The UNIX File System CS465

1,772 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,772
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
222
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • File and Directory Names File and directory names can be up to 256 characters long! They may contain upper and lower case letters, numbers, and punctuation. Avoid using spaces, "/", ">" or "!" (these symbols make files difficult to manipulate). Remember that case does make a difference, i.e., the name "Memo" refers to a different file than "memo". You can use the underscore (_) or the period (.) to separate words in a file name, for example: vacation_memo. While "." is a valid character, placing it as the first character in a name is not recommended. Any file name that begins with a '.' is considered an "invisible" (hidden) file, and will not show up when you run the standard list files command (ls). Methods of seeing these files are discussed later on. Wildcards Wildcards are special symbols which allow you to specify matches to letters or letter sequences as part of a filename. Some examples: * matches zero or more characters $ ls *.dat lists all files ending in .dat $ ls r* lists all files starting with r Beware of the rm * command! ? matches one character $ ls ?.dat lists 5.dat, u.dat, but not 70.dat [ ] matches one of the characters inside the brackets $ ls *.[ch] lists all .h and .c files $ more [Rr][Ee][Aa][Dd][Mm][Ee] mores the files README, readme, ReadMe and Readme, among others
  • (Explain diagram.)
  • Try “cd”ing to each directory and list the files in each. For example... 1. cd /bin 2. ls 3. cd /dev 4. ls
  • Here are some examples of the “cd” command. Please try the following... 1. cd .. 2. pwd 3. cd .. 4. pwd 5. cd 6. pwd 7. cd / 8. pwd 9. cd home 10. pwd 11. cd user 12. pwd 13. cd ../ instructor 14. pwd 15. cd 16. pwd
  • Displaying Access Permissions UNIX supports access control. Every file and directory has associated with it ownership, and access permissions. Furthermore, one is able to specify those to whom the permissions apply. New users on a UNIX system are often unaware of file security (permissions). Without knowing it, they may leave sensitive information unprotected. Other users on their machine (or from the rest of the world) may access and sometimes even change their files. It is useful to know how secure your files are. To find out, use the ls -al command, in the following way. $ ls -al filename (or directory) This will display a summary of information about this particular file/directory. Examples : $ ls -l myfile.txt -rwx------ 1 zoman zoman 23402 1997 Apr 28 11:08 myfile.txt Read permission For a file, read permission allows you to view the contents of the file. For a directory, read permission allows you to list the directory's contents. Write permission For a file, write permission allows you to modify the contents of the file. For a directory, write permission, along with execute permission, allows you to alter the contents of the directory, i.e., to add and delete files and subdirectories. Execute permission For a file, execute permission allows you to run the file, if it is an executable program, or script. Note that file execute permission is irrelevant for non executable files. For a directory, execute permission allows you to refer to the contents of the directory. Without execute permission on a directory, read and write permissions within that directory are limited.
  • Displaying Access Permissions UNIX supports access control. Every file and directory has associated with it ownership, and access permissions. Furthermore, one is able to specify those to whom the permissions apply. New users on a UNIX system are often unaware of file security (permissions). Without knowing it, they may leave sensitive information unprotected. Other users on their machine (or from the rest of the world) may access and sometimes even change their files. It is useful to know how secure your files are. To find out, use the ls -al command, in the following way. $ ls -al filename (or directory) This will display a summary of information about this particular file/directory. Examples : $ ls -l myfile.txt -rwx------ 1 zoman zoman 23402 1997 Apr 28 11:08 myfile.txt Read permission For a file, read permission allows you to view the contents of the file. For a directory, read permission allows you to list the directory's contents. Write permission For a file, write permission allows you to modify the contents of the file. For a directory, write permission, along with execute permission, allows you to alter the contents of the directory, i.e., to add and delete files and subdirectories. Execute permission For a file, execute permission allows you to run the file, if it is an executable program, or script. Note that file execute permission is irrelevant for non executable files. For a directory, execute permission allows you to refer to the contents of the directory. Without execute permission on a directory, read and write permissions within that directory are limited.
