1 00:00:00,000 --> 00:00:04,400 [Intro Music] 2 00:00:04,410 --> 00:00:05,700 Let's guys now talk about 3 00:00:05,700 --> 00:00:07,980 permissions. And I'll explain you 4 00:00:07,980 --> 00:00:10,230 what is permission, and how to 5 00:00:10,230 --> 00:00:12,090 modify permissions for a particular 6 00:00:12,090 --> 00:00:14,790 file or directory. And for example, 7 00:00:14,790 --> 00:00:16,920 here in this output for this file 8 00:00:16,950 --> 00:00:19,020 '3.txt', you see that 9 00:00:19,050 --> 00:00:20,730 owner of this file is 'bogdan', 10 00:00:20,730 --> 00:00:22,560 and group is 'bogdan', and 11 00:00:22,560 --> 00:00:25,230 here are permissions. First '-' means 12 00:00:25,230 --> 00:00:28,590 that here you see file. Next, three 13 00:00:28,620 --> 00:00:30,810 characters stand for permissions 14 00:00:30,810 --> 00:00:32,970 for particular user, in this 15 00:00:32,970 --> 00:00:35,460 case owner of the file, owner is 16 00:00:35,460 --> 00:00:37,800 'bogdan'. Next three characters 17 00:00:37,830 --> 00:00:40,110 stand for permissions for other 18 00:00:40,110 --> 00:00:42,390 users in the same group, in this 19 00:00:42,390 --> 00:00:44,160 case group is 'bogdan'. And 20 00:00:44,160 --> 00:00:46,230 finally, three last characters 21 00:00:46,290 --> 00:00:48,180 stand for permissions for all 22 00:00:48,210 --> 00:00:51,150 remaining users that don't belong 23 00:00:51,180 --> 00:00:54,030 to this particular group. That's 24 00:00:54,060 --> 00:00:56,310 our permissions. Great. Let's now 25 00:00:56,310 --> 00:00:57,990 quickly clean up this home 26 00:00:57,990 --> 00:01:00,180 directory for this particular user 27 00:01:00,210 --> 00:01:02,040 that we have created before, and 28 00:01:02,040 --> 00:01:04,700 let me remove those two files, 29 00:01:04,700 --> 00:01:06,800 1.txt, and 2.txt, and this 30 00:01:06,810 --> 00:01:09,510 folder 'tmp'; and I'll do that under 31 00:01:09,540 --> 00:01:12,300 'bogdan' account. And I will be 32 00:01:12,330 --> 00:01:15,150 able to do so because now I'm owner 33 00:01:15,180 --> 00:01:17,447 of those files, here you see 'bogdan' 34 00:01:17,447 --> 00:01:19,710 everywhere. Great. Let's use 35 00:01:19,740 --> 00:01:22,452 'rm' command. 'rm 1.txt', 36 00:01:22,452 --> 00:01:26,820 'rm 2.txt', and 'rm -r', 37 00:01:26,850 --> 00:01:30,180 recursive, 'tmp'. Actually, I was able 38 00:01:30,180 --> 00:01:32,250 to use just a single 'rm' command 39 00:01:32,370 --> 00:01:34,830 with multiple arguments. Type simply 40 00:01:34,860 --> 00:01:38,629 'rm -r tmp 1.txt 2.txt'. 41 00:01:38,629 --> 00:01:39,810 Alright, now 42 00:01:39,810 --> 00:01:42,480 I don't have any unnecessary files 43 00:01:42,480 --> 00:01:44,310 here in home directory for this 44 00:01:44,490 --> 00:01:46,920 user, and I see only some hidden 45 00:01:46,920 --> 00:01:50,340 files. Great. Now let's go back to 46 00:01:50,370 --> 00:01:52,800 root account and create new 47 00:01:52,800 --> 00:01:54,829 file in home directory for this 48 00:01:54,829 --> 00:01:57,840 'bogdan' user. Let's go out of here and 49 00:01:57,840 --> 00:02:00,180 here as the root user, let's 'touch', 50 00:02:00,210 --> 00:02:04,020 new file in the '/home/bogdan'; and 51 00:02:04,020 --> 00:02:07,080 let's name it 'new-file.txt', 52 00:02:07,170 --> 00:02:09,630 like so. And of course owner of 53 00:02:09,630 --> 00:02:12,600 this file will be now 'root' user. Let's 54 00:02:12,600 --> 00:02:15,150 verify that. Yes, here it is, 'root' 55 00:02:15,270 --> 00:02:18,030 is owner of this file, and here are 56 00:02:18,030 --> 00:02:20,730 permissions for this file. Only 57 00:02:20,790 --> 00:02:24,000 owner of this file is able to write 58 00:02:24,060 --> 00:02:27,330 this file to modify it. Great. Now 59 00:02:27,330 --> 00:02:29,250 let me demonstrate you how you are 60 00:02:29,250 --> 00:02:31,920 able to modify permissions for this 61 00:02:31,950 --> 00:02:34,110 particular 'new-file.txt' 62 00:02:34,380 --> 00:02:36,750 And recap that if you will try to 63 00:02:36,750 --> 00:02:39,390 write this file under other user, for 64 00:02:39,390 --> 00:02:40,800 example 'bogdan', you will 65 00:02:40,800 --> 00:02:43,260 definitely get an error, file is not 66 00:02:43,290 --> 00:02:45,480 writeable. Because of those 67 00:02:45,510 --> 00:02:47,850 permissions, it is not possible to 68 00:02:47,880 --> 00:02:50,640 write or execute this file by any 69 00:02:50,700 --> 00:02:53,640 other user that doesn't belong to 70 00:02:53,640 --> 00:02:56,010 'root' group. Before modifying 71 00:02:56,010 --> 00:02:58,530 permissions, let me explain you how 72 00:02:58,530 --> 00:03:00,090 permissions are actually 73 00:03:00,090 --> 00:03:03,600 represented. Again, there are three 74 00:03:03,630 --> 00:03:05,610 different blocks. Here's first 75 00:03:05,610 --> 00:03:08,220 block with three characters, here's 76 00:03:08,280 --> 00:03:10,410 second block three characters, and 77 00:03:10,440 --> 00:03:12,870 last block with three characters. 78 00:03:13,200 --> 00:03:14,700 And actually, we're able to 79 00:03:14,700 --> 00:03:16,770 represent every block with three 80 00:03:16,770 --> 00:03:19,440 characters using binary format, 81 00:03:19,890 --> 00:03:22,530 with zeros and ones. And for 82 00:03:22,530 --> 00:03:24,690 example, if I want to represent 83 00:03:24,720 --> 00:03:26,700 these three characters, I could 84 00:03:26,700 --> 00:03:31,380 simply type 1, 1, and 0; read, 85 00:03:31,590 --> 00:03:35,430 write, and not execute. I could 86 00:03:35,430 --> 00:03:37,680 represent those three characters 87 00:03:37,860 --> 00:03:43,620 using such combination 100. 1 stands 88 00:03:43,620 --> 00:03:46,830 for allow read, 0 stands for deny 89 00:03:46,830 --> 00:03:49,110 write, and this 0 stands for 90 00:03:49,140 --> 00:03:52,020 deny execution. Three different 91 00:03:52,050 --> 00:03:55,650 binary numbers 0 and 1. And 92 00:03:55,650 --> 00:03:58,230 now let's try to convert those 93 00:03:58,260 --> 00:04:01,500 three binary numbers into decimal 94 00:04:01,500 --> 00:04:04,050 format. Do you know how to convert 95 00:04:04,050 --> 00:04:05,970 a binary number to decimal number? 96 00:04:06,570 --> 00:04:08,970 It is very simple. In this case, we 97 00:04:09,000 --> 00:04:12,300 need to do add powers of two 98 00:04:12,360 --> 00:04:15,480 multiplied by 0 or 1. Let me 99 00:04:15,480 --> 00:04:17,970 show you. In this case formula will 100 00:04:17,970 --> 00:04:21,180 be following 1 multiplied by 2 101 00:04:21,420 --> 00:04:24,899 to power of 2, plus 0 102 00:04:25,019 --> 00:04:28,560 multiplied by 2 to power of 1, 103 00:04:29,010 --> 00:04:33,120 plus 0 multiplied by 2 to 104 00:04:33,120 --> 00:04:37,110 power of 0 like so. And in this 105 00:04:37,110 --> 00:04:41,010 case, we will get 4. 