DISCLAIMER : Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility.If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.


What is SGID and how to set SGID in Linux?

What is SGID?


SGID (Set Group ID up on execution) is a special type of file permissions given to a file/folder. Normally in Linux/Unix when a program runs, it inherits access permissions from the logged in user. SGID is defined as giving temporary permissions to a user to run a program/file with the permissions of the file group permissions to become member of that group to execute the file. In simple words users will get file Group’s permissions when executing a Folder/file/program/command.
SGID is similar to SUID. The difference between both is that SUID assumes owner of the file permissions and SGID assumes group’s permissions when executing a file instead of logged in user inherit permissions.

 

Learn SGID with examples:


Example: Linux Group quota implementation
 
When implementing Linux Group quota for group of people SGID plays an important role in checking the quota timer. SGID bit set on folder is used to change their inherit permissions to group’s permissions to make it as single user who is dumping data. So that group members whoever dumps the data the data will be written with group permissions and in turn quota will be reduced centrally for all the users. For clear understanding of this you have to implement group quota from the above link. Without implementation of SGID the quota will not be effective.

How can I setup SGID for a file?


SGID can be set in two ways

1) Symbolic way (s)

2) Numerical/octal way (2, SGID bit as value 2)
 
Use chmod command to set SGID on file: file1.txt

Symbolic way:
 
chmod g+s file1.txt
 
Let me explain above command we are setting SGID(+s) to group who owns this file.

Numerical way:
 
chmod 2750 file1.txt
 
Here in 2750, 2 indicates SGID bitset, 7 for full permissions for owner, 5 for read and execute permissions for group, and no permissions for others.
 
How can I check if a file is set with SGID bit or not?
 
Use ls –l to check if the x in group permissions field is replaced by s or S
For example: file1.txt listing before and after SGID set

Before SGID set:
ls -l

total 8

-rwxr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt
 
After SGID set:
ls -l

total 8

-rwxr-sr-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt 
 
Some FAQ’s related to SGID:

 
Where is SUID used?
 
1) When implementing Linux group disk quota.
I am seeing “S” ie Capital s in the file permissions, what’s that?
After setting SUID or SGID to a file/folder if you see ‘S’ in the file permission area that indicates that the file/folder does not have executable permissions for that user or group on that particular file/folder.
chmod g+s file1.txt
output:
-rwxrwSr-x 1 surendra surendra 0 Dec 27 11:24 file1.txt



so if you want executable permissions too, apply executable permissions to the file.
chmod g+x file1.txt
output:
-rwxrwsr-x 1 surendra surendra 0 Dec 5 11:24 file1.txt




How can I find all the SGID set files in Linux/Unix.
 
find / -perm +2000
The above find command will check all the files which is set with SGID bit(2000).


Can I set SGID for folders?
Yes, you can if it’s required (you should remember one thing, that Linux treats everything as a file)
How can I remove SGID bit on a file/folder?

chmod g-s file1.txt

What is SUID and how to set SUID in Linux/Unix?


What is SUID and how to set it in Linux?


SUID (Set owner User ID up on execution) is a special type of file permissions given to a file. Normally in Linux/Unix when a program runs, it inherits access permissions from the logged in user. SUID is defined as giving temporary permissions to a user to run a program/file with the permissions of the file owner rather that the user who is running it. In simple words users will get file owner’s permissions as well as owner UID and GID when executing a file/program/command.

The above sentence is bit tricky and should be explained in-depth with examples.

Learn SUID with examples:

 

Example1: passwd command


When we try to change our password we will use passwd command which is owned by root. This passwd command file will try to edit some system config files such as /etc/passwd, /etc/shadow etc when we try to change our password. Some of these files cannot be opened or viewed by normal user only root user will have permissions. So if we try to remove SUID and give full permissions to this passwd command file it cannot open other files such as /etc/shadow file to update the changes and we will get permission denied error or some other error when tried to execute passwd command. So passwd command is set with SUID to give root user permissions to normal user so that it can update /etc/shadow and other files.

Example2: ping command



Similarly if we take ping command, when we have to execute this command internally it should open socket files and open ports in order to send IP packets and receive IP packets to remote server. Normal users don’t have permissions to open socket files and open ports. So SUID bit is set on this file/command so that whoever executes this will get owner (Root user’s) permissions to them when executing this command. So when this command start executing it will inherit root user permissions to this normal user and opens require socket files and ports.

