Placeholder Image

Subtitles section Play video

  • please go to the line the computer guy dot com, in order to view schematics, code and Maur for the projects that you are learning about welcome back.

  • So in today's video, we're going to down Maur into permissions in the Lenox World.

  • So I'm a previous video.

  • I showed you how permissions work and the limits world where essentially you have three permissions you have read you have right and you have execute.

  • And you can assign those permissions to the user account that owns the folder, the group account that owns the folder and then everybody else again, it is important to understand that in the Lenox world, permissions are very, very, very simple for good and for ill.

  • The fact of the matter is that they are simple, that is, this is not the Windows world.

  • We're in Windows Active Directory.

  • Holy crap.

  • At this point in time, you can probably get a certification just in permissions alone because there is so much going on with permissions and Windows Active directory in the Lenox world, it's simple.

  • You just only got about six configurations and that's absolutely it.

  • So I show you how the numbering system worked again.

  • What, 777 means or seven?

  • 41 means that type of thing when we're talking about Lennox permissions.

  • And so today I'm going to show you how to actually set those permissions.

  • So the big the big tools that we're gonna be using today something called C h o W n basically came owner.

  • So with this commander able to change the ownership of a file or folder so you can change the user account ownership and you can change the group account ownership for the file folder so that the permissions that correspond to the user account owner and the group account owner can then be aside to the user and to that group account.

  • And then I will also show you the change Mod Command or C H M o D.

  • A command on what this does is this actually allows you to kink the permission for a file folder.

  • So you can you see h m o d you know than 777751157 Whatever had how you want the permissions to be, so I'll show you those two commands today and those will be the two primary commands, and I'm showing you.

  • We'll also show you a couple of other commands that are interesting, such as the group's command.

  • The group's command allows you to see what groups a surfing user account is.

  • A member of said.

  • That could be very useful and also show you the members commands.

  • The members Command actually shows you the members of a specific group.

  • So again, this is one of those problems you get into within the Lenox world, where everything is really simple, just so long as you know, specific information, right?

  • If you know what the members of a group are, you know what the groups are.

  • It's very easy to then assign permissions, but one of the problems again, especially if you're coming into a Lennox system that's been running for a number of years.

  • One of the questions that you have to ask yourself is, Do you know the members of a group?

  • Do you want to give specific people permission to a file or folder on that can run you into a bit of a problem.

  • If you don't know how to get that information, so I'll be showing you the group's command.

  • I'll be showing you the members command and then I'll actually show you something called the Cat Command to look in the group file.

  • Then that will actually show you all the groups in your particular clinic server s O that again.

  • You can make sure what groups are there and who you want to make.

  • The group user.

  • Four files and folders.

  • So with that, let's go over to my Lennox system to show you how all this works.

  • So here we are, my Lennox system.

  • Again, I'm using a bunch of 18.4 point three.

  • Lt s But everything that I'm showing you today should Maur less work on whatever distribution you're using and should be useful for a decade to come, at least.

  • So we're gonna log in with user account Bob and my super secret password.

  • 123456 And this then logs us into the server.

  • I will clear the scream the first thing they'll dio as I do many times it's P W d command.

  • So this will show us the folder that we're currently at Mess.

  • We're in the Bob folder in the home directory and then what?

  • I'm going to do is I'm going to l s so list hyphen.

  • L So this is going to list the files and folders within this directory and give us some more of that security information.

  • So what do l s l give me total of four results, and I could go over here and I can see the different things from a test file, a test folder, a timber file and a tim file too.

  • So those four items, basically I have three files and one folder against you with the permissions are so for the test file read, write for the user account that owns the test file read, write for the group user account that owns test file and then read permission for everybody else.

  • We come over here and we take a look at the user in the group account.

  • So we have the bob user account.

  • And whenever you create a user, they're also given their own group.

  • So basically, you could guess the signed permission to sexually to one user.

  • Eso bob, Bob, have the reed, right?

  • Permission and then everybody else has the reed permission.

  • Take a look at the test folder.

  • We can see the DEA's.

  • That's for directory.

  • So the user account that owns this has read, right?

  • Execute Theglobe account that owns this has read execute, and then everybody else, for some reason, has an execute permission.

  • So he over here again.

  • See, the user account that owns this particular folder is Sue.

  • Uh, the group account that owns this particular folder is another group, so Sue has read, right?

  • Execute permission.

  • Members of the another group group have read Execute permission.

  • We come down here to the temple file, we can see that the owner has read, right?

  • Execute permission.

  • The group owner has read execute permission and the everybody else as they execute permission.

  • So Tim has read, right?

  • Execute permission.

  • Members of the test group have read Execute permission.

  • We go down here, we see temp file, too.

  • And again, Bob is the owner.

  • Test group is the group owner, and we can go over and we can take a look at the permissions.

