Let's Learn Linux!: Linux Permissions - Issue #3 - GaiaYoga Gardens, Lower Puna, Far East Big Island, Hawai'i - Saturday, March 4, 2023

avatar
(Edited)

Polish_20220714_121452303.jpg

Polish_20220714_121631044.jpg

Polish_20230217_163432316.png

Polish_20220714_121631044.jpg

Warm greetings fellow Linux-and-FOSS lovers! ๐Ÿ˜๐Ÿ™๐Ÿ’šโœจ๐Ÿค™

Welcome the third issue of Let's Learn Linux! I mentioned last week that my new Dell laptop had died, and that I was intending to send it back for a refund, so that I could choose another. I was finally able to return it a few days ago, and it should have arrived at its destination today. If all goes well I'll be able to choose another one in just a few days!

Polish_20220714_121754649.jpg

Another bit of good news is I now have quite a good loaner computer with which I can continue to work with Arch Linux until my replacement computer arrives! It's a great system, though several keyboard keys don't work. Luckily I have an external keyboard, so I make it work. I'm just super grateful to have a suitable system to continue working with Linux in general, and Arch specifically!

Polish_20220714_121754649.jpg

In this week's issue of Let's Learn Linux! I'll be explaining and going over Linux Permissions, the core of the Linux-security model. This is a very large subject, so in this post I'm only going to cover the basic aspects of how this system works, and why it is so useful. I'll save more in-depth explanations for future posts.

Polish_20220714_121754649.jpg

Every file and directory in a Linux system has specific read, write, and execute permissions that differ between various users, groups, and other accounts not belonging to either. For example, any particular file or directory/folder will have user, group, and other permissions.

Polish_20220714_121754649.jpg

When permissions to perform a certain action (read, write, or execute) are verified, first the user account is checked to see if it owns the file/directory, if it does, then no further checks are performed, as it would have full read, write, and execute permissions. If the account attempting to perform an action (read, write, execute) does not own the file or directory, then it is checked whether the user belongs to the group that has at least read, and maybe write and execute permissions. Group-level access may be restricted to just read, or read and write, with execute very often restricted. The other level is for accounts not belonging to either the user or group categories, and hence it will have the most restricted permussions.

Polish_20220714_121631044.jpg

Every file and directory has:

User Permissions 
+Read/+Write/+Execute - The owner of a file or folder usually has full read, write, and execute permissions

Group Permissions 
+Read/+Write/+|-Execute - The group level will also usually have read and write access, with execute access sometimes restricted

Other Permissions 
+|-Read/-Write/-Execute - The other level usually, though not always, has at least read access, though write and execute access are usually restricted

Polish_20220714_121631044.jpg

At this point I should explain the difference between a regular user account and the root account. When you create a user account on a Linux system, it will have full read, write, and execute permissions for its specific home directory. When a user attempts to write, modify, move, or delete a file or folder outside its specific home directory, it will be unable to do so, as it does not have the necessary permissions. The same will occur if a user attempts to run certain commands in a terminal. Without the necessary permissions, certain things are not allowed.

Polish_20220714_121754649.jpg

The root account, which is the very first account created in any Linux system, has the ability to perform any action (read, write, execute) on any file and any folder of the system. This is the reason that regular user accounts operate with restricted access, so that they cannot irreparably damage the system without knowing it. Regular user accounts do have the ability to elevate their permissions if necessary, however.

Polish_20220714_121754649.jpg

Appending sudo before any root-level command in a terminal, and then entering the root password, will temporary allow a regular user account to execute root commands. Entering sudo su into a terminal, and again entering the root password, will give full root access in that terminal, so that any command entered will be executed with root permissions. Because of this is absolutely essential that one knows what he or she is doing.

Polish_20220714_121754649.jpg

On my own systems I always have a terminal open with usually four tabs - two tabs for regular user-level commands, and two root-level tabs to perform root commands. I've done it this way for years, and it works for me, as I'm very careful what I'm doing in which tab. I would not suggest this setup, however, for someone just learning how to do things in a Linux system.

