server, where accounts can be created once, but used on many machines. Otherwise,
managing multiple accounts on multiple machines can be challenging as it can be difficult to ensure
that the user, and all the groups they belong to all have the same UIDs and GIDs on all machines.

Another issue with multiple machine accounts that can be difficult is trying to keep the passwords
to each account synchronized across all machines.

Designed by Aiman Alobadi 8 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

Managing accounts for local users is still useful for individual machines, even if they have access to
a network-based authentication server. In this lab, you will manage local group and user accounts.

In these tasks, you will create group and user accounts. Now open the terminal application and
complete the following tasks:

1. In order to administer the user and group accounts, you will want to switch users to the root
account with the following command:

su -

(Provide the root password "Pa$$W0rd" when prompted)

2. Use the groupadd command to create a group called "research":

groupadd -r research

The research group that was just added was added in the reserved range (between 1-999)
because the -r option was used. Group Identifiers (GIDs) are automatically assigned with a
value of less than the lowest normal user UID with this option. The groupadd command
modifies the /etc/group file where group account information is stored.

The groupmod command could be used with a -n option to change the name of this group or the
-g option in order to change the GID for this group. The groupdel command can be used to
delete this group, as long as it has not been made the primary group for a user.

3. Use a tail command to retrieve information about the new group:

tail /etc/group | grep research

Now that the research group has been created, existing or new users can be made a member of this
group. The usermod option -G must have a comma separated list of all secondary groups the user is
to belong.

When usermod is used with the -a and -G options, then only the new group will need to be
specified and it will be added to the existing secondary group memberships.

Designed by Aiman Alobadi 9 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

4. Use the usermod command to add the research group as a secondary group for the your user
account:

usermod -aG research 114………

Users who are actively logged into the system will not be able to use any new group
memberships until the next time they log into the system.

5. There are several commands that could be used to verify the new group membership. Use the
groups, id and getent commands to verify the users' membership:

groups 114………
id 114…………

Your output should be similar to the following:

Write the results of the previous commands

The useradd command will create a new user account and, in Red Hat-based distributions, a new
group for that user. This new group will be named after the user and that will be their primary
group.

Red Hat-based distributions use what is known as "User Private Groups", or UPG, each user is a
primary member of their own private group.

Designed by Aiman Alobadi 10 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

For distributions that do not use UPG, all new users belong to the users group as their primary
group.

6. Create a new user named student who is a secondary member of the research group and a
primary member of their own private group. Use a comment of Linux Student that will appear
as the full name of the user when they do a graphical login. Make sure that their home directory
will be created by specifying the -m option:

useradd -G research -c 'Linux Student' -m student

The user's account information is stored in the /etc/passwd and /etc/shadow files. The user's
group information can be found in /etc/passwd and /etc/group file.

7. Using the tail command, view the research group members again, but also use tail to show
the student group, and the passwd and shadow databases for the student user:

tail /etc/group
tail /etc/passwd

The output should now show that both your user account and student are secondary members of
the research group.

The GID of the student group matches the fourth field of the passwd information. This is what
makes the student a primary member of the student group.

Finally, the ! appearing in the password field (second field) of the shadow file, shows that the
password for the student has not been set.

Now write the results of the commands:

last student

Designed by Aiman Alobadi 11 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

8. Use the passwd command to set the password, netlab123 for the student user and view the
shadow file entry for the student user again:

passwd student

(type the same password twice)

tail /etc/shadow

The output from the /etc/shadow file now shows an encrypted password in the second field:

9. Just because a user has a password doesn't mean that they have ever logged into the system. Use
the last command to see if the student has ever logged in:

last

The output of the last command should show that your user account has logged in before, but
not the student user:

Designed by Aiman Alobadi 12 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

There is also a lastb command, which works similar to the last command except that it
shows "bad" or failed log in attempts.

If you no longer wanted the student user to have access to the system, then the usermod -L
student command could be used to "lock" the account. The account could be unlocked with the
usermod -U student command.

