What command (include the full syntax) would you use to change access control for the group to read, write and execute. chmod g+rwx Explanation: This command gives access to everyone in the same group as the file to owner to read, write and execute

 

 

Question 1: What command (include the full syntax) would you use to change access control for the group to read, write and execute.

 

chmod g+rwx <files/directory>

 

Explanation: This command gives access to everyone in the same group as the file to owner to read, write and execute

 

Question 2: How would you grant full access only to Test user1 and test user2 to the directory students?

 

This can be done in 4 steps

 

1. 1.Create a new group named teststudents

sudo groupadd teststudents

1. 2.Add the users testuser1 and testuser2 to teststudents

sudo adduser testuser1

sudo adduser testuser2

usermod -aG teststudents testuser1

usermod -aG teststudents testuser2

1. 3.Change the owner of students directory to teststudents group

sudo chown testuser1:teststudents students

or

sudo chown testuser2:teststudents students

1. 4.Change the permission to only groups

sudo chmod 070 students

 

Question 3: explain the effect of the command chmod 777 text4 on the file text4 (if necessary, use the man command

Explanation: chmod sets the permissions for a file based on the values we provide in the mode field

 

It is an octal number. Here, first field means value for users, second field means value for groups and third field means value for others

7 means full access: read, write and execute

1 means execute

4 means write

6 means read

 

Thus, 777 will give full access(read, write and execute) on text4 file to everyone in the system

 

 

Question 4: Examine the following extract from a shadow file:

What is the encryption algorithm used for the /etc/shadow file?

 

The hashfile algorithm can be determined by the starting of 2^nd filed (after first colon) of the shadow file

 

It can be one of these:

$1: MD5 hashing algorithm

$2: Blowfish Algorithm

$3: Eksblowfish Algorithm

$4: NT hashing algorithm

$5: SHA-256 Algorithm

$6: SHA-512 Algorithm

 

Question 5: Refer to the same shadow file extract. What is the status of the gnome-initial-setup account?

The account has been disabled

More information can be found here:

https://www.tldp.org/LDP/lame/LAME/linux-admin-made-easy/shadow-file-formats.html

We can view the shadow file extract using this command

sudo cat /etc/shadow | grep gnome

 

 

 

 

Question 6: Refer to the same shadow file extract. When will user1 and user2 have to change passwords.

 

This is the output of user1 in shadow file using the above command:

 

 

testuser1:$6$8om5avuh$8X/p04ogp.MyWXXkax88XkUIFy56JSUFUb5Csvp20XIkZ6zZoL2b67w9jWJCNguFaPxpd2YOAX9laZOzsOJ0V1:18338:0:99999:7:::

 

This means that password must be changed (99999 indicates user can keep his or her password unchanged for many, many years) Please refer the same url for this shadow file format

 

 

Question 7: Explain how did you verify if user1 and user2 have read, write, and execute access to the directory students content.

We can simly check that others cannot access the file/folder using the below account from their account. We get permission denied

cat <somefile>

or

ls students

Then we can run the same command by logging in from testuser1 or testuser2 account and we should be able to see contents or list the directory

 

Another way to check would be to do

ls -la students

on the terminal which would show us the permission bits and owner and group of the directory.