4 is 106 00:04:41,040 --> 00:04:43,800 decimal representation of this 107 00:04:43,830 --> 00:04:48,060 binary number 100. Actually, you 108 00:04:48,060 --> 00:04:49,710 are able to use any online 109 00:04:49,710 --> 00:04:51,480 converter that will convert the 110 00:04:51,480 --> 00:04:53,790 binary to decimal for you. Let's 111 00:04:53,820 --> 00:04:56,730 quickly find such kind of converter 112 00:04:56,790 --> 00:05:01,980 binary to decimal. And here, let's 113 00:05:02,040 --> 00:05:03,960 open up, for example, this link, 114 00:05:04,080 --> 00:05:05,950 'Binary to Decimal Converter'. 115 00:05:07,589 --> 00:05:10,319 Let's enter here 100, and press 116 00:05:10,319 --> 00:05:13,169 Convert, and I get 4, decimal 117 00:05:13,199 --> 00:05:15,269 number. Great. This is how you're 118 00:05:15,269 --> 00:05:17,579 able to convert binary numbers to 119 00:05:17,579 --> 00:05:20,279 decimal numbers. Now task for you, 120 00:05:20,549 --> 00:05:23,189 please try to convert to decimal 121 00:05:23,189 --> 00:05:25,900 number, this representation, read, 122 00:05:25,900 --> 00:05:28,800 write and not execute. I wish you good luck. 123 00:05:28,800 --> 00:05:32,600 [Clock Ticking] 124 00:05:32,600 --> 00:05:34,500 All right, done. Let's 125 00:05:34,559 --> 00:05:36,239 do that together. And let me 126 00:05:36,269 --> 00:05:38,399 actually remove this formula, and 127 00:05:38,399 --> 00:05:41,099 read, write and not execute is 128 00:05:41,099 --> 00:05:44,051 actually represented like 110, 129 00:05:44,051 --> 00:05:45,779 and it will be equal to 130 00:05:45,779 --> 00:05:48,539 1 multiplied to 2 to power of 131 00:05:48,539 --> 00:05:51,509 2, plus 1 multiplied by 2 to 132 00:05:51,509 --> 00:05:54,149 power of 1, and plus 0 133 00:05:54,329 --> 00:05:57,389 multiplied by 2 to power of 0, 134 00:05:57,389 --> 00:05:59,399 like so. And the result will be 135 00:05:59,399 --> 00:06:02,039 actually 4 plus 2, equal to 136 00:06:02,039 --> 00:06:05,759 6. Great. And if there are all 137 00:06:05,789 --> 00:06:08,729 ones, I mean, read, write and 138 00:06:08,759 --> 00:06:11,519 execute, then result will be equal 139 00:06:11,519 --> 00:06:14,579 to 7, Let me modify it here, 7; 140 00:06:15,179 --> 00:06:17,999 here will be 1, and here will be 141 00:06:18,029 --> 00:06:20,819 1. And it is actually read, write 142 00:06:20,849 --> 00:06:24,449 and execute, 'rwx', like so. So you need 143 00:06:24,449 --> 00:06:27,059 to convert this representation into 144 00:06:27,059 --> 00:06:28,559 binary representation, and 145 00:06:28,589 --> 00:06:31,349 afterwards to decimal. And actually 146 00:06:31,379 --> 00:06:33,359 there are most popular combinations 147 00:06:33,359 --> 00:06:35,969 like a read, 'r', '-', '-' read, 148 00:06:35,969 --> 00:06:38,489 write, -, 'rw-'; and read write and 149 00:06:38,519 --> 00:06:41,129 execute, 'rwx'. And corresponding decimal 150 00:06:41,129 --> 00:06:44,339 numbers are 7, stands for read, 151 00:06:44,369 --> 00:06:46,919 write and execute. Let me quickly 152 00:06:46,979 --> 00:06:51,209 write it down here. I'll remove 153 00:06:51,239 --> 00:06:53,729 this part. So read, write, and 154 00:06:53,759 --> 00:06:56,219 execute, 'rwx' stands for 7, read, 155 00:06:56,249 --> 00:06:58,589 write and not execute, 'rw-', stands 156 00:06:58,589 --> 00:07:01,619 for 6. And read and 157 00:07:01,619 --> 00:07:04,289 not write and not execute, 'r--', is 158 00:07:04,289 --> 00:07:07,469 actually 4, like so. Those are 159 00:07:07,499 --> 00:07:09,719 most popular numbers, decimal 160 00:07:09,719 --> 00:07:12,869 numbers for permissions. And now 161 00:07:12,869 --> 00:07:14,909 let me show you how using