Polish_20220714_121754649.jpg

Before I wrap up this post, I'd like to explain one special case where a root account could have restricted permissions.

Polish_20220714_121631044.jpg

If you run the following in a root terminal (in the same directory as the <file> acted upon):

chattr +i <file>

Then even the root account would not be able to modify the file, as this command makes the file immutable. The only way to make it editable once again would be to run the following in a root terminal:

chattr -i <file>

This turns off the immutable flag. 

Polish_20220714_121631044.jpg

OK, I think that's a good place to stop for the moment. This is enough information to digest for one post. I hope that the information provided is clear, understandable, interesting, and engaging! If not, I'll modify how I'm presenting it. That's all for now! Until next week! ๐Ÿ˜ ๐Ÿ™ ๐Ÿ’š โœจ ๐Ÿค™

Polish_20220714_121754649.jpg

All images were taken with my Motorola G Power Android Phone or are screen shots from my laptop.

Polish_20220714_121551463.jpg

Thank you all so much who have helped me get to where I am today, and allowing me to share more of the beauty and magic from my life and my world with you, and for your continuous appreciation and support! I am truly deeply grateful! ๐Ÿ˜๐Ÿ™๐Ÿ’šโœจ๐Ÿค™

Polish_20220714_121551463.jpg

If you'd like to find me on other alternative platforms where I have accounts (I spend most of my time here on Hive), click on this signature image below to go to my LinkTree page.

Polish_20220714_123613996.png

If you'd like to send me a BTC Lighting Tip (made possible by the fantastic work of brianoflondon on @v4vapp), just scan the QR image below. ๐Ÿ‘‡

tydynrain.png

Sources
Signature image created by @doze, and the dividers made by @thepeakstudio, with all tweaked to their present form by me.

Banner image created by me using Polish, with the Arch Linux logo converted into ASCII art, and Tux the Linux Peguin created by Larry Ewing.

Polish_20220714_121452303.jpg



0
0
0.000
14 comments
avatar

Love Linux!

0
0
0.000
avatar

That's so great to hear! Me too, obviously! Linux is amazingballs! ๐Ÿ˜ ๐Ÿ™ ๐Ÿ’š โœจ ๐Ÿค™

0
0
0.000
avatar

Sure is!!! Been working on it for like... Ages! My first distro was Yggdrasil Linux :-D Even did my part in the Linux Core development (not kernel)!

0
0
0.000
avatar
(Edited)

That's brilliant! I remember that distro! I started in the fall of 2011 with Ubuntu, which I used for six years, then once I gave Arch a try in 2017, it was a done deal for me, and I've been rocking it ever since! I still want to be able to contribute to both Linux in general and Arch Linux! ๐Ÿ˜ ๐Ÿ™ ๐Ÿ’š โœจ ๐Ÿค™

0
0
0.000
avatar

Have installed it on a test computer a while ago, Arch, but never really used it. I started wit Yggdrasil, then Suse for many many years :-) after that I went to Ubuntu, but always with Gnome on it. Nowadays I tend to use Mint or Centos.

0
0
0.000
avatar
(Edited)

I've explored and experimented with many distros over time. Arch just fit my personality and proclivities! For me, while I appreciate all expressions of Linux, none can compare to Arch! Every crazy-ass thing that I've attempted to do I could do in Arch! All three of my Arch installations were installed more than five years ago, and the oldest is close to five and a half! Since it's a rolling release, it's just always up to date! ๐Ÿ˜ ๐Ÿ™ ๐Ÿ’š โœจ ๐Ÿค™

0
0
0.000
avatar

Sounds pretty impressive indeed! Maybe I should give Arch another deeper look ;-)
I mostly started using Centos because it was used on most of the jobs where I had to work with Linux.

0
0
0.000
avatar

It's exciting stuff! Yes, it's quite worth it I'd say! Centos is a great, solid distro, which is why it's used in business so often! It's not very up to date though! Here's a little to chew on from the Arch Wiki that I've always deeply appreciated:

Arch Linux

About Arch Linux
Arch Linux is an independently developed, x86-64 general purpose GNU/Linux distribution versatile enough to suit any role. Development focuses on simplicity, minimalism, and code elegance. Arch is installed as a minimal base system, configured by the user upon which their own ideal environment is assembled by installing only what is required or desired for their unique purposes. GUI configuration utilities are not officially provided, and most system configuration is performed from the shell by editing simple text files. Arch strives to stay bleeding edge, and typically offers the latest stable versions of most software.

