DOCSLIB.ORG

Introducing UNIX

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Introducing UNIX CHAPTER 4 –FILE ATTRIBUTES File Attributes A file has a number of attributes that are changeable by certain well-defined rules These attributes are stored in the inode The inode is a structure saved in a special area of the hard disk The -l option of the ls command provides a comprehensive look at the files and their attributes $ ls -l total 184 -rw------- 1 raed nes 140 Jan 27 17:08 foo2 drwxr-x--x 3 raed nes 512 Jan 29 23:19 public_html/ -rw------- 1 raed nes 92 Jan 27 16:59 typescript The above listing is the output of ls which is referred to as long listing in UNIX lingo. The list shows seven labeled fields in nine columns and filenames are ordered in ASCII collating sequence. Each field represents a file attribute, and all these attributes (except the filename) are stored in the inode A directory is a file. How can you display its attributes, not the attributes of its content ? Listing File Attributes - Example owner # links group Mod. date name Permissions in the order u,g,o Size in bytes Type: directory or not? Users and Groups Permissions and security in a Unix environment is based on the concept of users and groups Everyone who uses a Unix account is given a username and password that identifies them to the system. Usernames and passwords are stored in /etc/passwd or in an encrypted /etc/shadow file. Every user may also belong to one or more groups. A group is a way of logically collecting users together and granting or denying permissions to the entire group. It makes life easier. File Attributes (contd) Type and Permissions The first columns of the first field shows the file type. hyphen (-): ordinary file d: directory l: symbolic link (coming up…) The remaining nine characters are file permissions Links The second field indicates the number of links associated with the file. UNIX lets a file have multiple names, and each name is interpreted as a link. File Attributes (contd) Ownership and Group Ownership The third field shows the owner of the files (every file has an owner) A user, may also belong to a group, and the fourth field shows the group owner of the files. The owner of the file can tamper with a file in every possible way – a privilege that is also available to the root user. Size The fifth field shows the field size in bytes. This actually represent the character count and not disk space consumption of the file. The kernel allocates space in block of 1024 byte or more, so even though a file may contain 140 bytes, it could occupy 1024 bytes. File Attributes (contd) Last Modification Time The sixth field displays the last modification time in three columns – a time stamp that is stored to the nearest second. The year is displayed if more than a year has elapsed since the file was last modified Filename The last field displays the filename which can be up to 255 character long. The list is ordered in ASCII collated sequence according to the filename File Permissions A file has three types of permissions (read, write and execute abbreviated as rwx). Available to three categories of users (user, group and others). Each category contains three slots representing read, write, and execute permissions The – means the absence of the corresponding permission Only file owner or superuser can change file permissions. Significance of permissions different for file and directory. Permissions: The rwx Block Permissions block The permsions block consists of 9 spots --------- The first 3 indicate the user, the next 3 the group, and the last 3 other An r indicates read permission, a w write permission, and an x execute premission for that user, group, or other. For example, rw-r--r-- indicates that the user can read or write the file wheras the group and others can only read it. Changing File Permission The command chmod is used to change file permissions user=owner in the this section Syntax chmod [-R] mode file… -R: apply permission recursively to every file and subdirectory The mode can be represented in two ways Relative: specify changes to the current permissions Absolute: specify the final permissions Recall that only the file owner can change the permission (and of course the root) Relative Permissions Changes the permissions specified in the mode and leaves other permissions unchanged The mode contains three components Category: The category can be u for owner, g for group, or o for other. You can also place them together. For example, ug will set for both user and group. Operation The operation can be +,-, or = + adds a permission, - takes it away, and = sets it as given and may remove permissions Permission Rwx Examples chmod u+x foo chmod u-x foo chmod ugo+x foo If all categories are used, you can set them all by a chmod a+x foo (or just +x chmod =x foo) chmod uo-rx foo What if each category needs different final permission Either two separate commands Or separate permissions by comma chmod u-x, go+r foo Absolute Permissions The = operator can perform a limited form of absolute assignmnet It only assigns the specified permission and removes the others chmod ugo=r foo You can’t set all nine bits explicitly Absolute permissions can assign any combination to the nine permission bits using octal numbers The chmod command can work with the following format using octal digits (0-7): chmod ### fname The digits have the following meaning: 4 read (100) 2 write (010) 1 execute (001) To