this 162 00:07:14,909 --> 00:07:17,279 knowledge, we are able to modify 163 00:07:17,279 --> 00:07:19,379 permissions for a specific file. 164 00:07:20,399 --> 00:07:22,709 Let's remove this part. And here 165 00:07:22,739 --> 00:07:24,779 for modification of permissions, we 166 00:07:24,779 --> 00:07:27,299 will use command 'chmod', like 167 00:07:27,299 --> 00:07:30,269 this; and next we could supply 168 00:07:30,329 --> 00:07:33,059 number as a first argument; and 169 00:07:33,059 --> 00:07:35,249 let's type here number, let's say 170 00:07:35,369 --> 00:07:38,999 000; and here, let's type path to 171 00:07:38,999 --> 00:07:40,619 the file we want to change 172 00:07:40,619 --> 00:07:43,769 permissions, '/home/bogdan/new-file' 173 00:07:44,219 --> 00:07:46,589 like this. Let's press Enter. And 174 00:07:46,589 --> 00:07:48,659 now let's list contents of the '/home 175 00:07:48,689 --> 00:07:51,329 /bogdan' user. And now I see 176 00:07:51,359 --> 00:07:53,849 following permissions. Because 0 177 00:07:53,879 --> 00:07:57,839 in decimal represents 000 in binary 178 00:07:57,839 --> 00:08:00,149 format. That's why now there are 179 00:08:00,149 --> 00:08:02,339 actually empty permissions. And we 180 00:08:02,339 --> 00:08:04,589 are not able to read, write or 181 00:08:04,589 --> 00:08:07,799 execute this new-file.txt. Let's 182 00:08:07,799 --> 00:08:10,379 now modify permissions to following. 183 00:08:10,829 --> 00:08:14,249 Change mode, 'chmod'; and here will be, let's 184 00:08:14,249 --> 00:08:19,589 say 400. Press Enter. Let's verify 185 00:08:19,589 --> 00:08:21,929 settings now. And now I see that it 186 00:08:21,929 --> 00:08:25,049 is possible to read this file only 187 00:08:25,079 --> 00:08:29,489 by owner of this file. Great. Let's 188 00:08:29,489 --> 00:08:31,679 modify permissions again. And now 189 00:08:31,679 --> 00:08:36,149 here I'll set permission 700. That 190 00:08:36,149 --> 00:08:38,969 stands for read, write, and execute 191 00:08:38,999 --> 00:08:42,179 for a particular user, but no other 192 00:08:42,179 --> 00:08:45,749 permissions for other users. And now 193 00:08:45,749 --> 00:08:48,029 let's verify it. And actually now 194 00:08:48,029 --> 00:08:49,799 you see that permissions were 195 00:08:49,799 --> 00:08:51,839 changed to read write and execute 196 00:08:52,049 --> 00:08:54,568 and color of the file was changed 197 00:08:54,629 --> 00:08:56,939 as well. And the reason for that is 198 00:08:56,939 --> 00:08:59,249 that I have just made this file 199 00:08:59,279 --> 00:09:02,189 executable; and all executable files 200 00:09:02,219 --> 00:09:04,769 in bash shell will be marked with 201 00:09:04,769 --> 00:09:06,779 green color like you see here. 202 00:09:07,709 --> 00:09:10,169 Great. Now task for you. Please 203 00:09:10,199 --> 00:09:12,539 modify permissions for this file, 204 00:09:12,689 --> 00:09:15,209 and make it executable, writeable, 205 00:09:15,209 --> 00:09:18,389 and readable for owner; and readable 206 00:09:18,419 --> 00:09:21,029 and executable for remaining users 207 00:09:21,029 --> 00:09:23,459 in group and for other users in 208 00:09:23,520 --> 00:09:30,420 other groups. All right. Throws 209 00:09:30,450 --> 00:09:32,520 let's try to write the permissions 210 00:09:32,580 --> 00:09:35,220 we want to assign to this new-file. 211 00:09:35,370 --> 00:09:37,590 in text format. So, permissions will 212 00:09:37,590 --> 00:09:40,140 be following - read, write, execute by 213 00:09:40,170 --> 00:09:44,070 owner; read, not write, and execute by 214 00:09:44,100 --> 00:09:47,190 all other users in group; and read, 215 00:09:47,220 --> 00:09:49,710 not write and execute by all 216 00:09:49,740 --> 00:09:52,890 remaining users in other groups. And 217 00:09:52,890 --> 00:09:54,690 we already know that this section 218 00:09:54,720 --> 00:09:57,000 is represented by number 7 in 219 00:09:57,000 --> 00:09:59,130 decimal format. We have just used 220 00:09:59,160 --> 00:10:01,950 this number here, and we have not 221 00:10:01,950 --> 00:10:04,770 yet calculated this section. And if 222 00:10:04,770 --> 00:10:06,870 I represent this section in binary 223 00:10:06,870 --> 00:10:10,980 format, I will get 101, where this 224 00:10:11,010 --> 00:10:13,500 1 is four in decimal, and this 225 00:10:13,500 --> 00:10:16,290 1 is 1 in decimal, 4 + 226 00:10:16,290 --> 00:10:19,680 1, 4 + 1 is equal to 227 00:10:19,680 --> 00:10:21,780 5. And that is the permission 228 00:10:21,870 --> 00:10:24,810 for all other users in group, and 229 00:10:24,810 --> 00:10:27,030 for all other users in other 230 00:10:27,030 --> 00:10:29,340 groups. It means that final command 231 00:10:29,370 --> 00:10:33,270 will be 755, like this. Let's 232 00:10:33,270 --> 00:10:35,550 verify that. Let's list files 233 00:10:35,550 --> 00:10:37,770 and folders here. And now I see 234 00:10:37,800 --> 00:10:41,267 desired result. Now this new-file.txt 235 00:10:41,267 --> 00:10:43,440 is writeable, readable 236 00:10:43,470 --> 00:10:46,320 and executable by owner; and only 237 00:10:46,350 --> 00:10:48,540 readable and executable by all 238 00:10:48,570 --> 00:10:51,330 remaining users. And if you want to 239 00:10:51,330 --> 00:10:53,010 set full permissions, you need to 240 00:10:53,010 --> 00:10:59,550 type here 777 likes so. Great. This 241 00:10:59,550 --> 00:11:00,870 is how you're able to modify 242 00:11:00,870 --> 00:11:02,760 permissions using decimal 243 00:11:02,790 --> 00:11:05,520 representation. Also, you're able 244 00:11:05,550 --> 00:11:07,560 to add some permissions, and to 245 00:11:07,560 --> 00:11:09,900 remove some permissions using the 246 00:11:09,900 --> 00:11:11,610 following syntax. Let me show you. 247 00:11:12,030 --> 00:11:14,160 Let's go back to this command; and 248 00:11:14,160 --> 00:11:16,620 here instead of three 7s, I'll 249 00:11:16,650 --> 00:11:20,070 write following, '-x'. Let's 250 00:11:20,070 --> 00:11:22,350 press Enter. And now let's verify 251 00:11:22,380 --> 00:11:24,060 what was changed for permissions. 252 00:11:24,240 --> 00:11:26,040 And now I see that execution 253 00:11:26,040 --> 00:11:28,410 permission was removed from all 254 00:11:28,500 --> 00:11:31,980 three parts, here, here, and here. That's 255 00:11:32,010 --> 00:11:35,430 what this '-x' does. It has 256 00:11:35,430 --> 00:11:37,560 removed execution permissions for a 257 00:11:37,560 --> 00:11:39,900 particular file. All right, let's 258 00:11:39,900 --> 00:11:41,790 try to go back to this command; and 259 00:11:41,790 --> 00:11:45,100 instead of '-x', let's use '+x', 260 00:11:45,100 --> 00:11:47,000 like so. And let's have a look 261 00:11:47,070 --> 00:11:49,470 again at the settings. And now I 262 00:11:49,470 --> 00:11:51,480 see that 'x' was added again 263 00:11:51,510 --> 00:11:54,510 everywhere. All right, you are also 264 00:11:54,540 --> 00:11:57,240 able to remove or add some 265 00:11:57,240 --> 00:11:59,700 permissions for particular groups. 