waldek
/
linux_introduction
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

reached end for first time

This commit is contained in:
waldek 2022-05-16 14:51:16 +02:00
parent 5c2efffd1d
commit e5a50253e0
1 changed files with 93 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
essential/introduction_to_administration.md
View File

@ -503,10 +503,80 @@ More information of the sections can be found via `man man` where the table belo
|8 | System administration commands (usually only for root) | |8 | System administration commands (usually only for root) |
|9 | Kernel routines [Non standard] | |9 | Kernel routines [Non standard] |
## Changing ownership
Each file or folder in Linux has one **owner** and one **group**.
When you create a new file or folder, the owner will be you and the group will be your [primary group](https://www.cyberciti.biz/faq/howto-linux-add-user-to-group/).
*Most* of the time this will default to your username for both user and group.
We can however change the owner and the group of a file of folder.
This is done with `chown`, ch(ange)own(ership).
Let's try this out.
```
waldek@debian:~$ touch waldek_file
waldek@debian:~$ ls -l
total 0
-rw-r--r-- 1 waldek waldek 0 May 16 14:37 waldek_file
waldek@debian:~$ tail -1 /etc/passwd
ilies:x:1002:1002:,,,:/home/ilies:/bin/bash
waldek@debian:~$ chown ilies:ilies waldek_file
chown: changing ownership of 'waldek_file': Operation not permitted
waldek@debian:~$ su - ilies
Password:
ilies@debian:~$ cd /home/waldek/
ilies@debian:/home/waldek$ ls
waldek_file
ilies@debian:/home/waldek$ chown ilies:ilies waldek_file
chown: changing ownership of 'waldek_file': Operation not permitted
ilies@debian:/home/waldek$ exit
logout
waldek@debian:~$
```
No matter *who* we are we can't change the ownership of this file!
We can however perform this action **as administrator**.
[Why](https://unix.stackexchange.com/questions/27350/why-cant-a-normal-user-chown-a-file) is this so?
It would be a pretty big security issue if *I* could just claim files owned by `ilies` or vice versa.
So, with `sudo` we can do it as follows.
```
waldek@debian:~$ ls -l
total 0
-rw-r--r-- 1 waldek waldek 0 May 16 14:37 waldek_file
waldek@debian:~$ sudo chown ilies:ilies waldek_file
waldek@debian:~$ ls -l
total 0
-rw-r--r-- 1 ilies ilies 0 May 16 14:37 waldek_file
waldek@debian:~$ echo "hello world" > waldek_file
-bash: waldek_file: Permission denied
waldek@debian:~$ sudo chown ilies:waldek waldek_file
waldek@debian:~$ ls -l
total 0
-rw-r--r-- 1 ilies waldek 0 May 16 14:37 waldek_file
waldek@debian:~$ echo "hello world" > waldek_file
-bash: waldek_file: Permission denied
waldek@debian:~$ sudo chmod 660 waldek_file
waldek@debian:~$ ls -l
total 0
-rw-rw---- 1 ilies waldek 0 May 16 14:37 waldek_file
waldek@debian:~$ echo "hello world" > waldek_file
waldek@debian:~$ cat waldek_file
hello world
waldek@debian:~$ su steve
Password:
steve@debian:/home/waldek$ cat waldek_file
cat: waldek_file: Permission denied
steve@debian:/home/waldek$
```
## `umask`
TODO
## Essential programs ## Essential programs
Below is a small list of often used programs when dealing with file permissions. Below is a small list of often used programs when dealing with file permissions.
We'll go a into detail on some of them right after. I highly recommend you to read the manuals of each one.
| name | description | | name | description |
| --- | --- | | --- | --- |
@ -519,10 +589,10 @@ We'll go a into detail on some of them right after.
| `su` | run a command with substitute user and group ID | | `su` | run a command with substitute user and group ID |
| `sudo` | execute a command as another user | | `sudo` | execute a command as another user |
## Changing ownership
# Remote control of a server # Remote control of a server
TODO
## History ## History
[Here](https://www.jeffgeerling.com/blog/brief-history-ssh-and-remote-access) you have a nice article on the history of remote shells. [Here](https://www.jeffgeerling.com/blog/brief-history-ssh-and-remote-access) you have a nice article on the history of remote shells.
@ -536,5 +606,25 @@ We use [ssh](https://en.wikipedia.org/wiki/Secure_Shell) now!
## SSH and SFTP ## SSH and SFTP
TODO
# Bandit # Bandit
You now have enough comprehension of Linux to play a [wargame](https://en.wikipedia.org/wiki/Wargame_(hacking)).
Over at [over the wire](https://overthewire.org/wargames/) there are quite a few very good wargames to solidify your knowledge of the command line, the Linux kernel, web exploits, among others.
We'll start off with [bandit](https://overthewire.org/wargames/bandit/).
> The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. If you notice something essential is missing or have ideas for new levels, please let us know!
It's a game you play over `ssh` which drops you in a `bash` shell where the goal is to find the password for the next level.
Once you find the password you can log out and back in as the next user.
The entire game revolves around permissions.
This is the cycle:
1. log **in** as user `banditX` to the server
1. **find** the hidden password for the user `banditX+1`
1. log **out** of the server
1. **save** the password locally in a text file
1. log **in** as user `banditX+1` to the server
1. rinse, repeat and *enjoy*