OS Lab

Managing Linux Software, Users &

Groups and Ownership and
Permissions.
Week 3
01
Managing Linux Software
Updating, Upgrading and Installing Softwares
 Managing Linux Software
If we spend any time in the Linux community, we hear many opinions as to which of the many Linux
distributions is “best.” Often, these discussions get really silly, focusing on such things as the prettiness of the
desktop background (some people won't use Ubuntu because of its default color scheme!) and other trivial
matters.

Package management is a method of installing and maintaining software on the system. Today, most
people can satisfy all of their software needs by installing packages from their Linux distributor. This contrasts
with the early days of Linux, when one had to download and compile source code to install software. There
isn’t anything wrong with compiling source code; in fact, having access to source code is the great wonder of
Linux. It gives us (and everybody else) the ability to examine and improve the system. It's just that having a
precompiled package is faster and easier to deal with.

Packaging Systems
Different distributions use different packaging systems, and as a general rule, a package intended for one
distribution is usually not compatible with another distribution.

Most distributions fall into one of two camps of packaging technologies: the Debian .deb camp and the Red
Hat .rpm camp.
 Managing Linux Software
Package Files
The basic unit of software in a packaging system is the package file. A package file is a compressed collection
of files that comprise the software package. A package may consist of numerous programs and data files that
support the programs. In addition to the files to be installed, the package file also includes metadata about
the package, such as a text description of the package and its contents.

Repositories
While some software projects choose to perform their own packaging and distribution, most packages today
are created by the distribution vendors and interested third parties. Packages are made available to the users
of a distribution in central repositories that may contain many thousands of packages, each specially built and
maintained for the distribution.

Dependencies
Programs are seldom “standalone”; rather they rely on the presence of other software components to get
their work done. Common activities, such as input/output for example, are handled by routines shared by
many programs. These routines are stored in what are called shared libraries, which provide essential services
 Managing Linux Software
High and Low-level Package Tools
Package management systems usually consist of two types of tools:

1. Low-level tools which handle tasks such as installing and removing package files
2. High-level tools that perform metadata searching and dependency resolution

Distributions Low-Level Tools High-Level Tools

Debian style dpkg apt, apt-get, aptitude

Fedora, Red Hat

rpm yum, dnf
Enterprise Linux, CentOS
 Command: dpkg
dpkg is a package manager for Debian, Ubuntu and many other Linux distro. It is
used to install/manage individual packages.

Syntax:
dpkg [options] [package]

Different functionalities of useradd command :

● Install the package: dpkg -i [.deb package]

● Upgrade package if it is installed else install a fresh copy of package:

dpkg -i [.deb package]

● List all installed packages, along with package version and short
description : dpkg -l

● Remove/Delete an installed package except configuration files: dpkg -r

[package]

● Remove/Delete everything including configuration files: dpkg -P

[package]
 Command: apt
apt provides a high-level CLI (Command Line Interface) for the package
management system.

Syntax:
apt [options] [package]

Different functionalities of useradd command :

● Update package information from all configured sources: apt update

● Install available upgrades of all packages currently installed on the

system: apt upgrade

● Install a new package : apt install <package_name>

● Remove a package : apt remove <package_name>

● Remove/Delete everything including configuration files: apt purge

<package_name>
Questions?
02
Managing Linux Users and
Groups
Managing a multi-user operating system.
 Managing Linux Users and
Groups
Linux is a multiuser system, so it has many user accounts. Even if you’ve set up a test machine and you’re
the only user using that system, you’ll have a host of system user accounts. Most of these accounts aren’t for
people to use; they’re for running specific programs, because many servers require a unique username and
group name. The FTP server, for example, runs under the username ftp.

User accounts can belong to one or more groups. Typically, each username has a corresponding private group
name. By default, each user belongs to that corresponding private group, but you can define other groups for
the purpose of providing access to specific files and directories based on group membership.

User and group ownerships of files ensure that only the right people (or the right processes) can access
certain files and directories. Managing the user and group accounts is a typical task in system administration.
It’s not hard to do this part of the job, given the tools that come with Linux, as you discover in this chapter.
 Important files

/etc/passwd /etc/shadow /etc/group

contains the attributes of contains encrypted defines the groups to which
each user or account the password as well as other users belong to, which
system. The permissions information such as account allows additional abilities to
for /etc/passwd are by or password expiration be delegated in an
default set so that it is values, etc. The /etc/shadow organized fashion, such as
world readable, that is, so file is readable only by the access to disks, printers,
that it can be read by any root account and other peripherals, as
user on the system well as delegating some
administrative tasks to
normal users.
 Command: useradd
useradd is a command used to create a new user or update default new user
information

Syntax:
useradd [options]

Different functionalities of useradd command :

● Create a new user on the system: useradd username

● Create user and with home directory: sudo useradd -m username

● Create new user then add the user to the specified group: useradd -G
newGroup

● Create a user with a short description about it (usually used for the
full name : useradd -c Example
 Command: passwd
passwd command in Linux is used to change the user account passwords. The root
user reserves the privilege to change the password for any user on the system, while
a normal user can only change the account password for his or her own account.

Syntax:
passwd [options] [username]

Different functionalities of passwd command :

● Change logged in user password: passwd

● Change other user’s password: sudo passwd user_name

● Change root password: sudo passwd root

 Command: usermod
usermod is a command used to modify existing users on the system.