get mixed priviliges, add the numbers. chmod 777 myfile grants full permissions chmod 660 myfile grants read and write permission to the owner and group chmod 000 myfile no permission for all Can we delete a file with permission 000? Can we prevent a file with permission 777 from being deleted? Directory permissions come to play now Directory Permissions Read permission read permission for a directory means that the list of filenames stored in that directory is accessible ls won’t work id no read permission for a directory. However, this doesn’t prevent you from reading a file if you know its name Write Permission It implies that you are permitted to create or remove files in it Directory W off; Files W On File can be edited; but can not be deleted Directory W On; File W Off Files can not be modified; but can be deleted Directory W Off; Files W Off Safest of all; neither can edit a file nor create or delete it Execute permissions Determine if you can pass through a directory to its subdirectories or cd to it Usually referred to as search permission (a directory has to be searched for the next directory in the path System security depends heavily on execute permission of directories Default File and Directory Permissions All files are created with a default set of permissions The UNIX system has the following default permission on files or directories: rw-rw-rw- (octal 666) for regular files rwxrwxrwx (octal 777) for directories The default permissions are affected by the umask value The umask is an octal number that is subtracted from the system’s default values to get the actual permission at creation time umask value is displayed by the command umask (default 022) To change the umask value use the command umask new_value This new value will be used next times to be subtracted from the default values File Systems and Inodes All files systems have a directory structure headed by root Every file is associated with a table called inode (index node) The inode is accessed by inode number and contains the following attributes: File Type (regular, directory, device, etc) File Permissions (The nine permissions and three more) Number of links The UID of the owner The GID of the group owner File size in bytes Date/Time of last modification Date/Time of last access Date/Time of last change of the inode An array of pointers that keep track of all disk blocks used by the file Note: the inode does not store the name of the file or the inode number. Both attributes are stored in the directory the inode number for a file is unique in a single file system (displayed by ls –i) Creating Hard Links A file can have multiple filenames (more than one link) In the Unix file system, files are uniquely identified by their inode number The inode number of a file can be found using the ls -i command A hard link exists when two names in the file system point to exact same inode. This accounts for the link number in the ls -l listing. A hard link can be created by using the command ln exitingFile newName. This will associate two name to one file. The data exists only once Any update made to one link is seen on the other(s) The rm command works by deleting the name and reducing the link count. It only clears the inode when the last links has been removed. Symbolic or Soft Links Hard links cannot exist across two file systems and you cannot link a directory. However, these limitations can be overcome by symbolic links (fourth type of file types) A soft symbolic link is a directory entry that points to another file. It has its own inode # and does not show up in the number of links. It essentially behaves as its own file. Kind of like a shortcut in windows.
Load more

Recommended publications
  • Configuring UNIX-Specific Settings: Creating Symbolic Links : Snap
    Configuring UNIX-specific settings: Creating symbolic links Snap Creator Framework NetApp September 23, 2021 This PDF was generated from https://docs.netapp.com/us-en/snap-creator- framework/installation/task_creating_symbolic_links_for_domino_plug_in_on_linux_and_solaris_hosts.ht ml on September 23, 2021. Always check docs.netapp.com for the latest. Table of Contents Configuring UNIX-specific settings: Creating symbolic links . 1 Creating symbolic links for the Domino plug-in on Linux and Solaris hosts. 1 Creating symbolic links for the Domino plug-in on AIX hosts. 2 Configuring UNIX-specific settings: Creating symbolic links If you are going to install the Snap Creator Agent on a UNIX operating system (AIX, Linux, and Solaris), for the IBM Domino plug-in to work properly, three symbolic links (symlinks) must be created to link to Domino’s shared object files. Installation procedures vary slightly depending on the operating system. Refer to the appropriate procedure for your operating system. Domino does not support the HP-UX operating system. Creating symbolic links for the Domino plug-in on Linux and Solaris hosts You need to perform this procedure if you want to create symbolic links for the Domino plug-in on Linux and Solaris hosts. You should not copy and paste commands directly from this document; errors (such as incorrectly transferred characters caused by line breaks and hard returns) might result. Copy and paste the commands into a text editor, verify the commands, and then enter them in the CLI console. The paths provided in the following steps refer to the 32-bit systems; 64-bit systems must create simlinks to /usr/lib64 instead of /usr/lib.