Example3: crontab and at command.


When scheduling the jobs by using crontab or at command it is obvious to edit some of the crontab related configuration files located in /etc which are not writable for normal users. So crontab/at commands are set with SUID in-order to write some data.

How can I setup SUID for a file?

 

SUID can be set in two ways

1) Symbolic way(s, Stands for Set) 
2) Numerical/octal way(4)
 
Use chmod command to set SUID on file: file1.txt

Symbolic way:

chmod u+s file1.txt
Here owner permission execute bit is set to SUID with +s

Numerical way:

chmod 4750 file1.txt
 
Here in 4750, 4 indicates SUID bit set, 7 for full permissions for owner, 5 for write and execute permissions for group, and no permissions for others.

How can I check if a file is set with SUID bit or not?

Use ls –l to check if the x in owner permissions field is replaced by s or S

For example: file1.txt listing before and after SUID set

Before SUID set:

ls -l
total 8

-rwxr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt
 
After SUID set:

ls -l
total 8

-rwsr--r-- 1 xyz xyzgroup 148 Dec 22 03:46 file1.txt

 

Some FAQ’s related to SUID:

 

A) Where is SUID used?

1) Where root login is required to execute some commands/programs/scripts.
2) Where you don’t want to give credentials of a particular user and but want to run some programs as the owner.
3) Where you don’t want to use SUDO command but want to give execute permission for a file/script etc.

B) I am seeing “S” I.e. Capital “s” in the file permissions, what’s that?

After setting SUID to a file/folder if you see ‘S’ in the file permission area that indicates that the file/folder does not have executable permissions for that user on that particular file/folder.
For example see below example

chmod u+s file1.txt
ls -l
-rwSrwxr-x 1 surendra surendra 0 Dec 27 11:24 file1.txt
 
If you want to convert this S to s then add executable permissions to this file as show below
chmod u+x file1.txt
ls -l
-rwsrwxr-x 1 surendra surendra 0 Dec 5 11:24 file1.txt
you should see a smaller ‘s’ in the executable permission position now.


SUID with execute permissions:

SUID_Linux


SUID with out execute permissions:

SUID_Linux_without_execute_permissions

C) How can I find all the SUID set files in Linux/Unix.

find / -perm +4000
The above find command will check all the files which is set with SUID bit(4000).

D) Can I set SUID for folders?

Yes, you can if its required(you should remember one thing, that Linux treats everything as a file)

E) What is SUID numerical value?
It has the value 4

What is a sticky Bit and how to set it in Linux?

What is Sticky Bit?

Sticky Bit is mainly used on folders in order to avoid deletion of a folder and its content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set). This is a security measure to avoid deletion of critical folders and their content(sub-folders and files), though other users have full permissions.

Learn Sticky Bit with examples:

 

Example: Create a project(A folder) where people will try to dump files for sharing, but they should not delete the files created by other users.
  
How can I setup Sticky Bit for a Folder?

Sticky Bit can be set in two ways
  1. Symbolic way (t,represents sticky bit)
  2. Numerical/octal way (1, Sticky Bit bit as value 1)
Use chmod command to set Sticky Bit on Folder: /opt/dump/

Symbolic way:

chmod o+t /opt/dump/
or
chmod +t /opt/dump/

Let me explain above command, We are setting Sticky Bit(+t) to folder /opt/dump by using chmod command.

Numerical way:

chmod 1757 /opt/dump/

Here in 1757, 1 indicates Sticky Bit set, 7 for full permissions for owner, 5 for read and execute permissions for group, and full permissions for others.

Checking if a folder is set with Sticky Bit or not?

Use ls –l to check if the x in others permissions field is replaced by t or T
For example: /opt/dump/ listing before and after Sticky Bit set

Before Sticky Bit set:
ls -l
total 8
-rwxr-xrwx 1 xyz xyzgroup 148 Dec 22 03:46 /opt/dump/

After Sticky Bit set:
ls -l
total 8
-rwxr-xrwt 1 xyz xyzgroup 148 Dec 22 03:46 /opt/dump/

Some FAQ’s related to Sticky Bit:

 

Now sticky bit is set, lets check if user “temp” can delete this folder which is created xyz user.

