CHAPTER 4 –FILE ATTRIBUTES File Attributes
A file has a number of attributes that are changeable by certain well-defined rules
These attributes are stored in the inode The inode is a structure saved in a special area of the hard disk
The -l option of the ls command provides a comprehensive look at the files and their attributes $ ls -l total 184 -rw------1 raed nes 140 Jan 27 17:08 foo2 drwxr-x--x 3 raed nes 512 Jan 29 23:19 public_html/ -rw------1 raed nes 92 Jan 27 16:59 typescript The above listing is the output of ls which is referred to as long listing in UNIX lingo. The list shows seven labeled fields in nine columns and filenames are ordered in ASCII collating sequence. Each field represents a file attribute, and all these attributes (except the filename) are stored in the inode
A directory is a file. How can you display its attributes, not the attributes of its content ?
Listing File Attributes - Example
owner # links group Mod. date name
Permissions in the order u,g,o Size in bytes Type: directory or not? Users and Groups
Permissions and security in a Unix environment is based on the concept of users and groups
Everyone who uses a Unix account is given a username and password that identifies them to the system. Usernames and passwords are stored in /etc/passwd or in an encrypted /etc/shadow file.
Every user may also belong to one or more groups.
A group is a way of logically collecting users together and granting or denying permissions to the entire group. It makes life easier. File Attributes (contd)
Type and Permissions The first columns of the first field shows the file type. hyphen (-): ordinary file d: directory l: symbolic link (coming up…) The remaining nine characters are file permissions
Links The second field indicates the number of links associated with the file. UNIX lets a file have multiple names, and each name is interpreted as a link.
File Attributes (contd)
Ownership and Group Ownership The third field shows the owner of the files (every file has an owner) A user, may also belong to a group, and the fourth field shows the group owner of the files. The owner of the file can tamper with a file in every possible way – a privilege that is also available to the root user. Size The fifth field shows the field size in bytes. This actually represent the character count and not disk space consumption of the file. The kernel allocates space in block of 1024 byte or more, so even though a file may contain 140 bytes, it could occupy 1024 bytes.
File Attributes (contd)
Last Modification Time The sixth field displays the last modification time in three columns – a time stamp that is stored to the nearest second. The year is displayed if more than a year has elapsed since the file was last modified Filename The last field displays the filename which can be up to 255 character long. The list is ordered in ASCII collated sequence according to the filename File Permissions
A file has three types of permissions (read, write and execute abbreviated as rwx).
Available to three categories of users (user, group and others). Each category contains three slots representing read, write, and execute permissions The – means the absence of the corresponding permission
Only file owner or superuser can change file permissions.
Significance of permissions different for file and directory.
Permissions: The rwx Block
Permissions block
The permsions block consists of 9 spots ------ The first 3 indicate the user, the next 3 the group, and the last 3 other An r indicates read permission, a w write permission, and an x execute premission for that user, group, or other. For example, rw-r--r-- indicates that the user can read or write the file wheras the group and others can only read it. Changing File Permission
The command chmod is used to change file permissions user=owner in the this section Syntax chmod [-R] mode file… -R: apply permission recursively to every file and subdirectory The mode can be represented in two ways Relative: specify changes to the current permissions Absolute: specify the final permissions Recall that only the file owner can change the permission (and of course the root)
Relative Permissions
Changes the permissions specified in the mode and leaves other permissions unchanged
The mode contains three components Category: The category can be u for owner, g for group, or o for other. You can also place them together. For example, ug will set for both user and group. Operation The operation can be +,-, or = + adds a permission, - takes it away, and = sets it as given and may remove permissions Permission Rwx
Examples chmod u+x foo chmod u-x foo chmod ugo+x foo If all categories are used, you can set them all by a chmod a+x foo (or just +x chmod =x foo) chmod uo-rx foo What if each category needs different final permission Either two separate commands Or separate permissions by comma chmod u-x, go+r foo Absolute Permissions
The = operator can perform a limited form of absolute assignmnet It only assigns the specified permission and removes the others chmod ugo=r foo You can’t set all nine bits explicitly
Absolute permissions can assign any combination to the nine permission bits using octal numbers
The chmod command can work with the following format using octal digits (0-7): chmod ### fname
The digits have the following meaning: 4 read (100) 2 write (010) 1 execute (001)
To get mixed priviliges, add the numbers. chmod 777 myfile grants full permissions chmod 660 myfile grants read and write permission to the owner and group chmod 000 myfile no permission for all
Can we delete a file with permission 000? Can we prevent a file with permission 777 from being deleted? Directory permissions come to play now
Directory Permissions