  • Understanding Access Permissions Permissions are defined as read, write, and execute. The read, write, and execute permissions are referred to as r, w, and x, respectively. Those to whom the permissions apply are the user who owns the file, those who are in the same group as the owner, and all others. The user, group, and other permissions are referred to as u, g, and o, respectively. The access permission is contained in the collection of d's, r's, w's, and x's to the left of the output of the command ls -al . These ten spaces, containing either letters or dashes, tell you what kind of file is shown and how secure it is. Let's start with the first column (from left). If you see a `d' here, it means the object you are looking at is a subdirectory. If you see a `-', the object is a file of some sort (either program or data). The next nine letters detail how secure your files are. The first group of three letters describes your own privileges. An `r' means you can read a file, a `w' means you can write to a file (write means you can edit and delete it), an `x' means you can run the file (if it is a program -- an `x' setting for a data file will only cause problems), and a `-' means that you are restricted from using a file. Almost always, you want to have `rw-' for your data files, and `rwx' for your programs. The next middle set of three letters describes what members of your group can do. Groups are special constructs you can make which allow members of a team to share files with their own set of access restrictions. Usually, you won't belong to any groups so you should set these permissions to `---'. Finally, the last three letters are by far the most important, as they represent what anyone on the system can do to your files. By default, many machines set permissions to everyone can read the file, even though they cannot edit / delete it or run it as a program. For sensitive information, this is obviously undesirable.
  • An access permission looks something like this : file/directory? user group others d/- rwx rwx rwx How to Set Numerical Access Permissions Numerical access permissions are set using octal numbers. An octal number, which is made up of three components (r, w, and x), has a value of 0 to 7. For this reason the three access types (r, w, and x) are linked to an octal value, so that when all values are added together they are between 0 and 7 (inclusive). Below are the values : r = 4 , w = 2 , x = 1 , Total = 7 This is the same for each of the three user types (u, g , and o). Below is a listing showing which numbers are used to set the required access state :- --- 0 = No access permission --x 1 = Execute permission only. -w- 2 = Write permission only. -wx 3 = Write and Execute permission (2 + 1). r-- 4 = Read permission only. r-x 5 = Read and Executeute permission (4 + 1). rw- 6 = Read and Write permission (4 + 2). rwx 7 = Read, Write and Execute permission (4 + 2 + 1)
  • Directory Access Permission To avoid accidentally removing files (or adding or renaming files) in a directory, use 555 as an access permission. To do the same, but also deny other users any access, use 500. To do the same but be able to do any thing, use 700. ( the recommended ) To allow others to list the directory and access the files (if they have the permission) but not remove or rename them, use 755 To allow anyone to do anything, use 777. Don’t use it. Be careful File Access Permissions To make a file only editable by you, use 600. ( The recommended ) To do the same but make it read only, use 400. To make a file editable by you but only readable be others, use 644. To let anyone can read and edit the file, use 666. Don’t use it. Be careful.
  • Changing Access Permissions UNIX allows you to set the permissions on files that you own. The command to change the file permission mode is chmod . chmod requires you to specify the new permissions you want, and specify the file or directory you want the changes applied to. To set file permissions, you may use to the "rwx" notation to specify the type of permissions, and the "ugo" notation to specify those the permissions apply to or the corresponding numerical values. Below two methods to change the access permissions are shown using the following command: chmod [permissions] files , both numerically and using characters. Character Method Examples : To define the kind of change you want to make to the permissions, use the plus sign (+) to add a permission, the minus sign (-) to remove a permission, and the equal sign (=) to set a permission directly. $ chmod u+x myfile Add execute by user permission on myfile. $ chmod g=r-x myfile Set read & execute permission for group on myfile. $ chmod u-x myfile Remove execute by user permission on myfile. $ chmod =rx myfile Set read & execute permission for all on myfile. Numeric Method Examples : user group others $ chmod 700 myfile rwx --- --- $ chmod 644 myfile rw- r-- r-- $ chmod 755 myfile rwx r-x r-x