$ rm -rf /opt/dump
rm: cannot remove `/opt/dump’: Operation not permitted

$ ls -l /opt
total 8
drwxrwxrwt 4 xyz xyzgroup 4096 2012-01-01 17:37 dump
$


if you observe other user is unable to delete the folder /opt/dump. And now content in this folder such as files and folders can be deleted by their respective owners who created them. No one can delete other users data in this folder though they have full permissions.I am seeing “T” ie Capital s in the file permissions, what’s that?
After setting Sticky Bit to a file/folder, if you see ‘T’ in the file permission area that indicates the file/folder does not have executable permissions for all users on that particular file/folder.

Sticky bit without Executable permissions:




so if you want executable permissions, Apply executable permissions to the file.

chmod o+x /opt/dump/
ls -l command output:
-rwxr-xrwt 1 xyz xyzgroup 0 Dec 5 11:24 /opt/dump/

Sticky bit with Executable permissions:


sticky bit unix, unix sticky bit, suid, linux sticky bit, sticky bit in unix, sticky bit aix, sticky bit chmod, sticky bits, sticky bit linux, suid sgid sticky bit, set sticky bit, stickybit, sticky bit permission, setting sticky bit, solaris sticky bit, sticky bit solaris, sticky bit directory, remove sticky bit, ubuntu sticky bit, sticky bit t, aix sticky bit, sticky bit load balancer, directory sticky bit, umask


you should see a smaller ‘t’ in the executable permission position.
How can I find all the Sticky Bit set files in Linux/Unix.

find / -perm +1000
The above find command will check all the files which is set with Sticky Bit bit(1000).

Can I set Sticky Bit for files?
Yes, but most of the time it’s not required.

How can I remove Sticky Bit bit on a file/folder?
chmod o-t /opt/dump/

Rotating Log Files

This script moves on log files listed on the command line. It keeps all but the most recent one
compressed, and removes the last one once there are more than CYCLES of them. For example,
CYCLES=3 ; rotate messages Would have the following effects.

messages --> messages.1
messages.1 --> messages.2.gz
messages.2.gz --> messages.3.gz
messages.3.gz --> removed

script :


#!/bin/sh
# Rotate a log file and keep N copies
# Mostly stolen from inn
CYCLES=${CYCLES-5}
COMPRESS=/usr/local/bin/gzip
Z=.gz
for F in $* ; do
## Compress yesterday’s .1
test -f ${F}.1 \
&& ${COMPRESS} <${F}.1 >${F}.1${Z} \
&& rm -f ${F}.1 \
&& chmod 0440 ${F}.1${Z}
## Do rotation.
EXT=${CYCLES}
rm -f ${F}.${CYCLES}${Z}
while [ ${EXT} -gt 0 ] ; do
NEXT=${EXT}
EXT=‘expr ${EXT} - 1‘
test -f ${F].${EXT}${Z} \
&& rm -f ${F}.${NEXT}${Z} \
&& mv ${F}.${EXT}${Z} ${F}.${NEXT}${Z}
done
mv ${F} ${F}.1
done


Different RUN levels in Linux,Solaris and AIX

RedHat Linux - Run Levels 

 

0: Halt
1: Single user mode
2: Multiuser, without NFS
3: Full multiuser mode
4: Unused
5: X11
6: Reboot
 

Solaris - Run Level 

 

S: Single user state (useful for recovery)
0: Access Sun Firmware ( ok> prompt)
1: System administrator mode
2: Multi-user w/o NFS
3: Multi-user with NFS ( default run level)
4: Unused
5: Completely shutdown the host (like performing a power-off @ OBP) [ thanks to Marco ]
6: Reboot but depend upon initdefault entry in /etc/inittab

AIX - Run Levels


0-1: Reserved for future use
2: Multiuser mode with NFS resources shared (default run level)
3-9: Defined according to the user's preferences
m,M,s,S: Single-user mode (maintenance level)
a,b,c: Starts processes assigned to the new run levels while leaving the existing processes at the current level running
Q,q: init command to reexamine the /etc/inittab file

Command to see Run level:-

$ who -r
Output:
. run-level 3 Mar 3 14:04 3 0 S

Solaris/Linux changing runlevels after bootup 

 

You need to use init command, for example change runlevel to 2.
# /sbin/init 2
Solaris changing the default runlevel
An entry with initdefault (in /etc/inittab file) is scanned only when init is initially invoked. init uses this entry to determine which run level to enter initially.
Open /etc/inittab file:
# vi /etc/inittab
Find out this entry:
is:3:initdefault: Change is:3 to number you want, don't use S, 0, 6 ;). Save file.