intro unix/linux 09

  • 2,371 views
Uploaded on

setting and using permissions

setting and using permissions

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • thanks...Good work
    Are you sure you want to
    Your message goes here
    Be the first to like this
No Downloads

Views

Total Views
2,371
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
290
Comments
1
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Lesson 9-Setting and Using Permissions
  • 2. Overview
    • Describing file permissions.
    • Using execute permissions with a file.
    • Changing file permissions using mnemonics.
    • Changing file permissions numerically.
  • 3. Overview
    • Changing permissions for group and other.
    • Exploring the effect of granting different permissions.
    • Modifying directory permissions.
    • Setting permissions when files and directories are created.
    • Examining the impact of umask on other operations.
  • 4. Describing File Permissions
    • The permissions read, write, and execute govern access to files and directories.
    • The owner can modify the permissions on a file for three classes of users.
    • The owner or user, the members of the owner’s group, and other users are the three classes of users.
  • 5. Describing File Permissions
    • Examining the permissions field.
    • Employing read and write permissions.
    • Changing permissions for a file to read only.
    • Changing permissions for a file to write only.
  • 6. Examining the Permissions Field
    • The “ls –l” command displays the permissions for regular files and directories.
    • Every slot in the permissions field is occupied by either a dash or a letter.
    • A minus sign indicates that a particular permission is denied.
    • The “t” field in the directory permissions is a special permission called the sticky bit.
  • 7. Examining the Permissions Field
    • The first slot indicates whether the listing is for a directory, a plain file, or a special UNIX file.
    • A “c” or “b” at the beginning of many permissions fields indicates whether the device processes data in units of single characters or in whole blocks.
    • The remainder of the permissions field is divided into three sets of three slots each.
  • 8. Examining the Permissions Field Permission Field For Users
  • 9. Examining the Permissions Field
    • File permissions:
      • An owner has full powers over the assignment of permissions to self, its group members, and others.
      • The rwx value for the first slot indicates that the user has read, write, and execute permissions for the file.
      • Every file has an associated permissions field for user, group, and all others on the system.
  • 10. Employing Read and Write Permissions
    • To access the contents of a file, a user must have read permissions for that file.
    • To make changes to or modify a file, a user needs write permissions for that file.
  • 11. Changing Permissions for a File to Read Only Assigning Read Only Permission
  • 12. Changing Permissions for a File to Write Only Assigning Write Permission
  • 13. Using Execute Permissions with a File
    • The “vi” editor can be used for creating a shell script.
    • The “source” command in the C shell and the “dot” (.) command in the Korn or Bourne shell instruct the shell to read the file and execute each commands in it.
    • The process id (PID) of the current shell can be determined with the help of the “$$” sign.
  • 14. Using Execute Permissions with a File
    • A file with the appropriate execute permission can run a shell script like any other UNIX command by typing its name and pressing the ENTER key.
    • The “+x” option instructs chmod to grant execute permission for a file.
    • When a script is run by entering its name, the current shell starts a child shell that reads the script file and runs the listed commands.
  • 15. Using Execute Permissions with a File
    • The read permission is sufficient when sourcing a script, because the current shell needs to read it.
    • A user must have both, execute and read permissions, to run a script in a child process.
    • Only the owner of a file or directory can modify the permissions that are attached to it.
  • 16. Changing File Permissions Using Mnemonics
    • The “chmod” command can accept permission settings in the form of letter arguments or numbers.
    • The mnemonic assignment method allows a user to set permissions for each type of user in several ways.
  • 17. Changing File Permissions Using Mnemonics
    • Assigning specific permissions.
    • Adding and deleting permissions.
  • 18. Assigning Specific Permissions Assigning All Permissions to All Users
  • 19. Assigning Specific Permissions Assigning Specific Permissions to Specific Users
  • 20. Adding and Deleting Permissions Denying Specific Permission to Specific Users
  • 21. Changing File Permissions Numerically
    • Numbers can also be used for conveying permissions information for all the three types of users.
    • The number 700 specifies the rwx permissions only for the owner of a file.
    • The numerical approach allows a user to specify the exact permissions to be granted regardless of the current permission.
  • 22. Changing File Permissions Numerically
    • Combination permissions are specified using the sum of the values for the specific permissions.
    • The primitives (0, 1, 2, and 4) can be added to grant any combination of permissions.
    • The combination of the three numbers 1, 2, and 4 can be used to express the eight possible combinations of execute, write, and read permissions.
  • 23. Changing File Permissions Numerically Numerical Combination of Permissions
  • 24. Changing File Permissions Numerically Permission Values
  • 25. Changing File Permissions Numerically Basic File Permissions
  • 26. Changing Permissions for Group and Other
    • Permissions are usually most restrictive for other, less so for group, and least restrictive for the owner of a file.
    • The process of determining the impact of permissions for a file or directory begins with the determination of the owner of the file, followed by all sets of permissions assigned to it.
  • 27. Exploring the Effect of Granting Different Permissions
    • Changing the permissions of a file does not impact the current directory or the inode.
    • The permissions of a file are recorded in the inode.
    • Write permissions are required for removing a file.
  • 28. Modifying Directory Permissions
    • Directories have the same kind of permissions fields as regular files, except that there is a “d” in the leftmost position.
    • Permissions are assigned to directories with the same letters and numbers that assign permissions to files.
    • Directories are special files containing the name of each file or directory along with its associated inode number.
  • 29. Modifying Directory Permissions