266 00:11:59,880 --> 00:12:02,790 For example, if you want to remove 267 00:12:02,820 --> 00:12:04,530 execution permission only for 268 00:12:04,530 --> 00:12:06,030 group, you could use following 269 00:12:06,030 --> 00:12:08,370 command. Let's go back here. And 270 00:12:08,370 --> 00:12:12,000 here will be 'g', then will be minus, 271 00:12:12,450 --> 00:12:16,680 and x; 'g-x' for group remove 272 00:12:16,830 --> 00:12:19,290 execution permission. Let's verify it. 273 00:12:20,610 --> 00:12:22,920 And now I see that 'x' was removed 274 00:12:22,920 --> 00:12:25,440 here in group part. All right, 275 00:12:25,560 --> 00:12:27,990 let's now try to remove also read 276 00:12:28,020 --> 00:12:30,390 access for group users. And here 277 00:12:30,390 --> 00:12:33,720 will be 'g-r', let's try that. 278 00:12:34,500 --> 00:12:37,140 List, and now I see that 'r' was 279 00:12:37,170 --> 00:12:39,420 removed here as well for group 280 00:12:39,450 --> 00:12:42,450 users. That's how you could very 281 00:12:42,450 --> 00:12:44,940 quickly add or remove some 282 00:12:44,940 --> 00:12:47,220 permissions if you want to. But I 283 00:12:47,220 --> 00:12:49,470 personally usually use decimal 284 00:12:49,470 --> 00:12:53,910 numbers like 777, or 700, or 755, 285 00:12:53,940 --> 00:12:55,890 that are most commonly used. 286 00:12:56,280 --> 00:12:57,630 Alright, that's all for 287 00:12:57,630 --> 00:12:59,100 permissions. And that's how you're 288 00:12:59,100 --> 00:13:00,690 able to modify permissions for 289 00:13:00,690 --> 00:13:02,940 specific files. And actually, now 290 00:13:02,940 --> 00:13:05,291 we see that this new-file.txt 291 00:13:05,291 --> 00:13:08,280 is writeable and executable by 292 00:13:08,310 --> 00:13:10,530 all users. And let's actually now 293 00:13:10,530 --> 00:13:12,810 quickly verify that. Let's change 294 00:13:12,840 --> 00:13:16,800 user to 'bogdan', list files here. I 295 00:13:16,800 --> 00:13:19,320 see new-file.txt here in this list. 296 00:13:19,530 --> 00:13:21,750 And now let's try to modify it, 'nano 297 00:13:21,840 --> 00:13:24,600 new-file.txt. And yes, I'm able 298 00:13:24,600 --> 00:13:27,000 to modify it. Because now 299 00:13:27,060 --> 00:13:30,660 permissions are lowered. That's 300 00:13:30,690 --> 00:13:32,670 what permissions do. And that's how 301 00:13:32,670 --> 00:13:34,440 you're able to modify permissions. 302 00:13:34,470 --> 00:13:36,270 And that's what actually will be 303 00:13:36,270 --> 00:13:37,500 changed when you modify 304 00:13:37,500 --> 00:13:39,540 permissions. But my personal 305 00:13:39,540 --> 00:13:41,730 recommendation to you is to be very 306 00:13:41,730 --> 00:13:43,980 careful with permissions. And don't 307 00:13:44,040 --> 00:13:46,710 assign very broad permissions that 308 00:13:46,950 --> 00:13:48,810 we'll make some files readable, 309 00:13:48,810 --> 00:13:50,640 writable and executable by all the 310 00:13:50,640 --> 00:13:53,040 users in the systems. Please assign 311 00:13:53,070 --> 00:13:55,170 only necessary permissions that 312 00:13:55,200 --> 00:13:57,600 you really need. Alright, that's 313 00:13:57,630 --> 00:13:58,890 all for this lecture. And in the 314 00:13:58,890 --> 00:14:00,750 next one, I'll tell you how to 315 00:14:00,750 --> 00:14:03,060 create executable shell script 316 00:14:03,090 --> 00:14:04,950 using Terminal. I'll see you in the 317 00:14:04,950 --> 00:14:06,000 next lecture. Bye-Bye. 318 00:14:06,000 --> 00:14:09,000 [no audio]