Arch Linux uses its own Pacman package manager, which couples simple binary packages with an easy-to-use package build system. This allows users to easily manage and customize packages ranging from official Arch software to the user's own personal packages to packages from 3rd party sources. The repository system also allows users to easily build and maintain their own custom build scripts, packages, and repositories, encouraging community growth and contribution.

The minimal Arch base package set resides in the streamlined [core] repository. In addition, the official [extra], [community], and [testing] repositories provide several thousand high-quality packages to meet your software demands. Arch also offers the Arch Linux User Repository (AUR), which contains more than 49,000 build scripts, for compiling installable packages from source using the Arch Linux makepkg application.

Arch Linux uses a "rolling release" system which allows one-time installation and perpetual software upgrades. It is not generally necessary to reinstall or upgrade your Arch Linux system from one "version" to the next. By issuing one command, an Arch system is kept up-to-date and on the bleeding edge.

Arch strives to keep its packages as close to the original upstream software as possible. Patches are applied only when necessary to ensure an application compiles and runs correctly with the other packages installed on an up-to-date Arch system.

To summarize: Arch Linux is a versatile, and simple distribution designed to fit the needs of the competent Linuxยฎ user. It is both powerful and easy to manage, making it an ideal distro for servers and workstations. Take it in any direction you like. If you share this vision of what a GNU/Linux distribution should be, then you are welcomed and encouraged to use it freely, get involved, and contribute to the community. Welcome to Arch!

Arch Linux is an independently developed, x86-64 general-purpose GNU/Linux distribution that strives to provide the latest stable versions of most software by following a rolling-release model. The default installation is a minimal base system, configured by the user to only add what is purposely required.

Principles

Simplicity
Arch Linux defines simplicity as without unnecessary additions or modifications. It ships software as released by the original developers (upstream) with minimal distribution-specific (downstream) changes: patches not accepted by upstream are avoided, and Arch's downstream patches consist almost entirely of backported bug fixes that are obsoleted by the project's next release.

In a similar fashion, Arch ships the configuration files provided by upstream with changes limited to distribution-specific issues like adjusting the system file paths. It does not add automation features such as enabling a service simply because the package was installed. Packages are only split when compelling advantages exist, such as to save disk space in particularly bad cases of waste. GUI configuration utilities are not officially provided, encouraging users to perform most system configuration from the shell and a text editor.

Modernity
Arch Linux strives to maintain the latest stable release versions of its software as long as systemic package breakage can be reasonably avoided. It is based on a rolling-release system, which allows a one-time installation with continuous upgrades.

Arch incorporates many of the newer features available to GNU/Linux users, including the systemd init system, modern file systems, LVM2, software RAID, udev support and initcpio (with mkinitcpio), as well as the latest available kernels.

Pragmatism
Arch is a pragmatic distribution rather than an ideological one. The principles here are only useful guidelines. Ultimately, design decisions are made on a case-by-case basis through developer consensus. Evidence-based technical analysis and debate are what matter, not politics or popular opinion.

The large number of packages and build scripts in the various Arch Linux repositories offer free and open source software for those who prefer it, as well as proprietary software packages for those who embrace functionality over ideology.

User centrality
Whereas many GNU/Linux distributions attempt to be more user-friendly, Arch Linux has always been, and shall always remain user-centric. The distribution is intended to fill the needs of those contributing to it, rather than trying to appeal to as many users as possible. It is targeted at the proficient GNU/Linux user, or anyone with a do-it-yourself attitude who is willing to read the documentation, and solve their own problems.