    • Using permissions to control directory access.
    • Listing the files in a directory.
    • Denying write permissions for a directory.
    • Examining the need for execute permissions.
    • Changing permissions for files in all subdirectories.
    • Identifying other system permissions.
  • 30. Using Permissions to Control Directory Access
    • The owner of a directory has the power and responsibility for setting the directory access permissions.
    • Like file permissions, directory permissions include read, write, and execute.
    • The “d” option instructs ls to provide a listing of information about the directory.
  • 31. Using Permissions to Control Directory Access
    • The inode contains all the information about a file, including permissions, owner, date of creation, links, and addresses of data blocks on the hard drive where the file’s content resides.
    • A file is accessed by first retrieving its inode number, then examining its permissions, accessing the data block addresses, and then accessing the file itself.
  • 32. Listing the Files in a Directory
    • Permissions for a directory are contained in the inode listed next to the current directory.
    • Permissions for files are listed in the inodes listed next to the filenames in the current directory.
    • Read permissions are required for reading the directory contents as well as to get a listing of its files.
  • 33. Denying Write Permissions for a Directory
    • Write permissions must be granted before a user can modify the contents of the file or directory.
    • A new file cannot be added or an existing file cannot be removed if appropriate write permissions are not assigned.
  • 34. Examining the Need for Execute Permissions
    • Execute permissions have a different impact on a directory than on a file.
    • A directory cannot be listed if it does not have execute permissions.
    • A file cannot be accessed if the directory does not have execute permissions.
  • 35. Examining the Need for Execute Permissions
    • The files in a subdirectory within the parent directory cannot be accessed if there are no execute permissions on the parent directory.
    • With only execute permission on a directory, a user can “cd” into it, but cannot get a listing of its files.
    • The permissions on directories are specified for user, group, and other in the same fields of the long listing that are associated with file permissions.
  • 36. Changing Permissions for Files in all Subdirectories
    • The “chmod” utility can be used to change the permissions for all files in a directory and even for all its subdirectories.
    • The “–R” option, when specified with the chmod utility, allows permissions to be applied recursively to all child directories and files encountered.
  • 37. Identifying Other System Permissions
    • The “s” and “t” are some of the permissions that can only be set by the super user.
    • The executable passwd file is a program that users run to change their passwords.
    • Encrypted passwords are kept in the password file /etc/passwd or in /etc/shadow, depending on the system.
    • Ordinary users do not have write permissions on the password files.
  • 38. Identifying Other System Permissions
    • The root user has “s” and “r” permissions on the passwd file, where s in the owner field indicates that anyone who has permission to execute the program executes it, the program runs as though root is running it.
    • When an ordinary user runs passwd, the s tells the system that while running the passwd program, the user has root’s identity.
  • 39.
    • The group ID of the program needs to be turned on if an administrator wishes to restrict users from executing specific programs.
    • A “t” in the last permission slot for a directory puts limits on who can remove files.
    Identifying Other System Permissions
  • 40. Identifying Other System Permissions
    • A user cannot remove a file even though they have write permissions on the directory.
    • The t bit is a sticky bit, which, when set, permits only the owner of a file to delete or change the name of the file in the directory.
  • 41. Setting Permissions when Files and Directories are Created
    • The three ways of creating files in UNIX are:
      • By copying an existing file.
      • Using a “tee” utility.
      • Redirection from a shell command.
  • 42. Setting Permissions when Files and Directories are Created
    • Examining the default permissions.
    • Specifying default permissions for directories with umask.
  • 43. Examining the Default Permissions
    • The operating system initially sets permissions for the owner as read and write when a file is created.
    • These default permission settings are determined by the umask value.
    • The umask value determines which permissions are masked from being set.
  • 44. Examining the Default Permissions
    • The umask setting determines the value of permissions for new files as they are created.
    • Changing the umask has no effect on an existing file.
    • The umask setting is initially determined by default on the system, but can be modified from the shell command-line.
  • 45. Specifying Default Permissions for Directories with umask
    • A directory created while umask is 000 has full permissions granted to user, group, and other.
    • A directory once created with umask can be modified with the chmod command.
  • 46. Specifying Default Permissions for Directories with umask Umask Values
  • 47. Examining the Impact of umask on Other Operations
    • The value of umask determines the initial permissions when files and directories are created.
    • The “cp” command directly copies the permissions of the source file to the destination file if the umask is not set.
    • The “–p” option, when specified, instructs the cp utility to ignore the umask when copying files.
  • 48. Examining the Impact of umask on Other Operations
    • The “cat” utility can also be used for duplicating a file with the original permissions without applying the umask effect.
    • The shell follows umask instructions when creating files.
    • Permissions are added up to the limit set by umask when mnemonic arguments are used for specifying permissions in the chmod command.
  • 49. Summary
    • Read permission is needed to access a file’s contents with a utility.
    • Write and execute permissions are required for adding a file, removing a file, or changing a file’s name in a directory.
    • A user must have the execute permission to cd into a directory or include the directory in a path.
  • 50. Summary
    • Letters or numbers can be used for specifying permissions information in the chmod command.
    • Read and execute permissions are required by a script file to execute as a child process.
    • Files and directories are granted initial permissions at creation determined by the umask setting at the time that the file or directory is created.