Ubuntu Server LTS 9.10
I am the kind of person who thinks up a project and then goes out and learns how to do something as I am doing the project. About 4 months ago I started playing with Ubuntu because I needed to get a good web server going. Though the learning curve was huge for the first 2 days, I had found myself becoming fluent in moving about the OS in no time at all. Today I find that Ubuntu is much easier and faster to work with than a Windows Machine.
Ubuntu Server 9.10 is a text based operating system. The OS’s low CPU and RAM usage allows you to run services smoothly and without trouble.
I would like to share with you my Quick Refernce guide to the basics of Ubuntu Server 9.10, and how to navigate through the OS.
The first thing you need to understand about Linux is that it’s focus is around security – An operating system connected to the Internet without security is like leaving your house unlocked. Ubuntu, as well as many other varieties of linux, have a specific user system that controls what each user can and can not do.
- The user root is equivalent to Administrator on a Windows Machine.
- When you are logged in as a user other than root, you can use the command sudo to execute a function as the root user. pico is a basic text editor. Normally used like pico filename.txt. But if you are logged in as a user other than root, should you need to edit a file as the root user you would use sudo pico file.txt. It asks you for the root accounts password after that. Upon successful entry of the password it will not ask you for it again for the duration of that session (until you log off).
Each file has a user and a group it belongs to, as well as a set of permissions represented by a 10 digit string composed of dashes (-), r, w, x, and d. This can be confusing at first, but I promise, with a little bit of effort and repetition, you will have it down pat.
We can set the user and group of each file, as well as the permissions of each, with 2 commands. CHOWN and CHMOD. After I explain the permissions, I will explain how to change or set them.
Here is a break down of what each mark means and how they all work together.
- Each file’s permissions are represented by 10 spaces: – — — —. Here we have broken it up into 4 different groups separated with spaces.
- The 1st dash is the flag for directory or file. Example: d——— is a directory, If the d was a -, it would be a file.
- The 2nd group contains 3 dashes. These 3 marks represent the read, write and execute permissions for the user of the file. Example: Permissions drwx—— means it is a directory where the user has full control over the file.
- The 3rd Group contains 3 dashes as well. These are the read, write and execute permissions for the group the file belongs to. For example, lets say the poem.txt belongs to user john and group public (john:public). If we want to set the permissions to allow user account john full control over the file to read and write to the file, but limit the public group so they can only read the file. it would look like this: -rwxr—–.
- The fourth group also contains 3 dashes. These are read, write and execute permissions for all other users on the system.
At this point, login to your box with your root account and navigate the the /var directory. Type ls -l to list off the contents of this directory. (In caps that is LS -L).
root@webserver:/# cd var
root@webserver:/var# ls -l
total 52
drwxr-xr-x 2 root root 4096 2009-12-12 06:37 backups
drwxr-xr-x 12 root root 4096 2009-10-18 03:01 cache
drwxrwxrwt 2 root root 4096 2009-03-27 02:42 crash
drwxr-xr-x 49 root root 4096 2009-12-03 15:24 lib
drwxrwsr-x 2 root staff 4096 2009-04-13 03:33 local
drwxrwxrwt 3 root root 60 2009-12-29 06:49 lock
drwxr-xr-x 16 root root 4096 2009-12-29 06:49 log
drwxrwsrwt 2 root mail 4096 2009-12-27 07:14 mail
drwxr-xr-x 2 root root 4096 2009-10-15 16:03 opt
drwxr-xr-x 17 root root 600 2009-12-29 11:35 run
drwxr-xr-x 7 root root 4096 2009-11-30 12:05 spool
drwxrwxrwt 2 root root 4096 2009-04-13 03:33 tmp
drwx—— 2 root bin 4096 2009-12-01 22:17 webmin
drwxrwx— 13 www-data www-data 4096 2009-12-12 12:42 www
drwxr-xr-x 2 root root 4096 2009-12-09 00:44 www-backup
root@webserver:/var#
You can see of the left we have the permissions of each file, followed by the user, then the group, then the modification date, then the file name. All of the files in my /var directory are directories themselves – you can see this with the d in the beginning of the permissions. Let’s look at the backups folder here. It is a directory, the user account root can read, write and execute (run) the file. It belongs to group root, which can read and execute the file only but can not modify the file. Everyone else can execute it and that is all.