  • There s so that basically just gives you an idea of the files, folders, permissions and group ownership within this particular directory s.

  • So the first thing that I may be interested in is basically wondering.

  • I wonder what groups I am a part of, right?

  • So I want to do a sign, uh, permissions so that I'm able to access a file or folder.

  • But I may be may not want to be the specific the the user owner of that file folder.

  • One of the questions that ship can be asked is what groups am I a member of?

  • So if I simply use the group's command so the group's command absolutely nothing else and hit Enter.

  • This shows me what groups I am a member.

  • So I am the Bob accounts that Bob is the initial count that's created when you create.

  • You bumped it when you install the U Bahn to server.

  • So I'm in that Bob S O.

  • I'm in all the groups that are part of that.

  • And so I am a member of the Bob Group.

  • I'm a member of the A T M Group.

  • I'm a member of the CD ROM's group, the pseudo group, because I could use Ooh d'oh dip plug, depth, Alexey.

  • So these are the members I am currently or these air the group's I am currently a member of.

  • But let's think about it for a second ago, huh?

  • I wonder what groups Tim is a member of or sue.

  • So if I use groups space and then simply whatever the user name is, let's say, Tim, the sooner I can see that Tim is a member of the Temple Group and he's a member of the test group.

  • If I do groups and then Chloe in Soo, see what she's a member off?

  • I can see that Sue is a member of the Sioux groups.

  • That's just the group that's created when her use your town is creative and also the test group.

  • So this is a way I can sit there and see what groups certain users are members off now.

  • An interesting thing also is there's actually a member's command that you can use now if you're going to use the members a command, at least on a bun to 18.4 Lt s you actually have to add it.

  • So you have to use pseudo at life and get install members.

  • But once you've installed it, you can actually see the members of groups.

  • So if I do members and then I simply do space and then let's say I do test group en er, then I can see the members of the group test group are Tim and Sue.

  • So again, that's another way of sitting there.

  • If I'm sitting here and going, okay, well, who are the members of Test Group?

  • So I know how the permissions are being dealt with my new members test group and plug that in Oregon.

  • New members, another group and dinner?

  • No, I guess there are no members of another group, so I know.

  • Okay, so and that's when the problems you can run into in the real world is imagine you create a group, you forget to put members into that group, and then you create the permission.

  • You make that a group owner.

  • That might be the problem you're running into.

  • You meant to put a user into that group, but you didn't.

  • Now, if we do clear one of things that I can show you is you can also use this thing called The cat Command is basically the cat command allows you to view files in the system, and so we do forward slash e t c E T C four slash group This is the text file that has all of your groups.

  • And then what I'm going to do is I'm gonna pipe this through less so I can I can see this and what scroll by me.

  • And so what this is going to do is this basically is going to allow me to view this final cold group this file called Group in the E.

  • T.

  • C.

  • Folder.

  • This is all of the group's on your computer, so again you can also see what's there.

  • And then I'm piping this through less so that I can scroll through it.

  • Someone hit, enter.

  • And so this is going to show me all of the different groups and then, obviously also the members of the group's a route.

  • Damon Ben insists ADM.

  • Means assist long as a member of the group, Bob is a member of the group.

  • When you go down here a CD, Rahm Bob is a member of the group.

  • And then if I hit, enter Aiken simply step through and see what the different groups are.

  • So I'm trying to look for all the groups in the system again, like here.

  • You can see test group down here and 10 and Sue are members.

  • So that's another way to take a look at the group's at the system.

  • And then what the members of those groups are, then what we do is we get cubes of cute to quit out of this and we're back at the command.

  • Prompt, and I will hit clear.

  • So we go back to a clear screen.

  • Now we're going to do is we're actually going to change the owner of a file on the system.

  • So do l.

  • Last cipher elegant, and let's take a look at the file.

  • So let's say we have this test.

  • Pharmacies have this test file.

  • It is currently owned by Bob.

  • It's owned by the group Bob S.

  • So let's change the ownership.

  • So what we can do is, uh, I just but sue here just to make sure it all goes through properly, says I'm the owner should be fine.

  • But again, when you're doing the maintenance tasks, you just put Sue do, it could make life a lot easier for you.

  • I'm going to do strange.

  • Oh, so C H O W n.

  • And then what you're going to do is you're going to say first, say the user account, you want to change the owner, too.

  • So it's going to be Tim and I can't do Colon and then I can change the group account.

  • So I'm going to change it to 10 and test group.

  • So basically, pseudo change own Tim is the user account Colon and then test group is the group account we can see currently.

  • It's Bob Bob.

  • Then I do space you test file.

  • So this is the file that we're going to be changing the ownership for.

  • And then I hit her password.

  • 123456 Super secret hit Enter.

  • And it is now done.

