Part3. File system , security and links Part3. File system , security and links 1.

File and directory permissions

Traditional Unix permissions
Permissions on Unix-like systems are managed in three distinct classes. These classes are known as user, group, and others. In effect, Unix permissions are a simplified form of access control lists (A !s".

#hen a new file is created on a Unix-like system, its permissions are determined from the umask of the process that created it.

Permissions
There are three specific permissions on Unix-like systems that apply to each class$ The read permission, which grants the a%ility to read a file. #hen set for a directory, this permission grants the a%ility to read the names of files in the directory (%ut not to find out any further information a%out them such as contents, file type, si&e, ownership, permissions, etc." The write permission, which grants the a%ility to modify a file. #hen set for a directory, this permission grants the a%ility to modify entries in the directory. This includes creating files, deleting files, and renaming files. The execute permission, which grants the a%ility to execute a file. This permission must %e set for executa%le %inaries (for example, a compiled c'' program" or shell scripts (for example, a Perl program" in order to allow the operating system to run them. #hen set for a directory, this permission grants the a%ility to tra(erse its tree in order to access files or su%directories, %ut not see files inside the directory (unless read is set". The effect of setting the permissions on a directory (rather than a file" is )one of the most fre*uently misunderstood file permission issues) (+atch ,--.". #hen a permission is not set, the rights it would grant are denied. Unlike A !-%ased systems, permissions on a Unix-like system are not inherited. /iles created within a directory will not necessarily ha(e the same permissions as that directory. The permissions to %e assigned are determined using umasks.0123

Example 1.1
2. 4 mkdir 56courses6unix%asic6lesson. 7ake directory named lesson. under the directory 6courses6unix%asic6 that was created on lesson,. ,. .. 4 cd 6etc 8o to directory etc directly under root. 4 cp group passwd shadow 56courses6unix%asic6lesson.

Part3. File system , security and links

Try to copy three files from 6etc directory to your own directory. 9hadow can:t %e copied since it is owned %y root and no one else has any permissions to the file. ;. 4 cd 8o to your home directory. <. 4 cp -r 6etc6skel courses6unix%asic6lesson. opy e(erything under directory 6etc6skel to your own directory. =. cd courses6unix%asic6lesson. directory >. touch la%.file ?. mkdir la%.dir @. ls -l
drwx-----drwx-----drwx------rw------; < , 2 kirsirat kirsirat kirsirat kirsirat users ;-@= Ao( users ;-@= Ao( users ;-@= Ao( users - Ao( ? ? ? ? 2>$;; 2>$,@ 2>$;; 2>$;; . .. la%.dir la%.file

1.1 Modifying Permissions

/ile permissions can %e modified %y using the command chmod (change mode". User permissions are referred to %y the letter u (uBuser owner", the group with the letter g (gBgroup" and all others with the letter o (oBothers". #hen modifying all permissions, the letter a (aBall" is used The plus sign ('" is used to add permissions and the minus sign (-" to take them away. #hen you want to modify the file permissions, so that only the issued permissions come into effect, use B (e*uals". chmod a'r file Assign read permissions to the file to e(eryone chmod go-rwx file Cemo(e all permissions to the file from e(eryone else apart from the user chmod uBrx file 8i(e the user read and write permissions to the file. chmod >-- file 8i(e only the user read, write and execute permissions, octal representation.

1.2 Octal value

The permissions for each user type can %e represented %y an octal (alue. Dach type of permission carries with it a (alue$ ; r read , w write 2 x execute6cd

Part3. File system , security and links

Putting these together in com%ination yields an octal num%er from - to >. /or example, read (;" and execute (2" permissions together are represented %y < (;'2". +ere is a ta%le representing all of the possi%le (alues$ > = < ; . , 2 rwx rwr-x r--wx -w--x --read, write, execute read, write read, execute read write, execute write execute no permissions

1.3 umask The umask shell command changes the umask of the shell process, and all processes su%se*uently started from the shell then inherit the new umask. The effect is lost when these processes terminate, e.g. when the user logs out. To set an umask permanently, the appropriate umask command can %e added to a login script. 7odern Unix systems allow umasks to %e specified in two ways$ A default permission, also called a 9ym%olic Umask. D.g. uBrwx,gBrwx,oB An octal num%er that controls which permissions will %e masked (not set" for any newly created file, e.g. -->.

Example 1.2
2. chmod a'w la%file. Using sym%olic mode, add write permissions for la%.file. ,. la -l la%file. .. chmod >=- la%file. Using octal mode, change the permissions on the la%.file rwxrw---;. la -l la%file. <. cat E a%cd ls -la crl-F reate a new file called a%cd. #rite at first empty line and then next line write a text ls Gla =. .6a%cd Try to execute the script. Hou canIt execute that. >. reate a new file called memo into your home directory. #rite your name. ?. chmod g'w memoJ chmod g'w 5 to

Part3. File system , security and links

hange your directory and file permission so that your friend can write his6her name to your file memo. Ask you friend to write.

