Unlock Linux: How Shell Commands Execute and Manage Permissions

1. Shell Command Execution Principle

1. Shell

Linux is an operating system kernel; users interact with the kernel via a shell program that provides a command-line interface. The shell (e.g., bash) wraps the kernel, parses commands, and passes them to the kernel, offering a safe and efficient user interface.

Shell command execution process:

The shell has two functions: (1) transmit user requests to the operating system; (2) protect the kernel.

2. Why Linux does not let users use the kernel directly

Unlike Windows GUI, Linux users operate through the shell, which parses commands and forwards them to the kernel, then returns results.

2. Linux Permission Concepts

Permissions define which actions are allowed for specific users. Linux distinguishes superuser (root, prompt "#") and regular users (prompt "$").

Superuser : unrestricted access.

Regular user : limited actions.

Users can switch identities, e.g., using su or Ctrl+D to become root.

3. Linux Permission Management

1. User categories for file access

Three categories: owner (u), group (g), others (o).

2. File types and access permissions

File types

Linux identifies file types by the first character in the long listing:

d: directory
-: regular file (text, libraries, executables, source)
l: symbolic link
b: block device (e.g., hard disk)
p: pipe
c: character device (e.g., console)
s: socket

Access permissions

Read (r) allows reading file contents or listing a directory; write (w) allows modifying file contents or deleting/creating files in a directory; execute (x) allows running a file or entering a directory.

3. Permission representation

Permissions can be expressed in symbolic or octal form.

Symbolic notation

r-- : read only

-w- : write only

--x : execute only

rw- : read and write

-wx : write and execute

r-x : read and execute

rwx : read, write, execute

--- : no permission

Octal notation

Each permission set maps to a digit: r-- = 4, -w- = 2, --x = 1, rw- = 6, -wx = 5, r-x = 3, rwx = 7, --- = 0.

4. Setting permissions

Root is unrestricted; permissions affect regular users.

chmod

Only the file owner or root can change permissions: chmod [options] mode filename Option R applies changes recursively.

Symbolic mode uses user symbols (u,g,o,a) with +, -, or = to add, remove, or set permissions.

Example: add execute permission for the owner on IP.log:

Octal mode example: set permissions to 101 for owner, 100 for group, 000 for others:

chown

Change file owner: chown [options] user filename Option -R applies recursively.

Example: change owner of IP2.log to user Gino (requires root):

chgrp

Change group ownership: chgrp [options] group filename Option -R applies recursively.

umask

New files are created with default permissions masked by the umask. View the current umask: umask Typical default is 0022; only the last three bits affect newly created files.

Set umask with an octal value, e.g., umask 333, which changes the permissions of newly created directories until logout:

When the session ends, the umask reverts to its default.

Directory permissions

Read permission allows listing contents; write permission allows creating or deleting files; execute permission allows entering the directory.

Sticky bit

Setting the sticky bit on a directory (chmod +t) prevents users who have write permission from deleting files they do not own; only the file owner, the directory owner, or root can delete those files.