Administrative Access
Many Linux commands deal with sensitive data like system hardware, passwords or operate under exceptional circumstances. Prevents regular users from executing these commands by mistakes and helps to protect data and system integrity. By logging in as root enables the ability to execute privileged commands.
sudo Command
The sudo command allows a user to execute a command as another user, but will not create a new shell. sudo assumes that the default root user should be used to run the command. If you want to run a command using sudo, but as another user, -u option should be used
[sulthan@brainytux ~]$ sudo -u sulthan ls -l total 40 drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 01:09 Desktop drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 11:42 Documents drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 10:42 Downloads drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 01:09 Music drwxrwxrwx. 5 sulthan sulthan 4096 Aug 9 10:55 'OS and Softwares' drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 01:09 Pictures drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 01:09 Public drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 01:09 Templates drwxr-xr-x. 2 sulthan sulthan 4096 Aug 9 01:09 Videos drwxr-xr-x. 3 sulthan sulthan 4096 Aug 9 11:04 'VirtualBox VMs' [sulthan@brainytux ~]$
Example: sudo -u username
Permissions
Determines the ways that users can interact with files and directories. When executing the command ls -l, the output includes permission details.
File Type Field
The first character indicate the type of the file. If it’s a “ – ” character, this is a regular file. The “ d ” character is for the directories.
Permissions Field
The next 9 characters, after the file type character, indicates the permissions. These are broken in sets of 3 characters.
Owner
The first set of 3 characters is for the user who owns the file. If the current account is the user owner of the file then the first set of permissions will apply and the others will have no effect. To determine which of the users is the owner we can take a look at the user owner field.
Group
The second set of 3 characters if for the group that owns the file. If the current user is not the owner of the file and you are member of the group that owns the file, then this set of permissions apply and the others have no effect.
The group for this file can be identified if you take a look at the group owner field.
Other
The last set of permissions if for everyone else. If you are not the owner and you are not a member of the group, than the last set of permissions applies to you.
Permissions Types
r: contents of the file can be read or copied
w: contents of the file can be modified/deleted/overwritten. Allows the file to be added ore moved from a directory
x: a file can be executed/run as a process. Script files require read permissions as well.
Changing Permissions
The file permissions can be changed only by the root user or by the user that owns the file. The chmod (change the modes of access) command must be used in order to change the permissions of a file.
Using the chmod command there are two ways to change the permissions of the file: symbolic and octal.
Symbolic method is good to change a set of permissions at a time.
Octal/numeric method requires knowledge of the octal values of each permission and also requires all 3 sets of permissions, user, group, other to be specified each time.