  • The UNIX File System CS465

    1. 1. The UNIX File System CS465
    2. 2. File Systems <ul><li>What is a file system? A means of organizing information on the computer. A file system is a logical view, not necessarily a physical view. </li></ul><ul><li>What does the file system provide: </li></ul><ul><ul><li>Ways to create, move, and remove files </li></ul></ul><ul><ul><li>Ways to order files </li></ul></ul><ul><ul><li>Security </li></ul></ul><ul><li>Examples of file systems: </li></ul><ul><ul><li>DOS, Macintosh, CD-ROM, UNIX, NFS (networked file system) </li></ul></ul>
    3. 3. UNIX File System <ul><li>Heirarchical storage </li></ul><ul><ul><li>Basic storage unit is a FILE </li></ul></ul><ul><li>Unix File: a collection of data </li></ul><ul><ul><li>Just a sequence of bytes </li></ul></ul><ul><ul><li>No record or block structure is required </li></ul></ul>
    4. 4. Unix File Types <ul><li>Ordinary file (stores info) </li></ul><ul><li>Directory (holds other files and directories) </li></ul><ul><ul><li>Directory file contains information about files </li></ul></ul><ul><li>Special file (represents physical devices like printers, terminals, etc) </li></ul><ul><li>Pipe (temporary file for command linkage) </li></ul>
    5. 5. File and Directory Names <ul><li>Names are case sensitive </li></ul><ul><li>Can use any character, however: </li></ul><ul><ul><li>Avoid using: / > , ! ( ) # & < > | @ $ ^ * ? </li></ul></ul><ul><ul><ul><li>Legal but hard to use with shells </li></ul></ul></ul><ul><li>Length: Up to 14 characters guaranteed </li></ul><ul><li>Names must be unique inside a directory </li></ul><ul><li>Files beginning with “.” are “invisible” </li></ul>
    6. 6. The Unix File System / is the “root” directory. In our example there are three directories in root. The “home” directory contains directories of all users on a system. Each user can create and administer his/her own directories, subdirectories and files. <ul><ul><li>A rooted tree file structure (inverted tree) </li></ul></ul>progs notes .login jones smith username home etc tmp /
    7. 7. Some Common Directories <ul><li>/ root ancestor of all files in the file system </li></ul><ul><li>/bin binary executable files </li></ul><ul><li>/dev special device files </li></ul><ul><li>/etc administrative files </li></ul><ul><li>/home user home directories </li></ul><ul><li>/tmp temporary files </li></ul><ul><li>/usr special user files or home directories </li></ul>
    8. 8. Pathnames <ul><li>Absolute Path Name </li></ul><ul><ul><li>Every file and directory in the file system can be identified by a “full path name” (route from root to file) /home/sue/email/f1 </li></ul></ul><ul><li>Relative path name </li></ul><ul><ul><li>Location is relative to working directory . Working directory .. Parent directory </li></ul></ul><ul><ul><li>If working directory is /home/sue : email/f1 </li></ul></ul>fred / home sue docs email f1 f2
    9. 9. Home and Working Directories <ul><li>Home directory </li></ul><ul><ul><li>The directory you are in when you first login in </li></ul></ul><ul><ul><li>This is your space; you control security </li></ul></ul><ul><ul><li>Place to put your personalized startup files </li></ul></ul><ul><ul><li>Your working directory after typing cd with no arguments </li></ul></ul><ul><li>Working (current) directory </li></ul><ul><ul><li>Can access files in your working directory by simply typing the filename ( relative pathname) </li></ul></ul><ul><ul><li>To access files in other directories, must use the absolute pathname pwd prints the working directory cd changes the working directory </li></ul></ul>
    10. 10. Directory Shorthands <ul><li>Directory abbreviations: </li></ul><ul><li>. the directory itself </li></ul><ul><li>.. the parent directory </li></ul><ul><li>Every directory contains . and .. files </li></ul><ul><li>In most shells “~” means your home directory) </li></ul><ul><li>~ user means user ’s home directory </li></ul><ul><li>Example: ~small000/.login </li></ul><ul><li>is file .login in /home/small000 , which is my home directory. </li></ul>
