Linux

See our training slides: Linux

To find command help:

command_name --help
man command_name

Examples:

blastall --help

man ls

cd : change directory
pwd : print working directory
ls [nom_répertoire]: list directory contents
tree : list contents in a tree like format
who : show who is logged on the server
history : display the commands history
mkdir[nom_répertoire]: create directory
rmdir [nom_répertoire]: remove empty directory
cp: copy file
mv: rename or move a file
rm: remove file

PATH is an environmental variable that tells the shell which directories to search for executable files (i.e., ready-to-run programs) in response to commands issued by a user.

To view the contents of PATH:

env | grep PATH

To add absolute path in PATH variable:

export PATH=/path_to/binaries:$PATH

To add it permanently absolute path, adding this export command in the file ~/.bashrc

Access rights can be set on files or folders via “chmod” command, this for three sets of persons: the owner (u), a group (g) the owner is part of, and other people (o).

For each set of persons, basic rights can be:

• read (“r” or numerical value 4): be able to read the contents of a folder (i.e. make a “ls” command), or of a file (i.e. make a “cat” or “more” on it)
• write (“w” or numerical value 2): be able to add/remove entries (files or sub folders) to/from a folder, or add/remove contents to/from a file
• execute (“x” or numerical value 1):
  • a file with such right will be considered as executable by the shell: mainly scripts and binaries (compiled programs). There is no check made to see if file is really executable.
  • a folder without this right will block access to its contents:
    consider path “dir1/dir2/file.txt”, if you haven’t “x” right for dir1, you will have no access to file.txt, no matter access rights set on dir2 and file.txt.

Access rights can be displayed using “ls” command:

$ ls -ldL /work/project/seqoccin
drwxr-s--x 15 klopp SEQOCCIN 4096 Sep 28 2022 /work/project/seqoccin

The “drwxr-s—x” means:

• character[1]: type of entry directory (“d” for directory/folder, “-” normal file)
• characters[2..4]: owner’s rights, here klopp with full access “rwx” on this folder
• characters[5..7]: group (SEQOCCIN) member’s rights, here only “r” and “s” (set gui), a special right that set “x” right too.
• Characters[8..10]: other’s right, here “x” right only

For each set of rights, a numerical value representing the whole rights for the set is obtained just by adding individual rights :

• owner: r w x = 4 + 2 + 1 = 7
• group: r s = r x = 4 + 1 = 5
• others: x = 1

Special rights are counted separately:

• set uid (4): only for executable files and set for owner (right “x” set too). The owner of process created at execution time will be the owner of the file (not the person who launch the execution), and thus the process will have access rights of this owner.
• set gui (2): only for folders and set for group (right “x” set too). Entries created under the folder will have the same group as this folder, not the main group of the person who create the entry.
• tmp (1): only for folders and set for other (right “x” set too). Entries created under the folder can only be deleted by root or the owner.

For the folder seqoccin, the special rights numerical value is just 2.

Thus, the full numerical value for access rights will be 2751 (concatenation of numerical values).

The default numerical value for complete access rights are:

• 0777 for folder
• 0666 for file

To this default value, a mask is applied, i.e. the value of the mask is subtracted.

The default mask value is 0022 and can be displayed/changed via “umask” command.

$ umask
0022
$ umask 0002
$ umask
0002

Changing the mask via umask command has effect only for the current shell.

To have permanent change, put the umask modification into your $HOME/.bashrc file.

Now you have all the bricks to understand what’s going on an creation time:

• file or folder you create belongs to you, you are the owner
• the group associated to the new entry is either your main group (can be seen with “id” command), or the group of the parent folder if it has the “set gui” special right
• access right set to the new entry are obtained by subtracting your current umask from the default mask:
  if my umask is 0026, and I create a new folder, it will have:
  0777 – 0026 = 0751 access rights, i.e. drwxr-x—x

To have a finer way to define access rights not only for three set of persons, you can use ACL which are described further.

Change owner, group and others permissions

Use chmod (more help here)

Examples:

$ chmod u+rw file1: gives the owner (u) write (r) and read (w) permissions to file1.
$ chmod -R a+rx folder1: gives all users (a) read (r) and execute (x) rights to all the folder1 content (-R Recursive).
$ chmod 755 folder1: gives the owner all rights (7), group members and others the rights to read and access (55).
$ chmod 644 file1: gives the owner the rights to modify and read (6), to the members of the group and the others only the rights of reading (44).

Add user and group on "home" and "save"

Use NFSv4 ACL (more help here).
To set permissions: nfs4_setfacl
To check permissions: nfs4_getfacl

Examples:

Add user1 with read (R) and execution (X) permissions to all the folder1 content (-R Recursive)

$ nfs4_setfacl -R -a A::user1:RX folder1

Add group1 (g) read (R) et execution (X) permissions to all the folder1 content (-R Recursive)

$ nfs4_setfacl -R -a A:g:group1:RX folder1

Check permissions

$ nfs4_getfacl folder1
A:g:group1@genopole.toulouse,o=inra,c=fr:rxtncy
A::user1@genopole.toulouse,o=inra,c=fr:rxtncy
A::OWNER@:rwaDdxtTnNcCoy
A::GROUP@:rxtncy
A::EVERYONE@:rxtncy

Add user and group on the "work"

Use ACL commands (more help here)
To set permissions: setfacl
To check permissions: getfacl

Examples:

Add (-m modify) user1 read (r),write (w) et execution (x) permissions to all the folder1 content (-R Recursive)
$ setfacl -R -m u:user1:rwx folder1

Add group1 (g) read (r) et execution (x) permissions to all the folder1 content (-R Recursive)
$ setfacl -m g:group1:rx folder1

Check permissions

$ getfacl folder1
# file: folder1
# owner: username
# group: username_g
user::rwx
user:user1:rwx
group::r-x
group:group1:r-x
mask::rwx
other::r-x

Your account allows you to have your own web pages in a directory called public_html.

1- Create public_html folder:
mkdir ~/save/public_html
ln -s ~/save/public_html ~/

2- Verify or fix permissions

/home/username et /save/username (/save/user/username on Genobioinfo cluster) must be at least drwx--x--x
chmod 711 /home/username

Default permissions for public_html folder are drwxr-xr-x:

everyone can read and execute (upload for exemple) content.

To remove read access to the directory base: chmod o-r .
To make file or folder world readable: chmod o+r filename or foldername

3- Visualize web content
Open in browser:

https://genoweb.toulouse.inra.fr/~username for Genologin cluster

https://web-genobioinfo.toulouse.inrae.fr/~username for Genobioinfo cluster