A more permanent solution to preventing access to the student account would be to delete the
account with either the userdel student or userdel -r student commands. Using the -r
option with the userdel command removes the user's home directory and mail, in addition to
deleting the user's account.

10. Delete the student account and remove the user's home directory:

userdel -r student

Executing the command should look like this:

Designed by Aiman Alobadi 13 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

Week 6 – Lab 2
Part 1: File Permissions and Ownerships
In these tasks, you will create files and directories, view and set their permissions and ownerships.
Now open the terminal application and complete the following tasks:

1. Create two directories and two files in the /tmp directory:

cd /tmp
mkdir priv-dir pub-dir
touch priv-dir/priv-file
touch pub-dir/pub-file

2. View the contents of the directories:

ls -l priv-dir
ls -l pub-dir

You output should contain the following:

Notice that for each file displayed, the first character of the line is the hyphen, -. This conveys
that the items are regular files. The first character of the listing indicates the type of file, where
d indicates a directory, - is a regular file, l is a symbolic link, b is a block device file, c is a
character device file, p is a pipe file and s is a socket file.

The next nine characters are in three groups of three characters. The first group of three
characters (rw- in the example above) are the user owner's permissions, the next three characters
(rw- in the example above) are the group owner's permissions and the last three characters (r--
in the example above) represent everyone else's permissions (referred to as "others").

When viewing permissions, r indicates the read permission, w indicates the write permission
and x indicates execute permission. A - character indicates that that permission has not been
granted.

Designed by Aiman Alobadi 14 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

Following the permissions is a link count number, indicating how many files are linked to this
file. Next, you see the user owner, the group owner, the size of the file, the date/time the file
was last modified and the file name.

3. If you want to make a directory more private, then you can use the chmod command to remove
permissions that others have on the directory. Use the chmod command to remove the other's
permissions for read and execute:

chmod o-rx priv-dir/

ls -ld priv-dir/
ls -ld priv-dir/

The output now shows that others have no permission or access to the priv-dir:

You used the chmod command to modify the permissions for others by using an o character
followed by either a + character or a - character to add or subtract permissions. The = character
can be used to set an exact permission.

You can use a u character instead of an o character to modify the permissions of the user owner.
Use a g character if you want to change permissions for the group owner.

To modify everyone's permissions use an a character instead of o, u or g.

Examples:

chmod a+x file #gives everyone execute permission

chmod g-w file #removes write permission for group owners
chmod go+r file #adds read permission for group owner and others
chmod o=rwx #sets others permissions to read, write and execute

Designed by Aiman Alobadi 15 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

4. If you want to make a directory more public, then you can use the chmod command to add write
permission for others:

ls -ld pub-dir/
chmod o+w pub-dir/
ls -ld pub-dir/

Your output now shows that others have write permission on the directory (the ability to add or
delete files inside the directory):

5. Use the chmod command to remove any permission from the group or others on the priv-file:
ls -l priv-dir/priv-file
chmod g-rw,o-r priv-dir/priv-file
ls -l priv-dir/priv-file

Your output should appear similar to the following:

6. Grant all users the same read and write permission of the pub-file:

ls -l pub-dir/pub-file
chmod a=rw pub-dir/pub-file
ls -l pub-dir/pub-file

Your output should appear similar to the following:

Designed by Aiman Alobadi 16 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

7. Create a test.sh file in the /tmp containing the content "date":

echo "date" > test.sh

If a file contains commands, then those commands can be run, or executed, if the file has
execute permission for the user. The process of making a file into an executable file requires
giving the execute permission on the file. Without this permission, the file can't be treated as a
program.

8. Attempt to execute the test.sh file; it should fail. View the permissions on the file to see why:

./test.sh
ls -l test.sh

9. Only the user owner of a file (or the root user) is allowed to change permissions on a file. Give
yourself, the user owner, execute permission and then execute test.sh:

chmod u+x test.sh

ls -l test.sh
./test.sh

The output shows the added execute permission for the user owner and the current date and time
from executing the date command inside of your test.sh script file:

So far, you have seen how to use the chmod command with symbolic notation, where symbols
are used to represent who (u, g, o, and a), how (+, -, or =), and what to change (r, w, and x). The
chmod command can also be used with a numeric value representing the permissions of the user
owner, group owner and others in what is called octal notation.