2. Link files by soft and hard

2.1 i-node
Inode is a data structure on a traditional Unix-style file system such as U/9. An inode stores %asic information a%out a regular file, directory, or other file system o%Kect. A file:s inode num%er can %e found using the ls -i command. The ls -l command displays some of the inode contents for each file.

2.1 Hard link

ln file2 file, reates a hard link named file, which refers to the same file2 i-node as

2.1 Soft link

ln -s file2 file, reates a soft link named file, which refers to the file named filel

Example 2.1
2. nano original 7ake a file named original in your home directory. Hou can write some lines of texts f.ex your name , phonenum%er and address. ,. ln -s original orisoft reate a soft link orisoft. .. ln original orihard reate a hard link named orihard to original. ;. ls -i =>2;,2<, orisoft <. ls -lh total .,L -rw------- , kirsirat users -rw------- , kirsirat users lrwxrwxrwx 2 kirsirat users original .< Ao( .< Ao( ? Ao( ? 2@$2; original ? 2@$2; orihard ? 2@$22 orisoft -E =>2;,2;@ original =>2;,2;@ orihard

=. Add a few lines of text to the file called original f. ex your friendIs name and address. heck if you can see the additional lines of text also within the link files.

Part3. File system , security and links

;. Add some extra lines to Mrisoft. !ines can also %e seen in original and6or orihard. <. Felete the file named original. Mrisoft link %ecomes unusa%le, orihard is unchanged.

3. More basic commands 3.1 alias

alias nn='rm -i' alias mv='mv -i' alias cp='cp -i' When you issue the command nn at the command prompt you would in truth issue the command rm -i.

3.2 cat
cat - concatenate and print files

3.3 less
Less is a program similar to more, %ut which allows %ackward mo(ement in the file as well as forward mo(ement. Also, less does not ha(e to read the entire input file %efore starting, so with large input files it starts up faster than text editors like vi .

3.4 more
In computing, more is a command to (iew (%ut not modify" the contents of a text file one screen at a time (terminal pager". Mptions are typically entered %efore the file name, %ut can also %e entered in the en(ironment (aria%le 47MCD. Mptions entered in the actual command line will o(erride those entered in the 47MCD en(ironment (aria%le.

3.5 diff
9hows differences %etween two files.

3.6 wc
ounts lines (-l", words (-w" and characters (-c" from a file. Fefault is to list all.

E ample 3.1
2. cat E myfile this is something I Kust felt I needed

Part3. File system , security and links

to write here ctrl-F ,. nano anotherfile here is more stuff I had to write .. cat myfile writes the contents of the file myfile to standard output. ;. cat myfile anotherfile E %oth.files concatenates the files myfile and anotherfile and writes the result to %oth.files <. less %oth.files =. alias dogB:ls -la:

4. !acka"in" files 4.1 tarballs

In computing, tar (deri(ed from tape archi(e and commonly referred to as )tar%all)" is %oth a file format (in the form of a type of archi(e %itstream" and the name of a program used to handle such files. Hou can pack a group of files to a one file. tar command packs and unpacks depending on the options -c creates a new package -x unpacks existing package -f is needed to gi(e a name to the package tar command will not add an extension to file name %ut it is a common con(ention to name the packed files with the extension -tar 7ore options$ -r add files to an existing package -t list a tar file -( shows the files that were added to package or extracted from it -& the packed files are also compressed as tg& files or unpacking and compressing a tg& file

4.2 #ippin"

/iles can %e compressed to smaller si&e in %ytes. ommand g&ip can %e used for compression, gun&ip for extracting compressed files.

4 g&ip package.tar packs the tar%all to a new name package.tar.g& 4 gun&ip package.tar.g& for re(ersed action (package.tar"

Part3. File system , security and links

There are other commands that can %e used for compression like compress6uncompress, &ip6un&ip .tg& is e*ui(alent to .tar.g&

'

4.3 #less$ #cat

&less uses less to show contents of file packed with g&ip &cat uses cat to do the same

4.4 Lin% packa"e mana"ement system

!inux program installations and updates rely on packages and different distri%utions ha(e their own package management systems and packages. Fe%ian %ased like U%untu uses .de% packages, Ced +at %ased like /edora and open9U9D use rpm packages and there are other systems.

5. &eferences
[1] http://en. ikipedia.!r"/ iki/Filesystem#permissi!ns $1%.1%.1%&