    [Show full text]
  • IT1100 : Introduction to Operating Systems Chapter 15 What Is a Partition? What Is a Partition? Linux Partitions What Is Swap? M
    IT1100 : Introduction to Operating Systems Chapter 15 What is a partition? A partition is just a logical division of your hard drive. This is done to put data in different locations for flexibility, scalability, ease of administration, and a variety of other reasons. One reason might be so you can install Linux and Windows side-by-side. What is a partition? Another reason is to encapsulate your data. Keeping your system files and user files separate can protect one or the otherfrom malware. Since file system corruption is local to a partition, you stand to lose only some of your data if an accident occurs. Upgrading and/or reformatting is easier when your personal files are stored on a separate partition. Limit data growth. Runaway processes or maniacal users can consume so much disk space that the operating system no longer has room on the hard drive for its bookkeeping operations. This will lead to disaster. By segregating space, you ensure that things other than the operating system die when allocated disk space is exhausted. Linux Partitions In Linux, a minimum of 1 partition is required for the / . Mounting is the action of connecting a filesystem/partition to a particular point in the / root filesystem. I.e. When a usb stick is inserted, it is assigned a particular mount point and is available to the filesytem tree. - In windows you might have an A:, or B:, or C:, all of which point to different filesystems. What is Swap? If RAM fills up, by running too many processes or a process with a memory leak, new processes will fail if your system doesn’t have a way to extend system memory.
    [Show full text]
  • NTFS • Windows Reinstallation – Bypass ACL • Administrators Privilege – Bypass Ownership
    Windows Encrypting File System Motivation • Laptops are very integrated in enterprises… • Stolen/lost computers loaded with confidential/business data • Data Privacy Issues • Offline Access – Bypass NTFS • Windows reinstallation – Bypass ACL • Administrators privilege – Bypass Ownership www.winitor.com 01 March 2010 Windows Encrypting File System Mechanism • Principle • A random - unique - symmetric key encrypts the data • An asymmetric key encrypts the symmetric key used to encrypt the data • Combination of two algorithms • Use their strengths • Minimize their weaknesses • Results • Increased performance • Increased security Asymetric Symetric Data www.winitor.com 01 March 2010 Windows Encrypting File System Characteristics • Confortable • Applying encryption is just a matter of assigning a file attribute www.winitor.com 01 March 2010 Windows Encrypting File System Characteristics • Transparent • Integrated into the operating system • Transparent to (valid) users/applications Application Win32 Crypto Engine NTFS EFS &.[ßl}d.,*.c§4 $5%2=h#<.. www.winitor.com 01 March 2010 Windows Encrypting File System Characteristics • Flexible • Supported at different scopes • File, Directory, Drive (Vista?) • Files can be shared between any number of users • Files can be stored anywhere • local, remote, WebDav • Files can be offline • Secure • Encryption and Decryption occur in kernel mode • Keys are never paged • Usage of standardized cryptography services www.winitor.com 01 March 2010 Windows Encrypting File System Availibility • At the GUI, the availibility
    [Show full text]
  • UNIX Cheat Sheet – Sarah Medland Help on Any Unix Command List a Directory Change to Directory Make a New Directory Remove A
    THE 2013 INTERNATIONAL WORKSHOP ON STATISTICAL METHODOLOGY FOR HUMAN GENOMIC STUDIES UNIX cheat sheet – Sarah Medland Help on any Unix command man {command} Type man ls to read the manual for the ls command. which {command} Find out where a program is installed whatis {command} Give short description of command. List a directory ls {path} ls -l {path} Long listing, with date, size and permisions. ls -R {path} Recursive listing, with all subdirs. Change to directory cd {dirname} There must be a space between. cd ~ Go back to home directory, useful if you're lost. cd .. Go back one directory. Make a new directory mkdir {dirname} Remove a directory/file rmdir {dirname} Only works if {dirname} is empty. rm {filespec} ? and * wildcards work like DOS should. "?" is any character; "*" is any string of characters. Print working directory pwd Show where you are as full path. Copy a file or directory cp {file1} {file2} cp -r {dir1} {dir2} Recursive, copy directory and all subdirs. cat {newfile} >> {oldfile} Append newfile to end of oldfile. Move (or rename) a file mv {oldfile} {newfile} Moving a file and renaming it are the same thing. View a text file more {filename} View file one screen at a time. less {filename} Like more , with extra features. cat {filename} View file, but it scrolls. page {filename} Very handy with ncftp . nano {filename} Use text editor. head {filename} show first 10 lines tail {filename} show last 10 lines Compare two files diff {file1} {file2} Show the differences. sdiff {file1} {file2} Show files side by side. Other text commands grep '{pattern}' {file} Find regular expression in file.
