Linux

Training slides

See our training slides: Linux

Command help

• tldr pages, for quick and comprehensible examples

• man command, for detailed options

  Example

  man ls
  

• Most of the time, softwares provide an help option:

  command_name --help
  
  # or
  command_name -help
  
  # or
  command_name -h
  

  Example

  blastall -help
  

Some basic commands

• cd : change directory
• pwd : print working directory
• ls <directory-name> : list directory contents
• tree : list contents in a tree like format
• who : show who is logged on the server
• history : display the commands history
• mkdir <directory-name> : create directory
• rmdir <directory-name> : remove empty directory
• cp : copy file
• mv : rename or move a file
• rm : remove file

The PATH variable

The PATH is an environmental variable that tells the shell which directories to search for executable files (i.e., ready-to-run programs) in response to commands issued by a user.

To view the contents of PATH:

printenv PATH

To add absolute path in PATH variable:

export PATH=/path_to/binaries:$PATH

To add it permanently absolute path, adding this export command in the file ~/.bashrc

umask and default access rights

Access rights can be set on files or folders via chmod command, this for three sets of persons: the owner (u), a group (g) the owner is part of, and other people (o).

For each set of persons, basic rights can be:

• read (r or numerical value 4): be able to read the contents of a folder (i.e. make a ls command), or of a file (i.e. make a cat or more on it)
• write (w or numerical value 2): be able to add/remove entries (files or sub folders) to/from a folder, or add/remove contents to/from a file
• execute (x or numerical value 1):
  • a file with such right will be considered as executable by the shell: mainly scripts and binaries (compiled programs). There is no check made to see if file is really executable.
  • a folder without this right will block access to its contents: consider path dir1/dir2/file.txt, if you haven’t x right for dir1, you will have no access to file.txt, no matter access rights set on dir2 and file.txt.

Access rights can be displayed using ls command:

$ ls -ldL /work/project/seqoccin
drwxr-s--x 15 user1 SEQOCCIN 4096 Sep 28 2022 /work/project/seqoccin

The drwxr-s--x means:

• character[1]: type of entry directory (d for directory/folder, - normal file)
• characters[2..4]: owner’s rights, here user1 with full access rwx on this folder
• characters[5..7]: group (SEQOCCIN) member’s rights, here only r and s (set gui), a special right that set x right too.
• characters[8..10]: other’s right, here x right only

For each set of rights, a numerical value representing the whole rights for the set is obtained just by adding individual rights :

• owner: r w x = 4 + 2 + 1 = 7
• group: r s = r x = 4 + 1 = 5
• others: x = 1

Special rights are counted separately:

• set uid (4): only for executable files and set for owner (right x set too). The owner of process created at execution time will be the owner of the file (not the person who launch the execution), and thus the process will have access rights of this owner.
• set gui (2): only for folders and set for group (right x set too). Entries created under the folder will have the same group as this folder, not the main group of the person who create the entry.
• tmp (1): only for folders and set for other (right x set too). Entries created under the folder can only be deleted by root or the owner.

For the folder seqoccin, the special rights numerical value is just 2.

Thus, the full numerical value for access rights will be 2751 (concatenation of numerical values).

The default numerical value for complete access rights are:

• 0777 for folder
• 0666 for file

To this default value, a mask is applied, i.e. the value of the mask is subtracted.

The default mask value is 0022 and can be displayed/changed via umask command.

$ umask
0022
$ umask 0002
$ umask
0002

Changing the mask via umask command has effect only for the current shell.

To have permanent change, put the umask modification into your $HOME/.bashrc file.

Now you have all the bricks to understand what’s going on an creation time:

• file or folder you create belongs to you, you are the owner
• the group associated to the new entry is either your main group (can be seen with id command), or the group of the parent folder if it has the set gui special right

• access right set to the new entry are obtained by subtracting your current umask from the default mask:

  if my umask is 0026, and I create a new folder, it will have: 0777 - 0026 = 0751 access rights, i.e. drwxr-x--x

To have a finer way to define access rights not only for three set of persons, you can use ACL which are described further.

How to change permissions on file or folder?

Change owner, group and others permissions

Use chmod (more help here)

Examples

• $ chmod u+rw file1: gives the owner (u) write (r) and read (w) permissions to file1.
• $ chmod -R a+rx folder1: gives all users (a) read (r) and execute (x) rights to all the folder1 content (-R for Recursive).
• $ chmod 755 folder1: gives the owner all rights (7), group members and others the rights to read and access (55).
• $ chmod 644 file1: gives the owner the rights to modify and read (6), to the members of the group and the others only the rights of reading (44).

Add user and group on home and save

Use NFSv4 ACL (more help here).

• To set permissions: nfs4_setfacl
• To check permissions: nfs4_getfacl

Examples

• Add user1 with read (R) and execution (X) permissions to all the folder1 content (-R for Recursive)

  $ nfs4_setfacl -R -a A::user1:RX folder1
  

• Add group1 (g) read (R) et execution (X) permissions to all the folder1 content (-R for Recursive)

  $ nfs4_setfacl -R -a A:g:group1:RX folder1
  

• Check permissions

  $ nfs4_getfacl folder1
  A:g:group1@genopole.toulouse,o=inra,c=fr:rxtncy
  A::user1@genopole.toulouse,o=inra,c=fr:rxtncy
  A::OWNER@:rwaDdxtTnNcCoy
  A::GROUP@:rxtncy
  A::EVERYONE@:rxtncy
  

Add user and group on work

Use ACL commands (more help here)

• To set permissions: setfacl
• To check permissions: getfacl

Examples

• Add (-m modify) user1 read (r),write (w) et execution (x) permissions to all the folder1 content (-R Recursive)

  $ setfacl -R -m u:user1:rwx folder1
  

• Add group1 (g) read (r) et execution (x) permissions to all thefolder1content (-R` Recursive)

  $ setfacl -m g:group1:rx folder1
  

• Check permissions

  $ getfacl folder1
  # file: folder1
  # owner: username
  # group: username_g
  user::rwx
  user:user1:rwx
  group::r-x
  group:group1:r-x
  mask::rwx
  other::r-x
  

Set up your personnal web space (public_html)

Your account allows you to have your own web pages in a directory called public_html located in your $HOME.

1. Create public_html folder:

   mkdir ~/save/public_html
   ln -s ~/save/public_html ~/
   

2. Verify or fix permissions

   /home/<username> and /save/user/<username> (</save/username> on old Genologin cluster) must be at least drwx--x--x:

   chmod 711 /home/username
   

   Default permissions for public_html folder are drwxr-xr-x, which means everyone can read and access contents (upload for exemple).

   To remove read access to the directory base: chmod o-r . To make file or folder world readable: chmod o+r filename or foldername

3. Visualize web content, by openning in a web browser:

   • https://genoweb.toulouse.inrae.fr/~username for Genobioinfo cluster

It isn't possible to connect directly to the web servers to manage your pages, you have to do that through ssh connection using your account credentials to genobioinfo.toulouse.inrae.fr (Genobioinfo cluster).