COLLEGE OF COMPUTER STUDIES

IT0035L
(APPLIED OPERATING SYSTEMS LAORATORY)

EXERCISE

7
LINUX FILE DIRECTORY PERMISSION AND OWNERSHIP
WITH USER/GROUP ADMINISTRATION
Student Name / Group
Name:
Name Role
Members (if Group):

Section:
Professor:
I. PROGRAM OUTCOME/S (PO) ADDRESSED BY THE LABORATORY EXERCISE
  Ability to use and apply current technical concepts and practices in the core information
technologies; human computer interaction, information management, programming, networking and
web systems and technologies. [PO: J]

II. COURSE LEARNING OUTCOME/S (CLO) ADDRESSED BY THE LABORATORY EXERCISE

 Perform file and directory creation and manipulation using DOS commands; LINUX installation in
virtual machine, file and directory creation and manipulation, and system administration using LINUX
commands. [CLO: 2]

III. INTENDED LEARNING OUTCOME/S (ILO) OF THE LABORATORY EXERCISE

At the end of this exercise, students must be able to:
 Able to assign/modify permission and different ownerships to files and directories using symbolic and
absolute file permission commands.
 Able to create/delete user/group and modify its corresponding details.

IV. BACKGROUND INFORMATION

File/Directory Ownership

Every directories and files inside the Linux system is owned by a specific user and group. File
permissions for each file and directory are defined separately for users, groups, and others (users other
than the owner and the members of the group). The description of each type of owners is as follows:

Owner Description

User The username of the person who owns the file. By default, the user who creates
the file will become its owner.
Group The group that owns or has access to the file. All users who belong into the group
will have the same access permissions to the file. This is relevant in situations
wherein several users would need access to a common directory or file. Instead of
assigning each user to have access to a certain file or directory, a group can be
created, and be given access. In this sense, whenever users will be given access
to the file or directory, the user will just have to be added to the group that can
access it.
Other These are users other than the owner and the members of the group with access
to the said file or directory. In other words, if you set a permission for the "other"
category, it will affect everyone else by default.

File/Directory Permission

IT0035L-Applied Operating System Laboratory Page 2 of 14

 Owners of files and directories in a Linux system should be provided with permissions to define the
level of accessibility the owners have for a certain file or directory. There are three types of access
permissions on Linux: read, write, and execute. These permissions are defined separately for the file's
owner, group and other users.

Permission Description

Read (r) For a regular file, the read permission (r) means the file can be opened, viewed
and read. For a directory, the read permission means you can display (thru the
command ls) the contents of the directory.
Write (w) For a regular file, the write permission (w) means you can modify the file (write
new data to the file). For the case of a directory, the write permission means you
can add, remove, and rename files inside the directory.
Execute (x) For the case of a regular file, the execute permission (x) means you can execute
the file as a program or a shell script. For a directory, the execute permission
allows you to execute commands in the said directory (e.g. access files in the
directory and enter it, with the cd command. However, note that although the
execute bit lets you enter the directory, you're not allowed to list its contents,
unless you also have the read permissions to that directory).

Viewing File Permission

To view the access permissions of a file, the ls -l command. The said command allows the long
directory listing to be displayed, as seen in the example below:

$ ls -l
drwxr-xr-x 3 user1 users 80 2005-09-20 21:37 dir
-rw-r----- 1 user1 users 8187 2005-09-19 13:35 file
-rwxr-xr-x 1 user1 users 10348 2005-07-17 20:31 otherfile

The output of the ls –l command (as seen above) is interpreted as follows:

 The first column, shows the file type and permissions.
 The second column shows the number of links (directory entries that refer to the file)
 The third column shows the owner of the file
 The fourth column shows the group the file belongs to.
 The other columns show the file's size in bytes, date and time of last modification, and the
filename.

The first column is organized into four separate groups, as follows:

 The first group consists of only one character, and it shows the file's type.

IT0035L-Applied Operating System Laboratory Page 3 of 14

 For example, ‘d’ means a directory and ‘-‘ means a normal file.

