Pages

Saturday, December 3, 2011

File Types - Permissions - Symlinks 



File Types - Permissions - Symlinks:
------------------------------------
Features:
 1. The ability to restrict/control access to files

Note: 10 bits represent permissions for files (including directories)

Note: use 'ls -l' to examine permissions or GUI application like 'Nautilus'

-rwxrwxr-x 1 linuxcbt linuxcbt  681 Jan 13 11:31 regextest.pl
1st bit = file type. '-' = file, 'd' = directory
2nd - 4th bits = owner's permissions
r = read = 4
w = write = 2
x = execute = 1
- = none = 0

5th - 7th bits = group owner's permissions
r = read = 4
w = write = 2
x = execute = 1
- = none = 0

8th - 10th bits = everyone (world)
r = read = 4
w = write = 2
x = execute = 1
- = none = 0

-----------------------------------------------------------------------------
Task:
-----
 1. Manipulate file permissions using 'chmod'
  a. chmod -x regextest.pl

-rw-rw-r-- 1 linuxcbt linuxcbt 681 Jan 13 11:31 regextest.pl
rw = 6 or 4+2 for owner
rw = 6 or 4+2 for group owner
r = 4 for everyone else (world)

Octal notation: 664 for file 'regexetest.pl'

chmod 664 regextest.pl - removes execution for ALL users
chmod 775 regextest.pl - enables execution for ALL users


 2. Ensure that 'regextest.pl' is rw by owner and noone else
 a. chmod 600 regextest.pl

Note: File will now be rw by owner (linuxcbt) and 'root'

 3. Ensure that 'regextest.pl' is r by owner and noone else
 a. chmod 400 regextest.pl && ls -l regextest.pl

Note: chmod supports string values, which represent octal values
chmod +/- x file
chmod +/- w file
chmod +/- r file

chmod +/- u+x file - updates owner's execute permissions on the file
chmod +/- o+x file - updates other's execute permissions on the file
chmod +/- g+x file - updates group's execute permissions on the file

chmod a+rwx = chmod 777

------------------------------------------------------------------------------
chown - permits changing of ownership of files
 a. chown root regextest.pl - changes ownership to 'root'
 b. chown linuxcbt:sales regextest.pl - changes owner and group to 'linuxcbt:sales'

Task:
 Update 'regextest.pl' so that owner and group owner may modify the file

 a. chmod 660 regextest.pl

----------------------------------------------------------------------------

SETUID:
 Features:
  1. ability to execute file as owner

chmod 4760 regextest.pl - this will ensure that the perl script always executes as the user 'linuxcbt'
-rwsrw---- 1 linuxcbt sales 787 Jan 13 16:08 regextest.pl

's' in the execute position means that the program will execute as that user


-----------------------------------------------------------------------------
SETGID:
 Features:
  1. Ability to enforce permissions to a directory structure

mkdir /sales
chmod 2775 /sales

Create a file in the '/sales' directory as 'linuxcbt'
seq 1000000 > linuxcbt.1million.txt

-------------------------------------------------------------------------------

chgrp:
 Permits updating of group permissions

-------------------------------------------------------------------------------
Sticky Bit:
 Features:
  1. Ability to ensure that users cannot delete others' files in a directory

drwxrwxrwt 23 root root 4096 Jan 13 15:05 /tmp/


/tmp - users cannot delete other user's files in '/tmp'

chmod 3777 /sales - ensures that /sales will not lose files from incorrect users

Task:
 1. Set '/sales' using sticky bit and test
  a. chmod 3777 /sales && ls -ld /sales OR chmod 777 /sales && chmod +t /sales

-----------------------------------------------------------------------------
Symlinks:
--------
Features:
 1. Provides shortcuts to files (including directories)
 2. Provides hard links to inode (file system) locations

Soft Links:
 1. ln -s source_file target
  a. ln -s ./regextest.pl lastscript.pl

Note: Soft links may span multiple file systems/hard drives
Note: Symlink count is NOT increased when using soft links

 2.  ln -s /home/linuxcbt/testRH5/regextest.pl . - this will symlink (soft) to the /boot file system

Note: With soft links, if you change the name or location of the source file, you will break ALL of the symlinks (soft)


Hard Links:
 Features:
  1. The ability to reference the same inode/hard drive location from multiple places within the same file system
   a. ln source target
      ln regextest.pl ./testhardregextest.pl - creates a hard link
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)