Read permission read permission for a directory means that the list of filenames stored in that directory is accessible ls won’t work id no read permission for a directory. However, this doesn’t prevent you from reading a file if you know its name
Write Permission It implies that you are permitted to create or remove files in it Directory W off; Files W On File can be edited; but can not be deleted Directory W On; File W Off Files can not be modified; but can be deleted Directory W Off; Files W Off Safest of all; neither can edit a file nor create or delete it
Execute permissions Determine if you can pass through a directory to its subdirectories or cd to it Usually referred to as search permission (a directory has to be searched for the next directory in the path System security depends heavily on execute permission of directories
Default File and Directory Permissions
All files are created with a default set of permissions The UNIX system has the following default permission on files or directories: rw-rw-rw- (octal 666) for regular files rwxrwxrwx (octal 777) for directories The default permissions are affected by the umask value The umask is an octal number that is subtracted from the system’s default values to get the actual permission at creation time umask value is displayed by the command umask (default 022) To change the umask value use the command umask new_value This new value will be used next times to be subtracted from the default values
File Systems and Inodes
All files systems have a directory structure headed by root
Every file is associated with a table called inode (index node)
The inode is accessed by inode number and contains the following attributes: File Type (regular, directory, device, etc) File Permissions (The nine permissions and three more) Number of links The UID of the owner The GID of the group owner File size in bytes Date/Time of last modification Date/Time of last access Date/Time of last change of the inode An array of pointers that keep track of all disk blocks used by the file
Note: the inode does not store the name of the file or the inode number. Both attributes are stored in the directory
the inode number for a file is unique in a single file system (displayed by ls –i) Creating Hard Links
A file can have multiple filenames (more than one link) In the Unix file system, files are uniquely identified by their inode number The inode number of a file can be found using the ls -i command A hard link exists when two names in the file system point to exact same inode. This accounts for the link number in the ls -l listing. A hard link can be created by using the command ln exitingFile newName. This will associate two name to one file. The data exists only once Any update made to one link is seen on the other(s) The rm command works by deleting the name and reducing the link count. It only clears the inode when the last links has been removed.
Symbolic or Soft Links
Hard links cannot exist across two file systems and you cannot link a directory.
However, these limitations can be overcome by symbolic links (fourth type of file types)
A soft symbolic link is a directory entry that points to another file. It has its own inode # and does not show up in the number of links. It essentially behaves as its own file. Kind of like a shortcut in windows.
To create a symbolic link use the command ln -s exitingFile newName File Ownership
The chmod and ln fails if you don’t have authority to use them (you don’t own the file) Privileges of the group are set by the owner of the file not by the group member
Each user in the system has a user-id (UID) and a group-id (GID) assigned by the administrator Shown in /etc/passwd and /etc/group The command id shows UID and GID also
A file has a UID and GID assigned
Changing File Ownership
Two commands: chown and chgrp
Two systems: BSD and SVR4
To know whether your system supports the BSD or SVR4 version of chown and chgrp, try changing the ownership with chown. If the command fails, you are using a BSD system. Solaris and Linux use the BSD system
Syntax: chown options owner[:group] file(s)
If you can copy a file (you have read permission) you become the owner of your copy but not the original file Changing Group Owner
By default, the group owner of the file is the group to which the owner belongs Can be changed by the command chgrp Syntax: chgrp options group file A user can change the group owner of a file only to a group to which he/she belongs If not, only the superuser can make the command work The owner can restore the previous group ownership, because he is still the owner Contrary to file ownership chown can be used to change both owner and group. You need to separate owner and group by a : The option –R can be used with both chown and chgrp to work recursively Modification and Access Times
Three timestamps are stored in an inode Time of last file modification (shown by ls –l) When updating a file Time of last access (shown by ls –lu) Read, write, or execute the file (for a directory, read only) Time of last inode modification (shown by ls –lc)
The command ls sort the output according to its ASCII values Adding –t option sort the output according to time Locating Files (find command)
It recursively examines a directory tree to look for files matching some criteria and take some action on the selected files
Syntax: find path_list selection_criteria action
Selection criteria is usually in the form –operator argument -name x: searches foe files whose names are x -inum number: searches for files whose inode is number See table 4.4 for more criteria
Action is usually to display the output on the screen (–print) You can list the selected files of find by using –ls action -exec option allows to run any UNIX command on the selected files