CIS 105 Working with directories

You have using directories in a Windows environment extensively. Often in Windows we are calling them folders. They are important in order to organize our files. It is best to make a “flat and wide” structure when we create directories. This assist the in finding the files you are seeking quicker, making the to the file shorter. The mkdir command is the same as it is in dos, except doesn’t give you the shortcut version using md mkdir mystuff From the PuTTy prompt, type the commands to the left mkdir ~/mystuff/morestuff Notice the ~ before the /mystuff/morestuff. Remember that the meaning of the ~ is the currently logged in users home . This saves a lot of keystrokes instead of typing /home/ddtest/mystuff/morestuff. You should also practice using the full path also. Add a directory under morestuff called fullpath using the absolute pathname. Create another directory under morestuff called (you make the directories) relative using the relative pathname. Change directories to the folder ~/mystuff/morestuff moresetuff and list the current directory structure ls –lR

Find out where you currently are in the path pwd Change directories to be at the root of your home directory (/home/username) cd ~

Removing directories is just as important as making directories. rmdir ~/mystuff/morestuff/fullpath The command at the left is using the full path, with an environmental variable (~) to remove the directory called fullpath.

To get rid of a directory and all of the child directories under it, use rm –r mystuff/morestuff Notice no confirmation, Linux just acts on what you request and the entire directory structure is deleted. Notice also that we did not use the ~/ before the directory mystuff. This is using the relative path.

We will now use the program winSCP to view and modify directories. This is a graphical display of the directory structure. If you have not installed it yet, then go to http://winscp.net/eng/download.php and download the winscp installation package. Install the package, accepting the defaults (typical install and Norton commander interface). Launch winscp. Click on new. Fill in the IP number, your username and . Click the Save button. Give the session a meaning full name to you.

CIS 105 Directories Page 1 of 5

Double-click on the session you just created. You should log on automatically because you have saved your userid and password (consider the security implications of this).

Notice the options at the bottom of the right pane – F7 will create a directory. If I select a directory or file, I can use the F2 to Rename, F4 to edit a text file (much easier than vi), F5 to Copy and F6 to Move. Linux just got a whole lot simpler.

Another really cool thing I can do here is move files from my Windows machine at the left over to a folder on my Linux machine to the right – and vice-versa.

How much cooler can it get?

Moving and Copying files: Now that we can create directories, it is time to play with the files again in the PuTTy terminal. Find out what our “present ” is. Use the pwd command to ensure you are in the root of your home directory (/home/userid) if not there, pwd change to this directory by using the command cd (space) ~ cd ~ Now create a new folder (or directory) to work in from our home directory. mkdir stuff Then create a new file to use by redirecting the output of the who command into a file called namelist who > namelist We can move that existing file using the command. mv namelist stuff

CIS 105 Directories Page 2 of 5

Check it got there. ls stuff It should display on the screen. Now we showed mix things up a bit by moving back to the WinSCP program. Move the file namelist back to the original directory in WinSCP by dragging and dropping the file into the root of your home directory

Making some copies of files cp namelist stuff/namelist Verify that there is a copy of the file namelist in both the stuff directory and in your home directory

Permissions Permissions is a very intricate part of directories and files in Linux. You can lock down directories and files very easily, and sometimes lock yourself out. Plan on spending a good amount of time to ensure you really understand this portion. To display the permissions of a file or directory ls –l This will list all the files in the present working directory along with the owner, group and permissions. Focus on one of the files ls –l namelist [ddtest@CIS105 ~]$ ls -l namelist -rw-rw-r-- 1 ddtest ddtest 226 Jan 22 11:38 namelist

In the permissions section, each position has a meaning and a number attached to it. We can tell this is a regular file because of the first – at the left. The other option would be a d for directory.

The next 9 characters define the file permissions. These permissions are given in groups of 3 each. The first 3 characters are the permissions for the owner of the file or directory. The next 3 are permissions for the group that the file is owned by, which by default is the same as the . The final 3 characters define the access permissions for everyone not part of the group. There are 3 possible attributes that make up file access permissions. r - Read permission. w - Write permission. x - Execute permission.

Each position is also assigned an octal number r = 4, w = 2, x = 1

For our file above – namelist, we can see that the user has read and write permissions (r4+w2 = 6), the group also has read and write (6) and all others have read permission (4). If we look at our permissions in WinSCP (right click the file and select properties, we can see our permissions and the octal representation of the permissions.

CIS 105 Directories Page 3 of 5

From the WinSCP screen, we can change permissions by simply checking the boxes, then clicking OK. We could also change the octal numbers to the proper permission sets and click ok. This is way too easy, so we should also know how to accomplish this when we only have a terminal or putty screen to mess with.

We use the command chmod. We must specify what group we are changing permissions for(u=user or owner, g=group or o=others, a=all groups), then use chmod a+x namelist the + or – with the proper permission to change the file permissions. chmod u–r namelist This removed the permission to read the file for the use, so also it removed the ls –l namelist ability to write to the file . If you check this with WinSCP, you will need to refresh the screen before checking the properties again.

The WinSCP interface is not continually checking for new information, so you must manually force it to check. To quickly allow all permissions to all users, use octal chmod 777 namelist To return the permissions to the “standard”, it is easiest to use the octal format chmod 664 namelist

Setuid and setgid permissions: We would only use these permissions to run a process as with elevated permissions

CIS 105 Directories Page 4 of 5

Setuid or SUID is a permission bit that can be set on a file or directory. Setting the suid bit on a file allows normal users to run that application with raised (usually ) privileges. Remember that when a user launches an application, that application runs with the same permissions as that user. This is one of the fundamental differences between Windows and Linux or Unix. In a Unix system a normal user does not have access to system files and therefore neither does any application (or virus or malware) that they may have launched. An example of a file that has the suid bit set in most cases is the /usr/bin/ application. You can see that the /usr/bin/passwd application has the suid bit set by the letter s in place of the user’s eXecutable bit. -rwsr-xr-x 1 root root 26680 May 10 13:44 passwd The passwd application allows users to change their own . In order to do so, it has to write to the etc/passwd file which contains all of the accounts on a GNU/Linux system. However, if the suid bit was not set on the passwd application then the passwd application would only have the rights of the user and therefore could not make changes to the etc/passwd file. Setting the suid bit on the passwd application allows it to run as the superuser and it can therefore write the new password to the etc/passwd file.

Directory Permissions Often we want to keep other users out of our home directory, though sometimes, like when you create a web page, you want to allow users into just one area of your home directory. This can be accomplished using the o+x permission on a directory. This allows “others” or anonymous users access to navigate to that folder. Check where you are before creating a new directory pwd Change to the root of your home directory if needed, then create a new directory mkdir public_html Change the permissions to allow access to all others chmod o+x public_html Change permissions to allow others to navigate to your public_html folder chmod o+x /home/username Replace username with your actual username. Create a small web page in vi vi public_html/index.html Type something appropriate to display to the world in here. Include your name. Save and close the file. See if it worked. In a web browser type in http://134.39.47.48/~username In the link to the left, replace username with your actual username. Mine would be http://134.39.47.48/~ddtest

Access Control Lists will allow other users to share your files. Share your namelist file with me. Look at the permissions first getfacl namelist Share it with me setfacl –m u:ddtest:rw- namelist Check your permissions again getfacl namelist It should show user ddtest has read and write permissions Check how it changed the display through the ls command ls –l namelist There is a + at the end noting that there are additional permissions assigned

CIS 105 Directories Page 5 of 5