Tuesday, June 25, 2019

id command examples in linux ?

How do I find out the user and group’s names and numeric IDs of the current user or any users on
my server? How can I display and effective IDs on the system using command line options? In Linux,
how do I find a user’s UID or GID?


To find a user’s UID (user ID) or GID (group ID) and other information in Linux/Unix-like operating
systems, use the id command.


This command is useful to find out the following information:
  • Get User name and real user ID
  • Find a specific user’s UID
  • List out all the groups a user belongs to
  • Show the UID and all groups associated with a user
  • Display security context of the current user
  • Effective Linux or Unix user name and effective user ID (UID)
  • Name of effective Linux or Unix user’s group and effective group ID (GID)



Purpose
Displays the system identifications of a specified user.


id command syntax
The basic syntax is:


id
id [UserNameHere]
id [options]
id [options] [UserNameHere]

 id --help
Usage: id [OPTION]... [USERNAME]
Print user and group information for the specified USERNAME,
or (when USERNAME omitted) for the current user.


  -a              ignore, for compatibility with other versions
  -Z, --context   print only the security context of the current user
  -g, --group     print only the effective group ID
  -G, --groups    print all group IDs
  -n, --name      print a name instead of a number, for -ugG
  -r, --real      print the real ID instead of the effective ID, with -ugG
  -u, --user      print only the effective user ID
      --help     display this help and exit
      --version  output version information and exit



Display your own UID and GID
Type the command:
id


Sample outputs:


id
uid=1000(dev) gid=1000(dev) groups=1000(dev),4(adm),24(cdrom),27(sudo)


How do I find a specific user’s UID?


In this example, find a dev user’s UID, type:
id -u {UserNameHere}
id -u dev


Sample output:


id -u dev
1000


How do I find a specific user’s GID?


In this example, find a dev user’s GID, run:
id -g {UserNameHere}
id -g dev


Sample output:


id -g dev
1000

How do I see the UID and all groups associated with a user name?


In this example, find the UID and all groups associated with a user called ‘root’, enter:
id {UserNameHere}
id root


Sample output:


id root
uid=0(root) gid=0(root) groups=0(root)


Find out all the groups a user belongs to  !!


In this example, display the UID and all groups associated (secondary groups) with a user called ‘dev’, run:
id -G {UserNameHere}
id -G dev


Sample output:


id -G dev
1000 4 24 27 30 46 108 124 142


How do I display real ID instead of the effective ID for specified user?


You can show the real ID for the -g, -G and -u options instead of the effective ID by passing the -r option:


id -r -g {UserNameHere}
id -r -u {UserNameHere}

### [NOTE]  -r and -G only works on Linux


id -r -G {UserNameHere}

id -r -u dev


Sample output:
id -r -u dev
1000


Determining root privileges in a script


Linux and Unix sysadmin relates shell scripts must be run by root user. The following shell script
shows how to determining root privileges in a script:


#!/bin/bash

## if root user not running this script, die with a message on screen ##
if [ $(id -u -r) -ne 0 ]
then
        echo "Requires root privileges. Please re-run using sudo."
        exit 1
fi

Tuesday, June 11, 2019

How to Make File undeletable Even By Root in Linux ?

On Unix-like operating systems including Linux, root is the account or user name that by default can
modify all directories and files on a system. In this article, we’ll show how to make directories or
files unremovable even by the root user in Linux.

To make a file undeletable by any system user, including root, you need to make it unmodifiable
using using the chattr command. This command changes file attributes on a Linux file system.

How to Make File Undeletable in Linux

The command below makes test.txt file immutable (or undeletable). This implies that the file can’t
be modified in any way: it can’t be deleted or renamed. You can’t even create a link to it and no data
can be written to the file as well.

Note that you need superuser privileges to set or remove this attribute, using the sudo command:

chattr - change file attributes on a Linux file system

DESCRIPTION
      chattr changes the file attributes on a Linux file system.

      The format of a symbolic mode is +-=[acdeijstuACDST].

      The operator `+' causes the selected attributes to be added to the existing attributes of the files;
`-' causes them to be removed; and `=' causes
      them to be the only attributes that the files have.

      The letters `acdeijstuACDST' select the new attributes for the files: append only (a), compressed
(c), no dump (d), extent  format (e), immutable (i), data  journalling (j),  secure deletion (s), no
tail-merging (t), undeletable (u), no atime
updates (A), no copy on write (C), synchronous
      directory updates (D), synchronous updates (S), and top of directory hierarchy (T).

      The following attributes are read-only, and may be listed by lsattr(1) but not modified by chattr:
huge file (h), compression  error (E), indexed
      directory (I), compression raw access (X), and compressed dirty file (Z).

OPTIONS
      -R Recursively change attributes of directories and their contents.

      -V Be verbose with chattr's output and print the program version.

      -f Suppress most error messages.

      -v version
             Set the file's version/generation number.



$ sudo chattr +i test.txt
OR
$ sudo chattr +i -V test.txt

Output:
sudo chattr +i -V test.txt
chattr 1.42.9 (4-Feb-2014)
Flags of test.txt set as ----i--------e--



To view attributes of a file, use the lsattr command as shown.

$ lsattr test.txt

Output:

lsattr test.txt
----i--------e-- test.txt




Now try to remove the immutable file, both as a normal user and as a root.

$ rm test.txt
$ sudo rm test.txt

Output:

sudo rm -rf test.txt
rm: cannot remove ‘test.txt’: Operation not permitted

use -i sign to remove the attribute

sudo chattr -i -V test.txt
chattr 1.42.9 (4-Feb-2014)
Flags of test.txt set as -------------e--

Now we can delete the file.