Linux

See our training slides: Linux

To find command help:

command_name --help
man command_name

Examples:

blastall --help

man ls

cd : change directory
pwd : print working directory
ls [nom_répertoire]: list directory contents
tree : list contents in a tree like format
who : show who is logged on the server
history : display the commands history
mkdir[nom_répertoire]: create directory
rmdir [nom_répertoire]: remove empty directory
cp: copy file
mv: rename or move a file
rm: remove file

PATH is an environmental variable that tells the shell which directories to search for executable files (i.e., ready-to-run programs) in response to commands issued by a user.

To view the contents of PATH:

env | grep PATH

To add absolute path in PATH variable:

export PATH=/path_to/binaries:$PATH

To add it permanently absolute path, adding this export command in the file ~/.bashrc

Access rights can be set on files or folders via “chmod” command, this for three sets of persons: the owner (u), a group (g) the owner is part of, and other people (o).

For each set of persons, basic rights can be:

  • read (“r” or numerical value 4): be able to read the contents of a folder (i.e. make a “ls” command), or of a file (i.e. make a “cat” or “more” on it)
  • write (“w” or numerical value 2): be able to add/remove entries (files or sub folders) to/from a folder, or add/remove contents to/from a file
  • execute (“x” or numerical value 1):
    • a file with such right will be considered as executable by the shell: mainly scripts and binaries (compiled programs). There is no check made to see if file is really executable.
    • a folder without this right will block access to its contents:
      consider path “dir1/dir2/file.txt”, if you haven’t “x” right for dir1, you will have no access to file.txt, no matter access rights set on dir2 and file.txt.

Access rights can be displayed using “ls” command:

$ ls -ldL /work/project/project1
drwxr-s--x 15 user1 PROJECT1 4096 Sep 28 2022 /work/project/project1

The “drwxr-s—x” means:

  • character[1]: type of entry directory (“d” for directory/folder, “-” normal file)
  • characters[2..4]: owner’s rights, here user1 with full access “rwx” on this folder
  • characters[5..7]: group (PROJECT1) member’s rights, here only “r” and “s” (set gui), a special right that set “x” right too.
  • Characters[8..10]: other’s right, here “x” right only

For each set of rights, a numerical value representing the whole rights for the set is obtained just by adding individual rights :

  • owner: r w x = 4 + 2 + 1 = 7
  • group: r s = r x = 4 + 1 = 5
  • others: x = 1

Special rights are counted separately:

  • set uid (4): only for executable files and set for owner (right “x” set too). The owner of process created at execution time will be the owner of the file (not the person who launch the execution), and thus the process will have access rights of this owner.
  • set gui (2): only for folders and set for group (right “x” set too). Entries created under the folder will have the same group as this folder, not the main group of the person who create the entry.
  • tmp (1): only for folders and set for other (right “x” set too). Entries created under the folder can only be deleted by root or the owner.

For the folder project1, the special rights numerical value is just 2.

Thus, the full numerical value for access rights will be 2751 (concatenation of numerical values).

The default numerical value for complete access rights are:

  • 0777 for folder
  • 0666 for file

To this default value, a mask is applied, i.e. the value of the mask is subtracted.

The default mask value is 0022 and can be displayed/changed via “umask” command.

$ umask
0022
$ umask 0002
$ umask
0002

Changing the mask via umask command has effect only for the current shell.

To have permanent change, put the umask modification into your $HOME/.bashrc file.

Now you have all the bricks to understand what’s going on an creation time:

  • file or folder you create belongs to you, you are the owner
  • the group associated to the new entry is either your main group (can be seen with “id” command), or the group of the parent folder if it has the “set gui” special right
  • access right set to the new entry are obtained by subtracting your current umask from the default mask:
    if my umask is 0026, and I create a new folder, it will have:
    0777 – 0026 = 0751 access rights, i.e. drwxr-x—x

To have a finer way to define access rights not only for three set of persons, you can use ACL which are described further.

Change owner, group and others permissions

Use chmod (more help here)

Examples:

$ chmod u+rw file1: gives the owner (u) write (r) and read (w) permissions to file1.
$ chmod -R a+rx folder1: gives all users (a) read (r) and execute (x) rights to all the folder1 content (-R Recursive).
$ chmod 755 folder1: gives the owner all rights (7), group members and others the rights to read and access (55).
$ chmod 644 file1: gives the owner the rights to modify and read (6), to the members of the group and the others only the rights of reading (44).


Add user and group on "home" and "save"

Use NFSv4 ACL (more help here).
To set permissions: nfs4_setfacl
To check permissions: nfs4_getfacl

Examples:

Add user1 with read (R) and execution (X) permissions to all the folder1 content (-R Recursive)

$ nfs4_setfacl -R -a A::user1:RX folder1

Add group1 (g) read (R) et execution (X) permissions to all the folder1 content (-R Recursive)

$ nfs4_setfacl -R -a A:g:group1:RX folder1

Check permissions

$ nfs4_getfacl folder1
A:g:group1@genopole.toulouse,o=inra,c=fr:rxtncy
A::user1@genopole.toulouse,o=inra,c=fr:rxtncy
A::OWNER@:rwaDdxtTnNcCoy
A::GROUP@:rxtncy
A::EVERYONE@:rxtncy

 

Add user and group on the "work"

Use ACL commands (more help here)
To set permissions: setfacl
To check permissions: getfacl

Examples:

Add (-m modify) user1 read (r),write (w) et execution (x) permissions to all the folder1 content (-R Recursive)
$ setfacl -R -m u:user1:rwx folder1

Add group1 (g) read (r) et execution (x) permissions to all the folder1 content (-R Recursive)
$ setfacl -m g:group1:rx folder1

Check permissions

$ getfacl folder1
# file: folder1
# owner: username
# group: username_g
user::rwx
user:user1:rwx
group::r-x
group:group1:r-x
mask::rwx
other::r-x

Your account allows you to have your own web pages in a directory called public_html located in your $HOME.

1- Create public_html folder:
mkdir ~/save/public_html
ln -s ~/save/public_html ~/

2- Verify or fix permissions

/home/username et /save/user/username (/save/username on old Genologin cluster) must be at least drwx--x--x
chmod 711 /home/username

Default permissions for public_html folder are drwxr-xr-x:

everyone can read and access contents (upload for exemple).


To remove read access to the directory base: chmod o-r .
To make file or folder world readable: chmod o+r filename or foldername

3- Visualize web content
Open in browser:

https://web-genobioinfo.toulouse.inrae.fr/~username for Genobioinfo cluster

https://genoweb.toulouse.inra.fr/~username for old Genologin cluster

These two URLs are currently handled by two separate servers, having their own storage volume for $HOME, and the same secure "save" storage volume, but accessible via a different path as mentioned above. It isn't possible to connect directly to the web servers to manage your pages, you have to do that through ssh connection using your account credentials to respectively genobioinfo.toulouse.inrae.fr (Genobioinfo cluster) or genologin.toulouse.inrae.fr (Genologin cluster).
End of September 2024, genoweb machine will be shutdown, and web-genobioinfo machine will inherit genoweb.toulouse.inra.fr domain name, thus URL will still be functional, especially useful for already published URLs in papers.
The official URL will still be https://genoweb.toulouse.inra.fr or better https://genoweb.toulouse.inrae.fr, the URL https://web-genobioinfo.toulouse.inrae.fr is just provided for test purpose until end of September.