The passwd command gives you the flexibility to interactively create or change your password. IN some installations, the system administrator assigns a password when your account is created. You should immediately change this password once you login, to prevent others from using your account.

The following exercise shows how to change the password for user ariel. The system asked for the current password, then asks for the new password. To ensure that the correct password is typed, the system asked to retype the password. If the passwords are identical, then system prompts that the password are updated.

Note that in some system, every keystroke is replaced by the asterisk (*) while others do not display anything.

Change your password adopting the following scenarios:

1. Scenario 1. Enter a wrong (current password)
2. Scenario 2. Enter the same new password
3. Scenario 3. Enter two non-identical new passwords
4. Scenario 4. Enter short passwords
5. Scenario 5. Just change the case of the new password.

The who command enables you to find out who are logged in on the system.

who lists the login names, terminal lines, and login times of users who are currently logged in.

The whoami and who am i variation of the who command identifies the invoking user.

Changing the Group Ownership of Files with the chgrp

A company is often organized into groups, such as accounting, sales, operations, and so on. In the UNIX world, users are also divided administratively into groups. Each group is identified by a specific group number and a group name. A record of these items is stored in the /etc/group file; that contains a listing of the group number and the group members for each group.

Issue the command less /etc/group to scroll to the groups file

A user may be a member of many groups. The system administrator sets up the default group for the user. The user can switch to any group of which he is a member to access the file in that particular group.

A file is “owned” by the user that created it. Other than the super user, a file’s owner is the only user who has absolute control over the access permissions for the file. When a file is created, it is assigned your user ID number and your current group ID number.

In the next exercise, the chgrp command grants the isidro group access to file1

Switching Groups with newgrp

As a user, you may be listed in several groups. The /etc/group file lists the groups you are assigned to by the system administrator.

Issue the piped command cat /etc/group|grep ariel. The command displays the /etc/group file, however with the piped grep ariel, it will display only the lines with the word ariel as shown below:

Or issue the command groups to list the groups where you are a member.

While the command chgrp changes the group affiliation of files, the newgrp changes the gropu affiliation of a single user. The new group affiliation lasts throughout the user’s session, or until the user issues another newgrp command.

The following exercises illustrate how the newgrp command affects group affiliation:

Exercise 1. Using the id command to display identification and group affiliation.

Exercise 2. Using touch to create files.

Setting File and Directory Permissions with chmod

UNIX users can read and write files. In addition, users can execute files such as shell scripts and binary programs. The process of accessing files based on the mode of access are called read, write and execute. This ability to read, write and execute a file is called a permission.

Read (r) permission allows a file to be read and copied. If you use read permissions with a directory, you can list the contents of that directory.

Write (w) permission allows a file to be modified. If you use write permission with a directory, you can add or delete files in that directory.

Execute (x) permission allows you to run the file as a program by typing the file’s name. When you are granted execute permission for use with a directory, you have search permission for the directory; you also have the power to make that directory you current directory.

UNIX divides the read, write, and execute modes of its users into three categories. The three categories are independent and pertain only to the users who fit into each category. The categories are as follows:

• Owner – the user ID who created the file or directory
• Group – the group ID affiliated with the file
• Others – public access to a file by all other users

Arrange the three access categories in a row and list the possible modes of access below each category:

Each file has a set of access-mode attributes associated with its i-node entry. These attributes contain read, write and execute access attributes for each of the categories: Owner, Group, and Others. Recall that these attributes can be seen when you issue the ls –l command. The first field is the permissions field which is a series of rwx and – characters.

The first column of the permissions field is the file type indicators which could be any of the following: d – directory, b – block-type special file, c – character-type special file, l – symbolic link, p – pipe, s – socket, ‘-‘ – regular file.

The next three columns describe the owner’s access permissions. An ‘r’ in the second column indicates read permission; a ‘w’ on the third column indicates write permission; while an ‘x’ in the fourth column indicates execute permission. Execute permission on a directory allows the owner to list the contents of the directory, whereas execute permission on a file allows the owner to run the file. When a ‘-‘ appears in place of the r, w, or x, the corresponding permission is not granted.

The permissions for group members are listed in the next three columns. Similarly, the permissions for the group are listed as r, w, and x. Members of the group can access the directory or file depending on the permission given to them.
The remaining three columns in the permissions field are for Others, i.e., users who are neither owner nor group member. Others are also referred to as Public.

The most common directory permission:

The chmod command enables you to specify permissions in two different ways: symbolically or numerically. Symbolic notation is most commonly used to modify existing permissions, while numeric notation always replaces any existing permission with the new value specified.

Symbolic notation follows the format shown below:

Exercise. Using touch and ls, try changing permissions and observe what happens as you enter the following commands:

The second form of input that chmod accepts is absolute numeric values for permissions; and uses binary numbers. The convention is that if a permission is present, the binary digit is a 1 and zero otherwise. Thus rwxrwxrwx is 111111111, r xr xr-x is 101101101 and rwx—— is 111000000.