    11. 11. Finding Yourself <ul><li>The command pwd tells you where you are in the file hierarchy. </li></ul><ul><li>It gives you the absolute path to your location. </li></ul><ul><li>$ pwd </li></ul><ul><li>/home/small000 </li></ul>
    12. 12. Changing Directories <ul><li>cd c hange d irectory (home) </li></ul><ul><li>cd .. go to parent directory </li></ul><ul><li>cd / go to the root directory </li></ul><ul><li>cd ~ go to my home directory </li></ul><ul><li>cd ~ user go to user ’s home directory </li></ul><ul><li>cd /etc go to the etc directory from root </li></ul><ul><li>cd ../sub go to the sub directory in my parent directory </li></ul>
    13. 13. Creating and Removing Directories <ul><li>A new directory can be created with the mkdir command </li></ul><ul><ul><li>Note command cannot be shortened to md </li></ul></ul><ul><li>A directory can be removed using the rmdir command </li></ul><ul><ul><li>The directory must be empty (no files or subdirectories) </li></ul></ul><ul><ul><li>Note command cannot be shortened to rd </li></ul></ul>
    14. 14. Links <ul><li>Can have many links to the same file </li></ul><ul><li>One directory contains the actual file, and the others contain a name only, which links to the actual file </li></ul><ul><li>ln -command for creating links </li></ul><ul><li>$ ln filename linkname </li></ul>
    15. 15. Links <ul><li>ln creates a new link, not a new file. The new link and the original filename are equivalent pointers to the file. </li></ul><ul><li>Example: </li></ul><ul><ul><li>$ ln names lnames </li></ul></ul>jones lnames names letter3 007 Golden Eye Tomorrow Never Dies File Contents
    16. 16. Creating Directories <ul><li>mkdir </li></ul><ul><ul><li>Makes a new directory (if you have permission to do so) </li></ul></ul><ul><ul><li>With a simple pathname, mkdir makes a new directory in your working directory. </li></ul></ul><ul><ul><li>$ pwd </li></ul></ul><ul><ul><li>/home/jbond </li></ul></ul><ul><ul><li>$ mkdir newdir </li></ul></ul><ul><ul><li>$ ls –l </li></ul></ul><ul><ul><li>total 3 </li></ul></ul><ul><ul><li>-rw-r--r-- 1 jbond cs 154 Feb 4 15:00 letter3 </li></ul></ul><ul><ul><li>-rw-r--r-- 1 jbond cs 64 Feb 4 15:00 names </li></ul></ul><ul><ul><li>drwxr-xr-x 2 jbond cs 512 Feb 4 15:26 newdir/ </li></ul></ul>
    17. 17. Deleting Directories <ul><li>rmdir </li></ul><ul><li>deletes a directory (if you have permission). </li></ul><ul><li>$ rmdir newdir </li></ul><ul><li>$ ls -l </li></ul><ul><li>total 6 </li></ul><ul><li>-rw-r--r-- 1 jbond cs 154 Feb 4 15:00 letter3 </li></ul><ul><li>-rw-r--r-- 1 jbond cs 64 Feb 4 15:00 names </li></ul><ul><li>$ rmdir /usr </li></ul><ul><li>rmdir: directory &quot;/usr&quot;: Search or write permission needed </li></ul>
    18. 18. Moving Stuff <ul><li>mv can move a directory into a directory </li></ul><ul><ul><ul><li>$ ls </li></ul></ul></ul><ul><ul><ul><li>names newdir/ secret/ </li></ul></ul></ul><ul><ul><ul><li>$ mv newdir secret </li></ul></ul></ul><ul><ul><ul><li>$ ls </li></ul></ul></ul><ul><ul><ul><li>names secret/ </li></ul></ul></ul><ul><ul><ul><li>$ ls secret </li></ul></ul></ul><ul><ul><ul><li>letter newdir/ </li></ul></ul></ul>
    19. 19. Access Permissions <ul><li>Every user has: </li></ul><ul><ul><li>A username </li></ul></ul><ul><ul><li>A numeric uid (user identification) </li></ul></ul><ul><ul><li>A default group association </li></ul></ul><ul><ul><li>Optional assocations with other groups </li></ul></ul><ul><li>Command: id view your uid and default group and which groups you belong to </li></ul>
    20. 20. Access Permissions <ul><li>Every file has: </li></ul><ul><ul><li>A single owner </li></ul></ul><ul><ul><li>An association with a single group </li></ul></ul><ul><ul><li>A set of access permissions associated with it </li></ul></ul><ul><li>For a File, permissions control what can be done to the file contents </li></ul><ul><li>For a Directory, permissions control whether a file in that directory can be listed, searched, renamed or removed </li></ul>
    21. 21. Changing Your Group Association <ul><li>When you first log in, you're group is set to the default group specified in your /etc/passwd file.   </li></ul><ul><li>To change groups, use the newgrp command $ newgrp admin </li></ul><ul><li>Once you've changed to the new group, if you create a new file, it will be owned by the new group. </li></ul>