    [Show full text]
  • Introduction to Linux – Part 1
    Introduction to Linux – Part 1 Brett Milash and Wim Cardoen Center for High Performance Computing May 22, 2018 ssh Login or Interactive Node kingspeak.chpc.utah.edu Batch queue system … kp001 kp002 …. kpxxx FastX ● https://www.chpc.utah.edu/documentation/software/fastx2.php ● Remote graphical sessions in much more efficient and effective way than simple X forwarding ● Persistence - can be disconnected from without closing the session, allowing users to resume their sessions from other devices. ● Licensed by CHPC ● Desktop clients exist for windows, mac, and linux ● Web based client option ● Server installed on all CHPC interactive nodes and the frisco nodes. Windows – alternatives to FastX ● Need ssh client - PuTTY ● http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html - XShell ● http://www.netsarang.com/download/down_xsh.html ● For X applications also need X-forwarding tool - Xming (use Mesa version as needed for some apps) ● http://www.straightrunning.com/XmingNotes/ - Make sure X forwarding enabled in your ssh client Linux or Mac Desktop ● Just need to open up a terminal or console ● When running applications with graphical interfaces, use ssh –Y or ssh –X Getting Started - Login ● Download and install FastX if you like (required on windows unless you already have PuTTY or Xshell installed) ● If you have a CHPC account: - ssh [email protected] ● If not get a username and password: - ssh [email protected] Shell Basics q A Shell is a program that is the interface between you and the operating system
    [Show full text]
  • Humidity Definitions
    ROTRONIC TECHNICAL NOTE Humidity Definitions 1 Relative humidity Table of Contents Relative humidity is the ratio of two pressures: %RH = 100 x p/ps where p is 1 Relative humidity the actual partial pressure of the water vapor present in the ambient and ps 2 Dew point / Frost the saturation pressure of water at the temperature of the ambient. point temperature Relative humidity sensors are usually calibrated at normal room temper - 3 Wet bulb ature (above freezing). Consequently, it generally accepted that this type of sensor indicates relative humidity with respect to water at all temperatures temperature (including below freezing). 4 Vapor concentration Ice produces a lower vapor pressure than liquid water. Therefore, when 5 Specific humidity ice is present, saturation occurs at a relative humidity of less than 100 %. 6 Enthalpy For instance, a humidity reading of 75 %RH at a temperature of -30°C corre - 7 Mixing ratio sponds to saturation above ice. by weight 2 Dew point / Frost point temperature The dew point temperature of moist air at the temperature T, pressure P b and mixing ratio r is the temperature to which air must be cooled in order to be saturated with respect to water (liquid). The frost point temperature of moist air at temperature T, pressure P b and mixing ratio r is the temperature to which air must be cooled in order to be saturated with respect to ice. Magnus Formula for dew point (over water): Td = (243.12 x ln (pw/611.2)) / (17.62 - ln (pw/611.2)) Frost point (over ice): Tf = (272.62 x ln (pi/611.2)) / (22.46 -
    [Show full text]
  • Active @ UNDELETE Users Guide | TOC | 2
    Active @ UNDELETE Users Guide | TOC | 2 Contents Legal Statement..................................................................................................4 Active@ UNDELETE Overview............................................................................. 5 Getting Started with Active@ UNDELETE........................................................... 6 Active@ UNDELETE Views And Windows......................................................................................6 Recovery Explorer View.................................................................................................... 7 Logical Drive Scan Result View.......................................................................................... 7 Physical Device Scan View................................................................................................ 8 Search Results View........................................................................................................10 Application Log...............................................................................................................11 Welcome View................................................................................................................11 Using Active@ UNDELETE Overview................................................................. 13 Recover deleted Files and Folders.............................................................................................. 14 Scan a Volume (Logical Drive) for deleted files..................................................................15
    [Show full text]
  • File Formats
    man pages section 4: File Formats Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. Part No: 817–3945–10 September 2004 Copyright 2004 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved. This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, docs.sun.com, AnswerBook, AnswerBook2, and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. The OPEN LOOK and Sun™ Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering efforts of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, which license also covers Sun’s licensees who implement OPEN LOOK GUIs and otherwise comply with Sun’s written license agreements.
    [Show full text]
  • File Manager Manual
    FileManager Operations Guide for Unisys MCP Systems Release 9.069W November 2017 Copyright This document is protected by Federal Copyright Law. It may not be reproduced, transcribed, copied, or duplicated by any means to or from any media, magnetic or otherwise without the express written permission of DYNAMIC SOLUTIONS INTERNATIONAL, INC. It is believed that the information contained in this manual is accurate and reliable, and much care has been taken in its preparation. However, no responsibility, financial or otherwise, can be accepted for any consequence arising out of the use of this material. THERE ARE NO WARRANTIES WHICH EXTEND BEYOND THE PROGRAM SPECIFICATION. Correspondence regarding this document should be addressed to: Dynamic Solutions International, Inc. Product Development Group 373 Inverness Parkway Suite 110, Englewood, Colorado 80112 (800)641-5215 or (303)754-2000 Technical Support Hot-Line (800)332-9020 E-Mail: [email protected] ii November 2017 Contents ................................................................................................................................ OVERVIEW .......................................................................................................... 1 FILEMANAGER CONSIDERATIONS................................................................... 3 FileManager File Tracking ................................................................................................ 3 File Recovery ....................................................................................................................
