≡ Menu

access file

Q. Can you connect a Linux server to a Windows server 2003 or Windows server 2008 for sharing files and printer? Can you access files stored on Windows server from Linux server?
[click to continue…]

Apache Log Files

Q. How do I find out Apache http server log files location? How do I change the location of Apache log file under Linux / UNIX operating system?
[click to continue…]

Postfix blacklist or reject an email address

Q. I’ve Postfix based CentOS Linux server. I need to blacklist email ID: user@abadboy.com . How do I blacklist email address with postfix? I also have spamassassin software installed.

A. By default, the Postfix SMTP server accepts any sender address. However you can block / blacklist sender email address easily with Postfix. It has SMTP server access table.

Open /etc/postfix/sender_access file
# cd /etc/postfix
# vi sender_access

Append sender email id as follows:
user@abadboy.com REJECT
Save and close the file. Use postmap command to create a database:
# postmap hash:sender_access
Now open main.cf and add code as follows:
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access
Save and close the file. Restart / reload postfix MTA:
# /etc/init.d/postfix restart

You can also use spamassassin to blacklist email address. Just add to your own spamassassin configuration or to /etc/mail/spamassassin/local.cf file:
# vi /etc/mail/spamassassin/local.cf
Append blacklist as follows:
blacklist_from user@abadboy.com
Save and close the file. Restart spamassassin:
# /etc/init.d/spamassassin restart

spamassassin will marke mail as SPAM instead of rejecting the same.

How Linux file permissions work

Linux (and almost all other Unixish systems) have three user classes as follows:

  • User (u): The owner of file
  • Group (g): Other user who are in group (to access files)
  • Other (o): Everyone else

You can setup following mode on each files. In a Linux and UNIX set of permissions is called as mode:

  • Read (r)
  • Write (w)
  • Execute (x)

However, above three modes or permission have different meaning for file and directory:

Linux Read mode permissions

  • Read access on a file allows you to view file
  • Read access on a directory allows you to view directory contents with ls command

Write mode permissions

  • Write access on a file allows you to write to file
  • Write access on a directory allows you to remove or add new files

Execute mode permissions

  • Execute access on a file allows to run program or script
  • Execute access on a directory allows you access file in the directory

Octal numbers and permissions

You can use octal number to represent mode/permission:

  • r: 4
  • w: 2
  • x: 1

For example, for file owner you can use octal mode as follows. Read, write and execute (full) permission on a file in octal is
0+r+w+x = 0+4+2+1 = 7

Only Read and write permission on a file in octal is
0+r+w+x = 0+4+2+0 = 6

Only read and execute permission on a file in octal is
0+r+w+x = 0+4+0+1 = 5

Use above method to calculate permission for group and others. Let us say you wish to give full permission to owner, read & execute permission to group, and read only permission to others, then you need to calculate permission as follows:
User = r+w+x = 0+4+2+1 = 7
Group= r+w+x = 0+4+2+0 = 6
Others = r+w+x = 0+0+0+1 = 1

Effective permission is 761.

chmod command

To setup file permission you need to use chmod command:
chmod {mode} {file-name}

To setup file permission 761 you need to use chmod command as follows:
# chmod 0761 file
To setup a file readable by anyone and writable by the owner only:
# chmod 644 file
To setup a file readable/executable by everyone and writable by the owner only:
# chmod 755 file
You can change permissions for all files and directories within a directory by using the -R option on the chmod command. For example, to setup others read and execute access to all files and directories (and files and directories within directories), you need to type command as follows (i.e. change the modes of the file hierarchies rooted in the files instead of just the files themselves):
# chmod -R 755 directory-name/

Further readings

  1. Access rights: Linux's first line of defense
  2. Read chmod command man page for more information.