Syntax:
usermod [options] [username]

Different functionalities of usermod command :

● Add user to existing group: usermod -a -G administrators user

● Lock the user’s password, preventing it from being used for login:
usermod -L user

● Unlock the user’s password if locked with -L : usermod -U user

 Command: userdel
userdel is a command used to delete a user account and related files.

Syntax:
userdel [options] [username]

Different functionalities of userdel command :

● Delete a user from the system: userdel user

● Delete a user account from the system and remove the user’s home
directory: userdel -r user

● Force delete a user account even in the account is logged in, implies -
f : userdel -f user
 Command: su
su is a command used to switch to another user.

Syntax:
su [options] [username]

Different functionalities of userdel command :

● Switch to another user: su user

● Switch to another user with the new user default login environment:
su - user

● Switch to root user : su

 Commands:
groupadd & groupdel
groupadd is a command used to create new groups on the system.

Syntax:
groupadd [options] [group name]

Different functionalities of groupadd command :

● Add a new group to the system: groupadd newGroup

groupdel is a command used to delete groups on the system.

Syntax:
groupdel [group name]

Different functionalities of groupdel command :

Delete a group from the system: groupdel newGroup

Questions?
03
Managing Ownership and
Permissions
Who can do what exactly?
 Managing Ownership and
Permissions
Operating systems in the Unix tradition differ from those in the MS-DOS tradition in that they are not only
multitasking systems, but also multi-user systems.

What exactly does this mean? It means that more than one person can be using the computer at the same
time. While a typical computer will likely have only one keyboard and monitor, it can still be used by more
than one user. For example, if a computer is attached to a network or the Internet, remote users can login via
ssh (secure shell) and operate the computer.

The multi-user capability of Linux is not a recent "innovation," but rather a feature that is deeply embedded
into the design of the operating system. Considering the environment in which Unix was created, this makes
perfect sense.

Years ago, before computers were "personal," they were large, expensive, and centralized. A typical university
computer system, for example, consisted of a large central computer located in one building and terminals
that were located throughout the campus, each connected to the large central computer. The computer would
support many users at the same time. To make this practical, a method had to be devised to protect the users
from each other. After all, the actions of one user could not be allowed to crash the computer, nor could one
user interfere with the files belonging to another user.
 Owners, Group Members, and
Everybody Else
In the Unix security model, a user may own files and directories. When a user owns a file or directory, the user
has control over its access. Users can, in turn, belong to a group consisting of one or more users who are
given access to files and directories by their owners. In addition to granting access to a group, an owner may
also grant some set of access rights to everybody, which in Unix terms is referred to as the world.

When user accounts are created, users are assigned a number called a user ID (uid) which is then, for the
sake of the humans, mapped to a username. The user is assigned a primary group ID (gid) and may belong to
additional groups.

User accounts are defined in the /etc/passwd file and groups are defined in the /etc/group file. When user
accounts and groups are created, these files are modified along with /etc/shadow which holds information
about the user's password. For each user account, the /etc/passwd file defines the user (login) name, uid, gid,
account's real name, home directory, and login shell. If we examine the contents of /etc/passwd and
/etc/group, we notice that besides the regular user accounts, there are accounts for the superuser (uid 0) and
various other system users.

While many Unix-like systems assign regular users to a common group such as “users”, modern Linux
practice is to create a unique, single-member group with the same name as the user. This makes certain
types of permission assignment easier.
 Reading, Writing, and Executing
Access rights to files and directories are defined in terms of read access, write access, and execution access.

If we look at the output of the ls command, we can get some clue as to how this is implemented:

root@lwd:/tmp# ls -l file1.txt
-rw-r--r-- 1 root root 0 Oct 13 22:41 file1.txt

The first 10 characters of the listing are the file attributes. The first of these characters is the file type (File,
Directory, Symbolic Link, Character Special file or block special file)

The remaining nine characters of the file attributes, called the file mode, represent the read, write, and
execute permissions for the file's owner, the file's group owner, and everybody else.

Owner Group Others

rwx rwx rwx

 Reading, Writing, and Executing

Attribut
Files Directories
e

Allows a directory's contents to be

r Allows a file to be opened and read. listed if the execute attribute is also
set.

Allows a file to be written to or

truncated, however this attribute does
Allows files within a directory to be
not allow files to be renamed or
w created, deleted, and renamed if
deleted. The ability to delete or rename
the execute attribute is also set.
files is determined by directory
attributes.

Allows a file to be treated as a program Allows a directory to be entered,

x
and executed. e.g., cd directory.
 Command: chmod
In Unix-like operating systems, the chmod command is used to change the access
mode of a file.
The name is an abbreviation of change mode.

Syntax:
chmod [reference][operator][mode] file...

Different functionalities of chmod command :

● Let’s change the file.txt permission so that the owner cannot write(w)
in the file but can only read it: chmod u=r file.txt

● Let’s restrict the permission such that the user cannot search the
directory CLASS: chmod u=rw CLASS

● Let’s change the file.txt permission so that the owner can execute it:
chmod u+x file.txt

● Let’s give owner full permissions on file.txt will limiting the group and
others to read only: chmod 744 file.txt
Command: chmod
 Command: chown
chown command is used to change the file Owner or group. Whenever you want to
change ownership you can use chown command.

Syntax:
chown [OPTION]… [OWNER][:[GROUP]] FILE…

Different functionalities of chown command :

● To change owner of the file: chown owner_name file_name

● To Change group ownership: chown :group_name file_name

● To change the owner as well as group: chown owner_name:group_name

file_name

● To copy ownership of one file to another: chown --reference=file_name_1

file_name_2
Questions?