≡ Menu


Can I create another root user account in Linux / UNIX?

Q. I’d like to create my root account in Linux. How do I do it?

A. Root user is superuser on a Unix / Linux system. Root user has all rights or permissions. . The root user can do many things an ordinary user cannot do on system such as start / stop services, grant / revoke any permissions, open ports (especially < 1024 ports), user management and much more. The root user is the most privileged user on the system and has absolute power over it. By default almost all Linux distributions and UNIX like operating system creates the root account at the time of installation. You don’t have to create a new root account. Use su or sudo command to run administrative task as the root user. Creating another root user can be a security risk. Root has a UID of zero in /etc/passwd. This means absolute control over the system for the root user. You can set any user id to 0 (zero) to grant unlimited permissions provided that you login as root. However some variants of UNIX provides additional account. For example BSD provides a toor ("root" backwards) account in addition to a root account. It is recommended that you use root only when required and there is no need to create a new root user account.

Linux / UNIX: Cannot Preserve Ownership Error when Files are Moved or Copied

Q. I’m using CentOS Linux. I’m getting an error - Cannot Preserve Ownership, when I try to copy files from Linux ext3 to FAT32 or files moved to an NFS NAS server mount point. How do I fix this error and copy / move files?

A. Generally you use command like cp or my to copy file. While copying a file these command try to copy file attributes such as ACL information or group access information etc. FAT32 and NFS mount mount cannot support all sort of attributes and these commands cannot differentiate between a filesystem that doesn't support ACL and Linux file system permission.

All your files will be copied or moved without ACL and permissions. You can ignore this error and files should be copied / moved successfully.

Linux / UNIX: Device files

Q. Can you explain me what is device files and how do I access or see device files? Why UNIX / Linux has device files?

A. Under Linux and UNIX each and every hardware device treated as a file. A device file allows to accesses hardware devices so that end users do not need to get technical details about hardware.

In short, a device file (also called as a special file) is an interface for a device driver that appears in a file system as if it were an ordinary file. This allows software to interact with the device driver using standard input/output system calls, which simplifies many tasks.

Device file two types

There are two types of device files based upon how data written to them and read from them is processed by the operating system and hardware:

  • Character special files or Character devices
  • Block special files or Block devices

Understanding Character special files or Character devices

  • Talks to devices in a character by character (1 byte at a time)
  • Examples: Virtual terminals, terminals and serial modems etc

Understanding Block special files or Block devices

  • Talks to devices 1 block at a time ( 1 block = 512 bytes to 32KB)
  • Examples: Hard disk, DVD/CD ROM, and memory regions etc

Why use device files?

Device file allows transparent communication between user space applications and computer hardware.

Device file location

All device files are stored in /dev directory. Use cd and ls command to browse the directory:
cd /dev/
ls -l

How do I find out the device file type?

Simply use ls -l command:
ls -l /dev
Look for file's type in the first column output.

A character device is marked with a c as the first letter of the permissions strings.
$ ls -l /dev/console
A block device is marked with a b as the first letter of the permissions strings:
$ ls -l /dev/sdb1

How Linux file permissions work

Linux (and almost all other Unixish systems) have three user classes as follows:

  • User (u): The owner of file
  • Group (g): Other user who are in group (to access files)
  • Other (o): Everyone else

You can setup following mode on each files. In a Linux and UNIX set of permissions is called as mode:

  • Read (r)
  • Write (w)
  • Execute (x)

However, above three modes or permission have different meaning for file and directory:

Linux Read mode permissions

  • Read access on a file allows you to view file
  • Read access on a directory allows you to view directory contents with ls command

Write mode permissions

  • Write access on a file allows you to write to file
  • Write access on a directory allows you to remove or add new files

Execute mode permissions

  • Execute access on a file allows to run program or script
  • Execute access on a directory allows you access file in the directory

Octal numbers and permissions

You can use octal number to represent mode/permission:

  • r: 4
  • w: 2
  • x: 1

For example, for file owner you can use octal mode as follows. Read, write and execute (full) permission on a file in octal is
0+r+w+x = 0+4+2+1 = 7

Only Read and write permission on a file in octal is
0+r+w+x = 0+4+2+0 = 6

Only read and execute permission on a file in octal is
0+r+w+x = 0+4+0+1 = 5

Use above method to calculate permission for group and others. Let us say you wish to give full permission to owner, read & execute permission to group, and read only permission to others, then you need to calculate permission as follows:
User = r+w+x = 0+4+2+1 = 7
Group= r+w+x = 0+4+2+0 = 6
Others = r+w+x = 0+0+0+1 = 1

Effective permission is 761.

chmod command

To setup file permission you need to use chmod command:
chmod {mode} {file-name}

To setup file permission 761 you need to use chmod command as follows:
# chmod 0761 file
To setup a file readable by anyone and writable by the owner only:
# chmod 644 file
To setup a file readable/executable by everyone and writable by the owner only:
# chmod 755 file
You can change permissions for all files and directories within a directory by using the -R option on the chmod command. For example, to setup others read and execute access to all files and directories (and files and directories within directories), you need to type command as follows (i.e. change the modes of the file hierarchies rooted in the files instead of just the files themselves):
# chmod -R 755 directory-name/

Further readings

  1. Access rights: Linux's first line of defense
  2. Read chmod command man page for more information.