Designed by Aiman Alobadi 17 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

To use the chmod command with octal notation, you must first understand the octal value of the
permissions:

Read (r) 4
Write (w) 2
Execute (x) 1

From the last listing of the test.sh file, the permissions were shown to be "rwx" for the user
owner, "rw" for the group owner, and "r" for others. To express these permissions in octal
notation, a total is calculated for each ownership.

As a result the user's permission total would be calculated as 4 + 2 + 1, or 7, where 4 is for the
read, 2 is for the write and 1 is for the execute permission.

The group's permission total would be 4 + 2 or 6, where 4 is for the read permission, and 2 is for
the write permission.

The others' ownership permission would simply be 4 for the read permission that they have.

Putting it all together the octal value for the current permissions would be 764.

10. Use the stat command to verify that the octal value for the permissions (access) to the
test.sh:

stat test.sh

If you wanted to change these permissions using octal notation to give the group and others
execute permission, then you would use the following three numbers:
 7 (read, write and execute) for the user owner
 7 (read, write and execute) for the group owner
 5 (read and execute) for others

The new mode, or octal number, for the permissions would then be 775.

Designed by Aiman Alobadi 18 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

11. Using octal notation, modify the permissions of the test.sh file, so everyone would be able to
execute the file:

chmod 775 test.sh

ls -l test.sh

There are two commands that can affect the ownership of files. The chown command can only
be executed by the root user and it can change the user that owns a file or both the user and
group that owns a file.

The chgrp command can be used by either the user who owns a file or by the root user.

The chgrp command only changes the group that owns a file.

When a non-root user uses the chgrp command they can only change the group ownership to a
group of which they are a member. The root user can use chgrp to change the group ownership
of any file to any group.

12. Switch to the root user so you will be able to execute both the chown and chgrp commands to
change group ownerships to any group (provide the root password: Pa$$W0rd):

su -

13. Change to the /tmp directory and list the details of the pub-dir, and then its contents:

cd /tmp
ls -ld pub-dir
ls -l pub-dir/pub-file

Notice the output shows the directory and the file owned by the sysadmin user, and the
sysadmin group:

Designed by Aiman Alobadi 19 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

14. Use the chown command to change the user and group owner of the pub-dir to the root user
and the root group. Then view the details of the directory:

chown root:root pub-dir

ls -ld pub-dir

Your output should show both the user and group owners have changed:

15. Use the chown command to change the user owner of the pub-file to the bin user:

chown bin pub-dir/pub-file

ls -l pub-dir/pub-file

The output now shows that the user owner has been updated to bin:

16. View the details of the priv-dir and its contents:

ls -ld priv-dir
ls -l priv-dir/priv-file

The output should show that priv-dir is owned by the sysadmin user and sysadmin group:

17. Change the group owner of the priv-dir and priv-file to the users group recursively with
the chgrp command and view the updated files:

ls -ld priv-dir
ls -l priv-dir/priv-file
chgrp -R users priv-dir

Designed by Aiman Alobadi 20 / 21

 ‫المملكـــــــة العربيــــة السعوديـــــة‬
KINGDOM OF SAUDI ARABIA
‫المؤسسة العامة للتدريب التقني والمهني‬
Technical and Vocational Training Corporation
College of Telecommunications & Electronics – Jeddah
‫كلية االتصاالت واإللكترونيات بجدة‬
Department of Computer Technology
‫قسم تقنية الحاسب‬

Operating System – 2 Labs

ls -ld priv-dir
ls -l priv-dir/priv-file

Your output reflects that when applying changes recursively to a directory, that the changes
apply to the directory and anything it contains. This would mean that every sub directory under
priv-dir and every file in priv-dir and all of its subdirectories would have this change
applied.

Designed by Aiman Alobadi 21 / 21