You know that the permissions are grouped into three categories thus, rwxrwxrwx, 111111111 in binary is equivalent to 777 in decimal notation, r xr xr-x , 101101101 in binary is 555 in decimal and rw——- 110000000 in binary is 600.

Exercise. Using touch and ls, try changing permissions and observe what happens as you enter the following commands:

Controlling File Permissions with umask

The umask command controls the establishment of permissions with newly created files. You use the umask command to set the default permission of your newly created files.

The value of the umask is actually the value that is taken away (subtracted) from the 777 value for a file. 7 in the umask value will mask the 7 in a file mode because 7 – 7 = 0. Therefore, a 7 in the umask value results in no permissions for the user(s) in that category. A 3 in the umask value means that the file has a read permission set for the corresponding category. Again, starting with 7 and masking with 3 gives 4, and 4 in octal mode is the read permission. UNIX starts with 7’s in the user, group, and other categories, and then subtracts the corresponding number in the umask value. The permissions for the created file are the results of the subtraction.

Do the following exercises and analyze the results:

The last three digits indicate the umask value for the user, group and other users, respectively. You specify the mask by using a three-digit octal number. The first digit controls the owner permission, the second digit controls the group and the third digit controls the permission for others.

The previous exercise demonstrates how to change the value of the umask.

Do the exercise below and analyze the result:

When you alter the value of umask, keep in mind that the changes apply only to files being created; it does not change the permission of the files that already exist.

Switching between Accounts with su

There may be times when you need to change your user id, but do not want to log out of the system. For instance, if you are the System Administrator working under an ordinary login, not root, you can use su to become the root user. In fact, the command name su is derived from its common use of switching to the super user.

You can use the su command to switch between accounts (if you have multiple accounts). If you do not provide a username argument, it is assumed that you want to switch to the root account. Use the exit command to return control to the previous account.

Work on the following exercise to change your user ID to root.

Changing File Ownership with chown

When you create a file, UNIX gives you the ownership of that file. The chown command enables you to change the ownership of a file. The command is often used by System Administrators. If, however, you need to grant another user ownership of a file, thus giving up your owner permissions, you can use the chown command.

If however, you are not able to change the ownership, only the super user, root, is able to change ownership.

Displaying the Name of the Current System with uname

The uname command displays the name of the current system. This command is especially useful if you are working on a multiuser network. You can use this command to find out information about the system you are using.

Use the help to list all available options for uname.

Options available with the uname command

Do the exercises below and know more about the system you are using:

Report on the Status of Processes with ps

A program and its associated data in execution is called an “active process”. The ls command for example, is just a command until it begins to execute in computer memory. Then it is considered a process running under the supervision of the kernel.

Because UNIX is a time-sharing system, it needs to keep track of the information it acquires when switching back and forth between tasks. To accomplish this, UNIX, assigns a process identification number (PID) to each process. The process ID is the number printed on the screen when you place the ampersand character (&) after a command to run the command in the background. All processes are assigned numbers. Normally, however, you don’t see the numbers.

The figure below shows the ls command with a leading ampersand. Note that the PID 2179 is displayed after the command is executed.

You use the ps command to report the status of the processes on the current terminal. There may be instances that you want to check the amount of computer time a command had been using, obtain the process ID number to terminate the command, or verify which commands are running.

Another common use of the ps command is to see processes running in the background and to see what is happening in the system.

The ps command displays the following default headings as indicators of the information presented below it. The table below lists and explains these headings

The exercises below illustrate various options commonly used with ps. To find out what processes you currently have running, use the following command :

To obtain a full listing, use the following command:

To get a long listing, use the following command:

Stopping Background Commands with kill

Normally, when you are running a command that is not in the background, you can abort it by pressing an interrupt key, such as <^C> or . However, the same is not applicable for commands in the background. Pressing an interrupt key will not stop the command. The only way you can stop background commands is to use the kill command.

You may need to stop a job you are running in the background for several reasons. For example, if a process is waiting for an input that it cannot get. The process goes into an infinite loop. You can use the kill command to get out of these situations. The kill command sends signals to a program to demand a termination.

The exercise below shows how a command is stopped using the kill command.

Exercises

1. Explain what the following umask values would make the default permissions for newly created files:
   1. 007
   2. 111
   3. 272
   4. 077
   5. 222
   6. 544
   7. 777
   8. 733
   9. 754
2. Translate the following file permission strings into their binary and numeric equivalent:
   1. r – - r w – r – -
   2. r w – - w – - w –
   3. r w x r – x r – x
   4. r – - r – - r w –
   5. – w – - w – - w –
   6. r – x – - x – - x
3. Normally, System Administrators are not allowed to alter a file’s permission and ownership without the owner’s consent. Identify situations when the System Administrator may need to override this situation.
4. What are good practices in securing your password?
5. Is it a good practice for System Administrators to use their root account? Explain.