  • I do.

  • L s hyphen.

  • L we can take a look.

  • And so where?

  • Chest file was owned by Bob Bob before it is now owned by Tim Test Group.

  • Now let's say I wanted to simply change three user account that owns that particular file.

  • What I could do was again just do sudoku to make my life easier, okay?

  • Own.

  • Then I could simply put a name.

  • So Bob So that's the user account test file.

  • So this will change the ownership for the user account to Bob for test file.

  • I hit.

  • Enter l s hyphen.

  • L we can see now that Bob is owner Test Group is the group owner of test file.

  • Now, what if I just want to change the group owner so I don't want to change the user account owner, Just the group owner.

  • I can leave the user account out and simply knew Colon and then the group name.

  • And that will be for the group owner.

  • So pseudo change own space colon, so we'll just change it to another group.

  • So we're going to go.

  • We're going to change the group owner from a ship from test group to another group space test file, and then you're gonna hit Enter l s hyphen l.

  • And now we can see another group is the group owner, and Bob is the user account owner for test file.

  • So that is what we're dealing with when we're changing either the user account or the group account that owns a particular file.

  • Now it is a little bit different when you're dealing with folders.

  • So let me be clear.

  • Do l s elegant gets there were no what?

  • No, we're looking at and So we're taking a look at the folder.

  • So whenever you're dealing with permissions for Holder, you have to think about the permissions for the folder itself and for the items within the folder.

  • And so that's where you can use something called the recursive option or the recursive argument.

  • So what I can do here is if I'm gonna change the ownership of the test folder could do Sue do I can do space.

  • I could do C a o w end for change owner hyphen upper case are and that will be for recursive.

  • Not only does it change the ownership for the folder itself, but it changes the ownership for the items within the forger.

  • Uh, then I could do space as I've done before.

  • I could do, Let's say, Bub Colon test, uh, group will change both the user account.

  • So basically it's owned by Sue currently and another group.

  • So I will change the ownership of test folder to Bob and to test group, and I will do it recursive Lee do space Fast folder And then I will hit.

  • Enter now, if we do it, l s hyphen l Then this now shows us that Bob is the owner and test group is the group owner of the folder called Cast On.

  • And that's basically how that works.

  • As for as changed, ownership is concerned again.

  • When you're simply doing dealing with files you use change C h o W n.

  • Then you use the user account colon, the group account.

  • Then whatever the file is, if you're going to be dealing with folders, think about using that recursive option in order to not just changed the ownership of the folder itself, but the items within the folder so that that that that runs people into problems, sometimes where they will change the ownership of the folder.

  • But then they don't change the ownership of the items in the folder, and then they run into problems because of permissions issues.

  • And so that is how the change owner command works and latex so that let's go over and take a look at the change mod command to see h m o deep so that we're clear screen again.

  • Where do l s I?

  • L that so we could take a look again at the different files and folders here.

  • So, in order to use the change mod commanded or to change the permissions.

  • We're gonna do a pseudo already c h and O d And then we're gonna change Tito whatever permissions we want.

  • So let's say everybody has full control.

  • So again, if you take you if you're thinking about this these are all the numbers.

  • So one is for execute two is for right for us, for Reed s.

  • So if you want read and write permission, that's six.

  • If you won't read permission, that's four.

  • If you only want right permission, that's too.

  • If you want right and execute profession, that's three.

  • So if you want full control is seven So four plus two plus one is seven And then again, remember, you go across.

  • So with the user account, then the group owner did the user owner account the group owner account and then everybody else.

  • So 777 will mean everybody has permission to do basically whatever they want with that particular file.

  • So that's going to change my mind.

  • And they were going to 777 and then we're going to say for test file.

  • So right now the owner Bob has read rite permission, the Another group owner has read Rite permission and everybody else has re permission.

  • So after this, everybody should have read, right?

  • Execute permission Enter at last life in L Now, as we can see, it has changed from what we had before.

  • So basically everybody has read right?

  • Execute permission again with this.

  • Let's say let's say we want to give the owner all the permission we wanted to give the group owner.

  • Let's read permission and then we want to give everybody no permission.

  • So what, that would be that would be seven for everything.

  • Four for read, zero for not me.

  • Never do anything.

  • So there'll be 740 That's what you do here, Sudo.

  • Okay, Mod 740 for test file.

  • Then you hit Enter at last hyphen l And there we go.

  • Eh?

  • So basically wth e the owner, the user account owner has read right?

  • Execute permission.

  • The group account owner has re permission and then everybody else has no permission.

  • So that's really all there is to the change.

  • Modern man C h m o d command again when you're dealing with folders something that you need to be thinking about, Do you want to change the permission and just for the folder itself or a recursive for everything in there.

  • So again, we have read, right, execute, read, execute and then simply execute.