    [Show full text]
  • Cygwin User's Guide
    Cygwin User’s Guide Cygwin User’s Guide ii Copyright © Cygwin authors Permission is granted to make and distribute verbatim copies of this documentation provided the copyright notice and this per- mission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this documentation under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this documentation into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the Free Software Foundation. Cygwin User’s Guide iii Contents 1 Cygwin Overview 1 1.1 What is it? . .1 1.2 Quick Start Guide for those more experienced with Windows . .1 1.3 Quick Start Guide for those more experienced with UNIX . .1 1.4 Are the Cygwin tools free software? . .2 1.5 A brief history of the Cygwin project . .2 1.6 Highlights of Cygwin Functionality . .3 1.6.1 Introduction . .3 1.6.2 Permissions and Security . .3 1.6.3 File Access . .3 1.6.4 Text Mode vs. Binary Mode . .4 1.6.5 ANSI C Library . .4 1.6.6 Process Creation . .5 1.6.6.1 Problems with process creation . .5 1.6.7 Signals . .6 1.6.8 Sockets . .6 1.6.9 Select . .7 1.7 What’s new and what changed in Cygwin . .7 1.7.1 What’s new and what changed in 3.2 .
    [Show full text]
  • Where Do You Want to Go Today? Escalating
    Where Do You Want to Go Today? ∗ Escalating Privileges by Pathname Manipulation Suresh Chari Shai Halevi Wietse Venema IBM T.J. Watson Research Center, Hawthorne, New York, USA Abstract 1. Introduction We analyze filename-based privilege escalation attacks, In this work we take another look at the problem of where an attacker creates filesystem links, thereby “trick- privilege escalation via manipulation of filesystem names. ing” a victim program into opening unintended files. Historically, attention has focused on attacks against priv- We develop primitives for a POSIX environment, provid- ileged processes that open files in directories that are ing assurance that files in “safe directories” (such as writable by an attacker. One classical example is email /etc/passwd) cannot be opened by looking up a file by delivery in the UNIX environment (e.g., [9]). Here, an “unsafe pathname” (such as a pathname that resolves the mail-delivery directory (e.g., /var/mail) is often through a symbolic link in a world-writable directory). In group or world writable. An adversarial user may use today's UNIX systems, solutions to this problem are typ- its write permission to create a hard link or symlink at ically built into (some) applications and use application- /var/mail/root that resolves to /etc/passwd. A specific knowledge about (un)safety of certain directories. simple-minded mail-delivery program that appends mail to In contrast, we seek solutions that can be implemented in the file /var/mail/root can have disastrous implica- the filesystem itself (or a library on top of it), thus providing tions for system security.
    [Show full text]
  • Unix/Linux Command Reference
    Unix/Linux Command Reference .com File Commands System Info ls – directory listing date – show the current date and time ls -al – formatted listing with hidden files cal – show this month's calendar cd dir - change directory to dir uptime – show current uptime cd – change to home w – display who is online pwd – show current directory whoami – who you are logged in as mkdir dir – create a directory dir finger user – display information about user rm file – delete file uname -a – show kernel information rm -r dir – delete directory dir cat /proc/cpuinfo – cpu information rm -f file – force remove file cat /proc/meminfo – memory information rm -rf dir – force remove directory dir * man command – show the manual for command cp file1 file2 – copy file1 to file2 df – show disk usage cp -r dir1 dir2 – copy dir1 to dir2; create dir2 if it du – show directory space usage doesn't exist free – show memory and swap usage mv file1 file2 – rename or move file1 to file2 whereis app – show possible locations of app if file2 is an existing directory, moves file1 into which app – show which app will be run by default directory file2 ln -s file link – create symbolic link link to file Compression touch file – create or update file tar cf file.tar files – create a tar named cat > file – places standard input into file file.tar containing files more file – output the contents of file tar xf file.tar – extract the files from file.tar head file – output the first 10 lines of file tar czf file.tar.gz files – create a tar with tail file – output the last 10 lines
    [Show full text]