Changelog:
- 3 Feb 2023: describe how to make directory accessible to another user on portal; correct link to permissions reading
- 7 Feb 2023: fix typo of
/localtemp
for/localtmp
- 7 Feb 2023: add footnote regarding not working with a partner
Creating, renaming, removing, opening, reading from, writing to, and executing files can only be done the operating system. As such, the OS gets to decide when to approve a request to do one of these things and when to reject it. Although not all OSs use the same system, the POSIX standard defines a set of file permissions that are commonly used.
Work, ideally with a partner1, to achieve the following:
Answer the first question about converting from a letter permission to numeric permission or vice-versa on the answer sheet.
Create a directory either:
- in your home directory, or
- in
/localtmp
on the portal machines. (/bigtemp
will not work, it does not support ACLs.) Do each of the following steps in that directory.
Make sure the directory is accessible to your partner. Use
chmod
orsetfacl
to set permissions on the directory.If it is in your home directory, then by default the permissions on your home directory disallow access to anything inside it, even if those files or directories are themselves set to allow access. You can change this with something like
chmod og+x /u/COMPUTING-ID
(On directories,x
issearch
permission; which allows accessing files within the direcgtory if you know their names).If it is in
/localtmp
, make sure you are on the same portal backend machine, like you did for the signals lab.
Create a directory
dir
with a filefoo
and a filebaz
where you canls
andcat
freely, but your partner finds thatls dir
refuses to runcat dir/foo
workscat dir/baz
refuses to run
Create a file
shared.txt
and set its access control list so that- you can read and write it
- your partner can read it
- other users (including TAs) cannot do either one
Make a file
simple.sh
which can be run both bybash simple.sh
and./simple.sh
containing bash commands that- appends a line containing the current day and time to file
simple_runs
- reports how many lines
simple_runs
contains (See the section of the reading on executable text files.)
- appends a line containing the current day and time to file
Determine which of the following are possible to achieve and write your answers (with a brief explanation) on the answer sheet:.
cat xyxxy
works butecho 'hi' >> xyxxy
does notecho hi >> xyxxy
works butcat xyxxy
does not./xyxxy
works butcat xyxxy
does not./xyxxy
works butecho hi >> xyxxy
does not
Either:
- check off your lab completion with a TA, or
- from your home directory, run
tar --acls -cvf permissions-lab.tar BASE-DIRECTORY
whereBASE-DIRECTORY
is the directory you created for everything in the lab. Then uploadpermissions-lab.tar
to the submission site.
The information needed to achieve these goals is explained in the reading on permissions. We recommend you read it in full, discussing it with a partner and asking clarifying questions of TAs as you go, then return to the tasks above.
If you don’t work with a partner, you may use the username
nobody
in place of what would be your partner’s username. But you won’t be able to verify that some of your permissions settings work, which is why I would very strongly recommend having a partner.↩︎