Linux administration

• Anyone using a Linux computer is a user
• The system keeps track of different users, by username
  • Security features allow different users to have different privileges
• Users can belong to groups, allowing security to be managed for collections of people with different requirements
• Use su to switch to a different user: Quicker than logging off and back on again
• su prompts you for the user's password:

$ su - bob
Password:

The - option makes su behave as if you've logged in as that user

• Every Linux system has a user called root
• The root user is all-powerful: Can access any files
• The root user account should only be used for system administration, such as installing software
• When logged in as root, the shell prompt usually ends in #
• Usually best to use su for working as root:

$ whoami
fred
$ su
Password:
# whoami
root

• The chown command changes the ownership of files or directories
• Simple usage:

# chown aaronc logfile.txt

• Makes logfile.txt be owned by the user aaronc
• Specify any number of files or directories
• Only the superuser can change the ownership of a file
  • This is a security feature - quotas, set-uid

• The chgrp command changes the group ownership of files or directories
• Simple usage:

# chgrp staff report.txt

• Makes staff be the group owner of the file logfile.txt
• As for chown, specify any number of files or directories
• The superuser may change the group ownership of any file to any group
• The owner of a file may change its group ownership
  • But only to a group of which the owner is a member

• A common requirement is to change the ownership of a directory and its contents
• Both chown and chgrp accept a -R option:

# chgrp -R staff shared-directory

• Mnemonic: 'recursive'
• Changes the group ownership of shared-directory to staff
  • And its contents
  • And its subdirectories, recursively
• Changing user ownership (superuser only):

# chown -R root /usr/local/share/misc/

• The chown command can change the user-owner and group-owner of a file simultaneously:

# chown aaronc:www-docs public_html/interesting.html

• Changes the user owner to aaronc and the group owner to www-docs
• Can use the -R option as normal
• A dot (.) may be used instead of a colon:

# chown -R aaronc.www-docs /www/intranet/people/aaronc/

• a. Find out who owns the file /bin/ls and who owns your home directory (in /home).
• b. Log on as root, and create an empty file with touch. The user and group owners should be root check with ls.
• c. Change the owner of the file to be users.
• d. Change the group owner to be any non-root user.
• e. Change both of the owners back to being root with a single command.