The first character can be any of these:

d directory
- regular file
l symbolic link
c character device file
b block device file

The next nine characters show the file's permissions, divided into three groups, each consisting of
three characters. The first group of three characters shows the read, write, and execute permissions for
user (the owner of the file). The next group shows the read, write, and execute permissions for the
group owner of the file. Similarly, the last group of three characters shows the permissions for other
users.

To summarize, the characters seen for each owner’s permission could be as follows:

r read permission
w write permission
x execute permission
- no permission

Examples:

$ ls -l
drwxr-xr-x 3 user1 users 80 2005-09-20 21:37 dir

Explanation: dir is a directory, owned by user1 with read, write, execute permissions, can be accessed
by the members of the group users and by other users with read and execute permission

-rw-r----- 1 user1 users 8187 2005-09-19 13:35 file

Explanation: file is a regular file, owned by user1 with read and write permissions, can be accessed by
the members of the group users with read only permission while other users won’t be able
to access the file.
Setting File Permission – Symbolic Mode

IT0035L-Applied Operating System Laboratory Page 4 of 14

 File permission can be set using the chmod command. Both the root user and the file's or directory’s
owner can set file permissions. chmod has two modes, symbolic and numeric.

chmod, in symbolic mode is used as follows:

Wipe out all the permissions but add read permission for everybody:
$ chmod u=r,g=r,o=r file1
After the executing command, the file's permissions would be -r--r--r--

Referring to the output of the command executed above, add execute permissions for group:
$ chmod g+x file1
After the executing command, the file's permissions would be -r--r-xr--

Referring to the output of the command executed above , add both write and execute permissions for
the file's owner. Note that more than one permission can be assign at the same time:
$ chmod u+wx file1
After the executing command, the file permissions will be -rwxr-xr--

Referring to the output of the command executed above, remove the execute permission from both the
file's owner and group.
$ chmod u-x,g-x file1
After the executing command, the permissions are -rw-r--r--

Setting File Permissions – Numeric Mode

The other mode in which chmod can be used is the numeric mode. In the numeric mode, the file
permissions aren't represented by characters. Instead, they are represented by a three-digit octal number.

4 = read (r)
2 = write (w)
1 = execute (x)
0 = no permission (-)

To set the permission, add up the numbers accordingly.

For example, the rwx permissions would be 4+2+1=7, rx would be 4+1=5, and rw would be 4+2=6.
Since separate permissions are set for the user (owner), group, and others, a three-digit number
representing the permissions of all these groups should be obtained.

IT0035L-Applied Operating System Laboratory Page 5 of 14

Example:
$ chmod 755 file1
This will change the file1’s permissions to -rwxr-xr-x. The owner will have full access to the file (that is,
read, write, and execute permissions (7=4+2+1)), the group will have read and execute permissions
(5=4+1), and the others will have the read and execute permissions as well.

$ chmod 640 file1

In this example, file1’s permissions will be set to -rw-r-----. The owner will have read and write permissions
(6=4+2), the group will have read permissions only (4), and the others won’t have any access permissions
(0).

The numeric mode may not be as straightforward as the symbolic mode, but with the numeric mode, you
can more quickly and efficiently set the file permissions. This quick reference for setting file permissions in
numeric mode might help:

Which number?
0 ---
1 --x
2 -w-
3 -wx
4 r--
5 r-x
6 rw-
7 rwx

Changing the owner of a file

File and directory ownership can be modified using the chown command. Take note, however, that the root
user or the owner of the file can only do this task.

Set the file's owner:

$ chown username filename
After executing this command, the new owner of a file called filename will be the user username. The file's
group owner will not change.

IT0035L-Applied Operating System Laboratory Page 6 of 14

You can also set the file's group at the same time. If the user name is followed by a dot and a group name,
the file's group will be changed as well.

$ chown username.usergroup filename

After executing this command, filename's new owner would be user username and the group usergroup.

You can set the owner of a directory exactly the same way you set the owner of a file:
$ chown username dirname
After executing this command, only the owner of the directory will change. The owner of the files inside of
the directory won't change.