    22. 22. Access Permissions <ul><li>First character shows the file type: </li></ul><ul><ul><li>directory (d) </li></ul></ul><ul><ul><li>plain file (-) </li></ul></ul><ul><ul><li>link (l) </li></ul></ul>-rwxr-xr-x <ul><li>Rest specify three types of users: </li></ul><ul><ul><li>user owner </li></ul></ul><ul><ul><li>group </li></ul></ul><ul><ul><li>others </li></ul></ul><ul><li>who are allowed to: </li></ul><ul><ul><li>(r) read </li></ul></ul><ul><ul><li>(w) write </li></ul></ul><ul><ul><li>(x) execute </li></ul></ul>rwx r-x r-x
    23. 23. Permission Settings Directory can be searched and you can cd to it. File can be run as a program. x (execute) File entries can be added or removed. Contents can be changed or deleted. w (write) Contents can be listed, but not searched. Normally r and x are used together. Contents can be viewed or printed. r (read) For a Directory For a File Permission
    24. 24. Permission Settings <ul><li>Permission settings use octal numbers. </li></ul><ul><ul><li>r = 100 = 4 </li></ul></ul><ul><ul><li>w = 010 = 2 </li></ul></ul><ul><ul><li>x = 001 = 1 </li></ul></ul><ul><ul><li>None = 000 = 0 </li></ul></ul><ul><li>These numbers are additive . </li></ul><ul><ul><li>rwx = 7 (4 + 2 + 1) = 111 </li></ul></ul><ul><ul><li>rw = 6 (4 + 2) = 110 </li></ul></ul><ul><ul><li>rx = 5 (4 + 1) = 101 </li></ul></ul><ul><li>[ rwx ][ r-x ][ r-- ] = [111][101][100] = [7][5][4] = 754 </li></ul>
    25. 25. Numerical Access Permissions 777 755 644 400 owner group others -rwxrwxrwx -rwxr-xr-x -rw-r--r-- -r-------- 111 111 111 101 101 111 100 100 110 000 000 100
    26. 26. Permission Settings: Examples <ul><li>Use ls –l to view permission settings </li></ul><ul><li>-r-- --- --- (400) protect it from accidental editing </li></ul><ul><li>-rw- --- --- (600) only you can edit/read the file </li></ul><ul><li>-rw- r-- r-- (644) only you can edit, others can read </li></ul><ul><li>-rw- rw- rw- (666) public read file! </li></ul><ul><li>dr-x r-x r-x (555) anyone can list but can’t create/delete/rename files </li></ul><ul><li>dr-x --- --- (500) only you can list </li></ul><ul><li>drwx --- --- (700) you can do anything, but not others </li></ul><ul><li>drwx r-x r-x (755) you can do anything, others only list </li></ul><ul><li>drwx rwx rwx (777) anyone can do anything! </li></ul>
    27. 27. Changing Permissions <ul><li>chmod command is used to modify permissions. can only be used by the owner of a file/dir (or the administrator root ). </li></ul><ul><li>Format: </li></ul><ul><li>chmod [ugoa] [+-=] [rwx] [file/dir] </li></ul><ul><ul><li>Optionally, one of the characters: u (user/owner), g (group), o (other), or a (all). </li></ul></ul><ul><ul><li>Optionally, one of the characters: + (add permission), - (remove permission), or = (set permission). </li></ul></ul><ul><ul><li>Any combination of the characters r (read), w (write), or x (execute). </li></ul></ul>
    28. 28. chmod Examples <ul><li>Character Method $ chmod a=r-x file $ chmod u=rw- file $ chmod ugo+r file $ chmod go-w file </li></ul><ul><li>Numerical Method $ chmod 744 file $ chmod 600 file </li></ul>
    29. 29. Default Permissions <ul><li>Every time a directory or file is created it must immediately have some permissions </li></ul><ul><li>The umask instruction sets the default permissions </li></ul><ul><ul><li>$ umask ddd </li></ul></ul><ul><ul><ul><li>ddd is a three digit octal number </li></ul></ul></ul>
    30. 30. umask <ul><li>The system’s initial permission value, used when a file is created, is 666 (rw-rw-rw-). </li></ul><ul><li>The system’s initial permission value used when a directory is created, is 777 (rwxrwxrwx). </li></ul><ul><li>To determine the umask value you want to set, subtract the value of the permissions you want from the initial permissions. The remainder is the value to use with the umask command. </li></ul><ul><li>To change the default mode for files to 644 (rw-r--r--), subtract 644 from 666. You get 022, which is the value you would use as an argument to the umask command . </li></ul>
    31. 31. File and Directory Permissions for umask Values --- (none) --- 7 --x --x 6 -w- -w 5 -wx -w- 4 r-- r- 3 r-x r-- 2 rw- rw- 1 rwx rw- 0 Directory Permissions File Permissions unmask Octal Value
    32. 32. umask Scope <ul><li>The new umask value affects only those files and directories that are created from this point forward. </li></ul><ul><li>Place a umask command in your .profile file to permanently set your default permissions. </li></ul>
    33. 33. The SuperUser <ul><li>Every Unix system has at least one userid which is special </li></ul><ul><li>This is referred to as root although the name may be different </li></ul><ul><li>root may access any and all files or directories, no matter what their protection bits are set to </li></ul>

    ×