In this lab you will learn how to assign permissions to files and
directories to provide a measure of security and privacy to your files
on a multiuser system.
If you get stuck, have a question or want to share something you learned with this lab then use the CIS 90 Forum at
Log on to Opus so that you have a command line shell at your
service. Be sure you are in your home directory to start this lab.
Using the chgrp, and chmod commands, you will modify the
permissions on files and subdirectories in your home directory.
- From your home directory, type the ls -l command.
these files? To which group do they belong?
How can you distinguish file
entries from directory entries?
- Do a long listing of the file, /home/rsimms/uhistory. Who owns it?
Can you move the file to your home directory? Why or why not?
Can you copy the file to your home directory? Why or why not?
- Now that you have copied the file uhistory to your home directory,
who owns it? What are the permissions?
- Display the contents of the file uhistory on your screen.
Now take away read permission using the command:
chmod -r uhistory
Try to display the contents of the file as you did above. Does it work?
- Now give read permission back but take away write permission:
chmod 444 uhistory
Verify the success of the above command.
- Take away execute (search) permission from the misc directory:
chmod -x misc
Do short and long listings of the misc directory using the ls and ls -l commands.
Try to display the contents of the fruit file with the command:
Try to change directories to misc.
- Give yourself back execute permission but take away read permission:
chmod +x,-r misc
Change your current directory to the misc directory.
Try displaying the contents of the misc directory.
Display the contents of the fruit file.
- Change back to your home directory and set the misc directory to full
chmod 777 misc
- Set the permissions of your poems directory and its subdirectories so
that you have full permissions as owner, but group and others have no write
permission. Group and others should still have read and execute permission.
- Set all ordinary files under the poems directory to be read only for user, group, and others. We want everyone to read our poetry, but no one should modify it, including ourself.
See if you can do this using a minimum number of commands. (hint: use filename
- Change the permissions of your bin directory so that you have full permission,
group has read and execute, and all others have no permissions.
- Set the executable files under bin to have the following permissions:
disallowing others outside the group from executing our commands.
- Change the group id of the following directories: class/labs,
and class/exams to be users:
chgrp users class/labs class/exams
- For the class directory set the permissions to 710.
For the labs subdirectory, set permissions to 530.
For the exams subdirectory, take away all permissions from group and others,
leaving full permission for owner.
- Make all ordinary files under class/labs and class/exams be:
read-write for owner
no permission for group and
no permission for others.
- For the edits directory, give yourself full permission, but no permission
for group or others.
For the ordinary files under edits, take away read permission from group,
leaving everything else as it is.
- Add read permission for everyone to all the files in the misc directory.
- Run the umask command and note the three digit number displayed.
- Create an empty file called old and an empty directory called olddir:
touch old; mkdir olddir
- Run the umask command giving it the argument: 000
- Create an empty file called new and an empty directory called newdir:
touch new; mkdir newdir
- Look at the permissions of these four files you've created.
Notice how they have changed. Can you figure out what umask is for?
- If you can't, try setting the umask to 777 and making a newer file.
In any case, set your umask back to 002 with the command:
You have now finished this lab. To submit the results, enter the command:
30 points for successfully completeing all steps
Less 1 point for each step not completed correctly