  • So I could you see H m o d, uh, hyphen again.

  • Uppercase are 777 for test border.

  • Go back with Sue.

  • Do in there to make sure this stupid issues And then I can hit inner less hyphen.

  • L then, as you can see now, test group are this test folder has read, right?

  • Execute, read, right, Execute, read right, Execute So everybody can do anything they want to it here in new bun, too.

  • Basically, the folder will get highlighted in green and we'll have that green background if everybody has full control of the folder, eh?

  • So that's why you get that background.

  • So again, let's say for the folder we want the user account that owns it.

  • Toe have full control.

  • We want the group account that owns it to have a read permission, and they want everybody else to let's say I have nothing against 740 so we could be here a pseudo c h m o d.

  • Seven then we d'oh recursive hyphen R 740 for test folder.

  • So basically change.

  • Change of permissions Recursive lee throughout the folder to 740 for test folder that we enter af in L s hyphen l And there we go.

  • Now we have a test.

  • Fuller again.

  • Read right.

  • Execute for Bob the owner A read for members of the test group and nobody else has permission to do anything in the folder.

  • So that's really all there is to to permissions and ownership being able to change permissions and ownership within Lennox again.

  • The tools that will also be useful for you is using that group's command.

  • So if you just plug in groups command on its own, it will tell you the group's your member off.

  • Uh, if you typing groups space and then whatever the user account you're interested in, it will show you the groups that that user account is a member of the members tool is very useful.

  • The members command shows you the memberships who is a member of certain groups.

  • So you can do put in members space test group.

  • What if the group name is that will show me the members of that particular group.

  • Or of course, you can simply use the cat command and then actually access the E t c slash group file and read that.

  • And then you can actually just see all of the groups and all of the different memberships.

  • So those are valuable tools to use also.

  • And so that's really that's really all there is to changing owners and changing the permissions for files and folders.

  • So that's all you have for changing the ownership and changing the permissions for files and folders again.

  • The big thing and the Lenox world is.

  • Since this is not a graphical user interface, the problem you run into is not the command itself.

  • C h m o d or C H o W n at a hyphen r.

  • That's pretty simple, right?

  • You probably you probably have memorized that already.

  • Uh, the issue that you run into is do you know what members are?

  • There are two particular groups.

  • Do you know what groups you have on your particular Lennox system?

  • Has this been documented anywhere?

  • Are you sure that when you give a permissions to a particular group that all the members of that group should have the permissions that you're giving right.

  • Those the problems that you run into is a real system administrator.

  • Again, the commands are a simple typing.

  • This crap in is simple.

  • It's understanding what the consequences of those commands will be.

  • That things get difficult very quick, right, Because somebody could be a member of a group.

  • You've forgotten about it.

  • You know, I don't know any particular folder you're putting documents on who should get a raise and who should get fired.

  • And you didn't realize that one of the people that's about to get fired is a member of a group that has read permission for everything in that folder.

  • Uh, you know, bad things can ensue.

  • So using the group's command, he's the members Command is going in, making sure what the memberships and the groups are.

  • That is very important for the security and for the permission and honestly, that's where security really fails.

  • In the modern world, as other people don't know how to do the commands, something they don't know what the best practices, they just they just make it dumb configuration change, and then everything goes to hell.

  • Afterwards, again, like when you start looking at things like ransom.

  • Where s so many times?

  • It's because when permission was changed, they used the recursive.

  • Right.

  • So, uh, you see this a lot with web applications where you're going in, you're trying to modify some configuration file.

  • You don't have the appropriate permissions to modify the configuration file.

  • And so what some people dio is they will change mod on the folder and the recursive for 777 Right again, you're going in there and you're testing your playing around.

  • You're experimenting.

  • You're not worried about security.

  • Like I'm not worried about security because I'm just going in and and messing with a few configurations.

  • So C h m o d hyphen r 777 on whatever the folder is.

  • And now you can go in and play with it, you know, willy nilly as you want.

  • Well, then you set everything up properly and hey, the servers working pretty well.

  • And you're not really thinking about it because you haven't messed with the permissions in a month because, right you did not a month ago, when you were first setting up the box and so you think you know, I'll just forward the poor to the Internet.

  • And now basically, you know, any jackass, jackass or the connection to the Internet is able to hack your system, and that's a bad thing.

  • And so that's where you have to be careful with these permissions, the ownership, all of that kind of stuff and really think it through again.

  • Be careful with what you're doing.

  • So that's really all there is to change in ownership and changing the permissions.

  • Um, as always, I enjoy doing this video.

  • I look forward to seeing the next one.

please go to the line the computer guy dot com, in order to view schematics, code and Maur for the projects that you are learning about welcome back.

Subtitles and vocabulary

Click the word to look it up Click the word to find further inforamtion about it