In order to set the ownership of a directory and all the files in that directory, you'll need the -R option:
$ chown -R username dirname
The option -R stands for recursive since this command will recursively change the ownership of directory
and its contents. After issuing the example command, the user username will be the owner of the directory
dirname, as well as the content in that directory.

Changing The Group Ownership Of A File

In addition to chown, the chgrp command can also be used to change the group ownership of a file or a
directory. You must either be the root user or the owner of the file in order to change the group ownership.

Example:
$ chgrp usergroup file1
After issuing this command, the file file1 will be owned by the group usergroup. Although the file's group
has changed to usergroup, the file's owner will still be the same.

$ chgrp –R usergroup dir1

The option -R stands for recursive since this command will recursively change the group ownership of
directory and its contents. After issuing the example command, the group usergroup will be the group
owner of the directory dir1, as well as content of that directory..

Create/Delete User/Group
 User Account Creation
Syntax: 
useradd username
 
Note:
 useradd command - requires only a username; others are optional e.g : useradd batman This
command creates the user batman, including the user’s home directory ‘/home/batman’, a group
named ‘batman’, and an email account file. It also assigns a unique UID for the said user as well
as the default shell environment.

IT0035L-Applied Operating System Laboratory Page 7 of 14

  Linux kernel version 2.2 and below can accommodate 65,000 users. Higher Linux kernel version
can support more than 65, 000 users.

useradd command options

 -c allows user full name specification
 -s allows specification of user’s shell environment
 -d allows home directory specification
 -g allows specification of primary group

User Account Management

 All new users added will use the content of the directory /etc/skel as the user’s home directory
content
 Desktop is always the first directory because all users by default should have an access to X
windows environment
 UID always start at 500, the system increments by 1 every after a new user is added to the
system
 UID is just used for identification; no access control right is related to any UID (user id)
 The system sees the UID as the owner of the file and not the username
 A user can only have one primary group.

Deleting User Accounts

 userdel command - removes the user and his files or directories
Syntax:
userdel username

Example:
userdel –r batman
Note: This command removes the user batman including the assigned directory by default
‘/home/batman’, the primary group batman and all other properties set for the said user.
It is necessary to use the option –r when deleting users in Linux so that all files and directories
created by default during user creation will be deleted.

Modifying User Details/Properties

 usermod command - modifies a certain user’s property
Syntax:
usermod -g groupname -d /newdirectorylocation –m username

Example:
usermod -g marvel -d /home/bruce –m batman

Note: In the command above, user batman’s home directory will be moved to /home/bruce
(originally /home/batman following the output of the user creation command “adduser batman”

IT0035L-Applied Operating System Laboratory Page 8 of 14

 command) including the content of batman’s old home directory (this was made possible using the
“-m” option). In addition, batman’s primary group will be changed to marvel (originally batman
following the output of the “adduser batman command).

Modifying User Details/Properties

•  usermod command options
•  -d change user’s home directory
•  -m transfers the content of the old user’s home directory to its new location
•  -g change user’s primary group membership
•  -G change user’s supplementary group membership
•  -c assign user’s full name
•  -u change user’s UID (usually followed by -o after specifying UID value)

usermod –g ‘primary group’ –G ‘supplementary group’ – d ‘new directory’ –m username

Group Creation and Management

•  Adding Groups
Syntax:
groupadd groupname

 groupadd command – a command that creates new group; a group can only be added one at a
time
Example: groupadd superman
Note: This command creates a group named superman.

 groups command – a command used to view the group where a certain user belongs to
Example: groups batman
Note: This command will show what group user batman belongs to.

Changing User’s Group Membership

 usermod –g username
The ‘-g’ option will change the user’s primary group membership
 usermod –G username
The ‘-G’ option will change the user’s supplementary group

Note: All groups created in a Linux box can be seen inside the file group under the etc directory
(/etc/group). Also, all existing users in the system can be seen inside the file passwd under the etc
directory (/etc/passwd).

IT0035L-Applied Operating System Laboratory Page 9 of 14

V. GRADING SYSTEM / RUBRIC (please see separate sheet)

VI. LABORATORY ACTIVITY

TASKS:
Part I. Define and explain the permissions and ownership assigned to files and directories. Use snipping
tool to capture the output.