All users are encouraged to participate and contribute to the distribution. Reporting and helping fix bugs is highly valued and patches improving packages or the core projects are very appreciated: Arch's developers are volunteers and active contributors will often find themselves becoming part of that team. Archers can freely contribute packages to the Arch User Repository, improve the ArchWiki documentation, provide technical assistance to others or just exchange opinions in the forums, mailing lists, or IRC channels. Arch Linux is the operating system of choice for many people around the globe, and there exist several international communities that offer help and provide documentation in many different languages.

Versatility
Arch Linux is a general-purpose distribution. Upon installation, only a command-line environment is provided; rather than tearing out unneeded and unwanted packages, the user is offered the ability to build a custom system by choosing among thousands of high-quality packages provided in the official repositories for the x86-64 architecture.

Arch is a rolling-release model backed by pacman, a lightweight, simple and fast package manager that allows for continuously upgrading the entire system with one command. Arch also provides the Arch Build System, a ports-like system to make it easy to build and install packages from source, which can also be synchronized with one command. In addition, the Arch User Repository contains many thousands of community-contributed PKGBUILD scripts for compiling installable packages from source using the makepkg application. It is also possible for users to build and maintain their own custom repositories with ease.

History
The Arch community has grown and matured to become one of the most popular and influential Linux distributions, also testified by the attention and review received over the years.

Arch developers remain unpaid, part-time volunteers, and there are no prospects for monetizing Arch Linux, so it will remain free in all senses of the word. Those curious to peruse more detail about Arch's development history can browse the Arch entry in the Internet Archive Wayback Machine and the Arch Linux News Archives.

The early years
Judd Vinet, a Canadian programmer and occasional guitarist, began developing Arch Linux in early 2001. Its first formal release, Arch Linux 0.1, was on March 11, 2002. Inspired by the elegant simplicity of Slackware, BSD, PLD Linux and CRUX, and yet disappointed with their lack of package management at the time, Vinet built his own distribution on similar principles as those distros. But, he also wrote a package management program called pacman, to automatically handle package installation, removal, and upgrades.

The middle years
The early Arch community grew steadily, as evidenced by this chart of forum posts, users, and bug reports. Moreover, it was from its early days known as an open, friendly, and helpful community.

Birth of the ArchWiki
On 2005-07-08 the ArchWiki was first set up on the MediaWiki engine.

The dawning of the age of A. Griffin
In late 2007, Judd Vinet retired from active participation as an Arch developer, and smoothly transferred the reins over to American programmer Aaron Griffin, also known as Phrakture.

Arch Install Scripts
The 2012-07-15 release of the installation image deprecated the menu-driven Arch Installation Framework (AIF) in favor of the Arch Install Scripts (arch-install-scripts).

The systemd era
Between 2012 and 2013 the traditional System V init system was replaced by systemd.

Drop of i686 support
On 2017-01-25 it was announced that support for the i686 architecture would be phased out due to its decreasing popularity among the developers and the community. By the end of November 2017, all i686 packages were removed from the mirrors.

Review of Project Leader role and election
At the start of 2020, in a team effort the Arch Linux staff devised a new process for determining future leaders, documented in DeveloperWiki:Project Leader.

As Aaron Griffin had decided to step down from his role, a poll was held to elect a new person to replace him, and on 2020-02-24 its results were published, making the election of Levente Polyak official.

https://archlinux.org

0
0
0.000
avatar

Centos is solid indeed, and slow with updates, which is often a good thing for big (and slow) companies :-)
Looking into Arch as we speak! I think I will fire up a virtual machine first to play around with it!

0
0
0.000
avatar

Hehe...indeed! That's what I love about the Linux world - there's a distro to suite everyone! Yay, wonderful! I can't wait to hear what you think! The command-line installation is quite easy, once you understand the steps. Once the base system is installed, you can turn it into anything that you'd like! There are also other community binary repositories, as well as the AUR. You can choose to install pretty much anything via binaries or building from source to suite your needs. If you have any questions, I'm happy to help! ๐Ÿ˜ ๐Ÿ™ ๐Ÿ’š โœจ ๐Ÿค™

0
0
0.000
avatar

I am crazy about linux. If it weren't for autocad, i wouldn't use the windows system anymore

0
0
0.000