CHAPTER 4 –FILE ATTRIBUTES File Attributes A file has a number of attributes that are changeable by certain well-defined rules These attributes are stored in the inode The inode is a structure saved in a special area of the hard disk The -l option of the ls command provides a comprehensive look at the files and their attributes $ ls -l total 184 -rw------- 1 raed nes 140 Jan 27 17:08 foo2 drwxr-x--x 3 raed nes 512 Jan 29 23:19 public_html/ -rw------- 1 raed nes 92 Jan 27 16:59 typescript The above listing is the output of ls which is referred to as long listing in UNIX lingo. The list shows seven labeled fields in nine columns and filenames are ordered in ASCII collating sequence. Each field represents a file attribute, and all these attributes (except the filename) are stored in the inode A directory is a file. How can you display its attributes, not the attributes of its content ? Listing File Attributes - Example owner # links group Mod. date name Permissions in the order u,g,o Size in bytes Type: directory or not? Users and Groups Permissions and security in a Unix environment is based on the concept of users and groups Everyone who uses a Unix account is given a username and password that identifies them to the system. Usernames and passwords are stored in /etc/passwd or in an encrypted /etc/shadow file. Every user may also belong to one or more groups. A group is a way of logically collecting users together and granting or denying permissions to the entire group. It makes life easier. File Attributes (contd) Type and Permissions The first columns of the first field shows the file type. hyphen (-): ordinary file d: directory l: symbolic link (coming up…) The remaining nine characters are file permissions Links The second field indicates the number of links associated with the file. UNIX lets a file have multiple names, and each name is interpreted as a link. File Attributes (contd) Ownership and Group Ownership The third field shows the owner of the files (every file has an owner) A user, may also belong to a group, and the fourth field shows the group owner of the files. The owner of the file can tamper with a file in every possible way – a privilege that is also available to the root user. Size The fifth field shows the field size in bytes. This actually represent the character count and not disk space consumption of the file. The kernel allocates space in block of 1024 byte or more, so even though a file may contain 140 bytes, it could occupy 1024 bytes. File Attributes (contd) Last Modification Time The sixth field displays the last modification time in three columns – a time stamp that is stored to the nearest second. The year is displayed if more than a year has elapsed since the file was last modified Filename The last field displays the filename which can be up to 255 character long. The list is ordered in ASCII collated sequence according to the filename File Permissions A file has three types of permissions (read, write and execute abbreviated as rwx). Available to three categories of users (user, group and others). Each category contains three slots representing read, write, and execute permissions The – means the absence of the corresponding permission Only file owner or superuser can change file permissions. Significance of permissions different for file and directory. Permissions: The rwx Block Permissions block The permsions block consists of 9 spots --------- The first 3 indicate the user, the next 3 the group, and the last 3 other An r indicates read permission, a w write permission, and an x execute premission for that user, group, or other. For example, rw-r--r-- indicates that the user can read or write the file wheras the group and others can only read it. Changing File Permission The command chmod is used to change file permissions user=owner in the this section Syntax chmod [-R] mode file… -R: apply permission recursively to every file and subdirectory The mode can be represented in two ways Relative: specify changes to the current permissions Absolute: specify the final permissions Recall that only the file owner can change the permission (and of course the root) Relative Permissions Changes the permissions specified in the mode and leaves other permissions unchanged The mode contains three components Category: The category can be u for owner, g for group, or o for other. You can also place them together. For example, ug will set for both user and group. Operation The operation can be +,-, or = + adds a permission, - takes it away, and = sets it as given and may remove permissions Permission Rwx Examples chmod u+x foo chmod u-x foo chmod ugo+x foo If all categories are used, you can set them all by a chmod a+x foo (or just +x chmod =x foo) chmod uo-rx foo What if each category needs different final permission Either two separate commands Or separate permissions by comma chmod u-x, go+r foo Absolute Permissions The = operator can perform a limited form of absolute assignmnet It only assigns the specified permission and removes the others chmod ugo=r foo You can’t set all nine bits explicitly Absolute permissions can assign any combination to the nine permission bits using octal numbers The chmod command can work with the following format using octal digits (0-7): chmod ### fname The digits have the following meaning: 4 read (100) 2 write (010) 1 execute (001) To get mixed priviliges, add the numbers. chmod 777 myfile grants full permissions chmod 660 myfile grants read and write permission to the owner and group chmod 000 myfile no permission for all Can we delete a file with permission 000? Can we prevent a file with permission 777 from being deleted? Directory permissions come to play now Directory Permissions Read permission read permission for a directory means that the list of filenames stored in that directory is accessible ls won’t work id no read permission for a directory. However, this doesn’t prevent you from reading a file if you know its name Write Permission It implies that you are permitted to create or remove files in it Directory W off; Files W On File can be edited; but can not be deleted Directory W On; File W Off Files can not be modified; but can be deleted Directory W Off; Files W Off Safest of all; neither can edit a file nor create or delete it Execute permissions Determine if you can pass through a directory to its subdirectories or cd to it Usually referred to as search permission (a directory has to be searched for the next directory in the path System security depends heavily on execute permission of directories Default File and Directory Permissions All files are created with a default set of permissions The UNIX system has the following default permission on files or directories: rw-rw-rw- (octal 666) for regular files rwxrwxrwx (octal 777) for directories The default permissions are affected by the umask value The umask is an octal number that is subtracted from the system’s default values to get the actual permission at creation time umask value is displayed by the command umask (default 022) To change the umask value use the command umask new_value This new value will be used next times to be subtracted from the default values File Systems and Inodes All files systems have a directory structure headed by root Every file is associated with a table called inode (index node) The inode is accessed by inode number and contains the following attributes: File Type (regular, directory, device, etc) File Permissions (The nine permissions and three more) Number of links The UID of the owner The GID of the group owner File size in bytes Date/Time of last modification Date/Time of last access Date/Time of last change of the inode An array of pointers that keep track of all disk blocks used by the file Note: the inode does not store the name of the file or the inode number. Both attributes are stored in the directory the inode number for a file is unique in a single file system (displayed by ls –i) Creating Hard Links A file can have multiple filenames (more than one link) In the Unix file system, files are uniquely identified by their inode number The inode number of a file can be found using the ls -i command A hard link exists when two names in the file system point to exact same inode. This accounts for the link number in the ls -l listing. A hard link can be created by using the command ln exitingFile newName. This will associate two name to one file. The data exists only once Any update made to one link is seen on the other(s) The rm command works by deleting the name and reducing the link count. It only clears the inode when the last links has been removed. Symbolic or Soft Links Hard links cannot exist across two file systems and you cannot link a directory. However, these limitations can be overcome by symbolic links (fourth type of file types) A soft symbolic link is a directory entry that points to another file. It has its own inode # and does not show up in the number of links. It essentially behaves as its own file. Kind of like a shortcut in windows.