1. Type the command pwd. What is the output?

Paste your output below:

What is the meaning of pwd?

2. The output of the above command should display your home directory. In case you are NOT inside
your home directory, type the command cd ~ to redirect you to your home directory.
Once inside your home directory, create a directory and name it LabExer7.
Paste your executed command and output below:

3. Go inside the LabExer7 directory. Inside this directory, create another directory and name it
LabExer7Dir. Also, create a file and name it LabExer7File using touch command.
Paste your executed command and output below:

4. After creating the file and directory as stated above, type the command ls –l (make sure that you are
inside the LabExer7 directory)
Paste your executed command and output below:

5. Explain in your own words the ownership and permission of directory LabExer7Dir and file
LabExer7file. Refer to the explanation format as seen in the Introduction part.
Explanation:

IT0035L-Applied Operating System Laboratory Page 10 of 14

Part II. Assign or set permission to files and directories using the read, write and execute permissions
Note: Provide the command both is symbolic and absolute/numeric mode to do the specified task.

6. Referring to the file created above (LabExer7File), set the permission of the said file as follows:
User (owner) = read, write, execute
Group = read, write
Others = read only
Paste your executed command below:
Symbolic:

Absolute/Numeric:

After executing the command above, display the long directory listing of LabExer7 using the
command ls –l. Write on the space provided below the details for LabExer7File.
Paste your output below:

7. Referring to the directory created above (LabExer7Dir), set the permission of the said directory as
follows:
User (owner) = read, write, execute
Group = read, write, execute
Others = read and execute

Paste your executed command below:

Symbolic:

Absolute/Numeric:

IT0035L-Applied Operating System Laboratory Page 11 of 14

 After executing the command above, display the long directory listing of LabExer7 using the
command ls –l. Write on the space provided below the details for LabExer7Dir.
Paste your output below:

Part III. Assign or set permission to files and directories given a certain scenario or situation.
8. Using touch command, create a file, and name it lab7.txt. Provide the ff. file permission to the newly
created file.
 Make sure that the said file can only be read, modified and executed by the owner (user)
 It can only be read by the members of the group who has access to the said files.
 Other users don’t have access to the said file.

Write below the answers and commands to do the specified tasks:

Command/syntax used in the creation of the file lab7.txt

Paste your executed command and output below:

Symbolic mode:
Paste your executed command and output below:

Absolute mode:
Paste your executed command and output below:

IT0035L-Applied Operating System Laboratory Page 12 of 14

Part IV. Modify ownership and group ownership of files and directories

For this part, in case you cannot switch as root user, the tasks need not be executed from the Linux box.
You will be asked to specify the commands to complete the task. Write your answer on the space provided
after each task.

9. Assume that lab7.txt is currently owned by root and the group user1. What command will you issue to
change the ownership of the said file to user1?

Answer:

10. Assume that lab7.txt is currently owned by user1 and the group user1. What single command will you
use to change the owner, as well as the group ownership of lab7.txt to user2 and group user2?

Answer:

11. Assume that lab7.txt is currently owned by user1 and the group user1. What command will you issue to
change the group ownership of the said file to user2?

Answer:

12. Assume that lab7.txt is currently owned by user1 and the group user1. What command will you issue to
change the ownership and the group ownership of the said directory to user2 and the group group2?

Answer:

IT0035L-Applied Operating System Laboratory Page 13 of 14

Observation

Conclusion

VII. REFERENCES:

 Sobell, M., et al. (2017). A Practical Guide to Linux Commands, Editors, and Shell Programming,
4th Ed. Addison-Wesley Professional
 Cobbaut, P. (2016). Mastering Linux- Networking
 Blum, R., (2015). Linux Command Line and Shell Scripting Bible
 Fox, R., (2015). Linux with operating system concepts
 Dulaney, E., (2014). Linux all in-one for dummies, 5th Ed.Wiley
 Rosen, R. (2014). Linux kernel networking: implementation and theory. Apress

IT0035L-Applied Operating System Laboratory Page 14 of 14