If one wishes to change the user or group of a file (or mulltiple files / folders), you can use the chown program/function.
chown user:group /folder/file
…And if you want to change the permissions of the users / group then use chmod.
chmod 770 /folder/file.txt
This next little part might get a little confusing for some people. That’s OK!!! Don’t stress on it because it just takes a little time to get used to and understand all of this. Chmod uses 4 (sometimes 3) numbers to represent the same permissions represented by the d-xw–rx-rx- permissions string. Each number represents one of the 3 groups – user, group, and everyone else. The directory flag can not be changed with chmod or chown.
r = 4, w = 2, x =1
We add up the values of the permissions. So the number 7 means read, write and execute because 4+2+1 = 7. The number 3 is equal to write and execute because w = 2, x = 1 and 2+1=3. Example: Let’s set a file (poem.txt) to allow the the user full control, and no access for anyone else (ie -rwx—— or 700):
chmod 0700 /var/folder/poem.txt.
Now let’s change the user and group to root:
chown root:root /var/folder/poem.txt
Both chmod and chown will execute and return no confirmation message weather they fail or are successful. If we want the programs to return a confirmation message, we simply pass them a -v.
-v = Verbouse (Flags are case sensitive. This one is lower case.) If we need to change the permissions of a file or folder we do:
chmod -v 770 /var/folder/poem.txt
This should return something similar to:
mode of `poem.txt’ changed to 0770 (rwxrwx—)
If we need to change multiple files inside of a directory, we can use the -R flag to recursively apply permissions to all files and folders within the folder specified. Use the -v flag to make the programs return a message with each file they attempt to change.
chmod -R -v 0770 /test
mode of `test’ changed to 0770 (rwxrwx—)
mode of `test/somefolder’ changed to 0770 (rwxrwx—)
mode of `test/somefolder/poem.txt’ changed to 0770 (rwxrwx—)
mode of `test/testing_area’ changed to 0770 (rwxrwx—)
mode of `test/t’ retained as 0770 (rwxrwx—)
mode of `test/t/test.txt’ changed to 0770 (rwxrwx—)
mode of `test/abc’ changed to 0770 (rwxrwx—)
root@webserver:~#
I want to point out something that, I hope, will stop you from accidentally making a mistake in the future. When using chmod, chown, or you are just moving about your files…..make sure you reference files properly. If you go cd foldername then you should now be in /foldername. If you are in /var/www and type cd foldername you will get a message that the folder or file does not exist. But if you type cd /foldername you will be “moved” to /foldername. When working with chmod once, I accidentally put a slashes in front of an Astrix and it started changing the permissions of my entire system!!! Bad move I tell you! A lot of stuff stopped working because of it, and it took me a long time to fix it.
Example of what not to do:
If you are in /var/www/ and want to chmod all the stuff in there, you can do something like:
chmod -R -v 0770 *
If you type
chmod -R -v 0770 /*
It will Chmod your entire computers contents. So I am assuming that you are logged in as root, correct? root can and will change permissions to all files on the computer if you mess up like I did. This is one small reason why we do no use the root account for casual computer activities, etc. We should not ever even have to log in as root. We should always login as another user, other than root, and use the sudo function/program to execute programs as the root user.
So, for instance, if I am logged in as user john and I need to chmod a file as root, it would look like this:
mode of `poem.txt’ retained as 0770 (rwxrwx—)
john@webserver:~/test/somefolder#
To change directory use cd, you can specify relative folders in the same directory that you are in, or you can specify the absolute path to the directory by placing a slash in the front of the folder.
cd /directory/folder2
Use chmod to change file permissions.
Use chown to change the user and group a file of folder belongs to.
In my next post I am going to be setting up a web server on Ubuntu Server 9.10. I will go over the installation of extremely useful programs such as SSH, Apache, PHP, MySQL, Curl, and FTP. I may even venture off into VMWare Server, and Openfire XMPP Jabber Server.
Comments and corrections are welcome.
Also, links back to this post are extremely appreciated as well ;D
Related posts:
- Ubuntu Desktop 9.10 – Recent update causes Laggy graphics & poor video playback I have a Levono Mini desktop PC that I installed...
- PHP / MySQL Web Server on Windows, Mac, or Linux Tutorial Note: The software here will work for Mac and Linux...
- Curl PHP Tutorial, Getting Your Server Ready And The Only Script You Will Ever Need Introduction Curl PHP is awesome. You can use it to...
Related posts brought to you today by The 48 Laws of Power iGoogle Gadget.