SlideShare a Scribd company logo

intro unix/linux 09

Download as ppt, pdf
D
duquoi

The document discusses file and directory permissions in Linux/Unix systems. It describes how permissions are represented and controlled using commands like ls, chmod, and umask. Permissions determine whether a user can read, write, or execute files and view contents of directories. Chmod allows setting permissions for owners, groups and others using letters or numbers. Umask sets default permissions for new files and directories based on permissions being masked.

1 of 50
Downloaded 295 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Lesson 9-Setting and Using Permissions
Overview Describing file permissions. Using execute permissions with a file. Changing file permissions using mnemonics. Changing file permissions numerically.
Overview Changing permissions for group and other. Exploring the effect of granting different permissions. Modifying directory permissions. Setting permissions when files and directories are created. Examining the impact of umask on other operations.
Describing File Permissions The permissions read, write, and execute govern access to files and directories. The owner can modify the permissions on a file for three classes of users. The owner or user, the members of the owner’s group, and other users are the three classes of users.
Describing File Permissions Examining the permissions field. Employing read and write permissions. Changing permissions for a file to read only. Changing permissions for a file to write only.
Examining the Permissions Field The “ls –l” command displays the permissions for regular files and directories. Every slot in the permissions field is occupied by either a dash or a letter. A minus sign indicates that a particular permission is denied. The “t” field in the directory permissions is a special permission called the sticky bit.
Examining the Permissions Field The first slot indicates whether the listing is for a directory, a plain file, or a special UNIX file. A “c” or “b” at the beginning of many permissions fields indicates whether the device processes data in units of single characters or in whole blocks. The remainder of the permissions field is divided into three sets of three slots each.
Examining the Permissions Field Permission Field For Users
Examining the Permissions Field File permissions: An owner has full powers over the assignment of permissions to self, its group members, and others. The rwx value for the first slot indicates that the user has read, write, and execute permissions for the file. Every file has an associated permissions field for user, group, and all others on the system.
Employing Read and Write Permissions To access the contents of a file, a user must have read permissions for that file. To make changes to or modify a file, a user needs write permissions for that file.
Changing Permissions for a File to Read Only Assigning Read Only Permission
Changing Permissions for a File to Write Only Assigning Write Permission
Using Execute Permissions with a File The “vi” editor can be used for creating a shell script. The “source” command in the C shell and the “dot” (.) command in the Korn or Bourne shell instruct the shell to read the file and execute each commands in it. The process id (PID) of the current shell can be determined with the help of the “$$” sign.
Using Execute Permissions with a File A file with the appropriate execute permission can run a shell script like any other UNIX command by typing its name and pressing the ENTER key. The “+x” option instructs chmod to grant execute permission for a file. When a script is run by entering its name, the current shell starts a child shell that reads the script file and runs the listed commands.
Using Execute Permissions with a File The read permission is sufficient when sourcing a script, because the current shell needs to read it. A user must have both, execute and read permissions, to run a script in a child process. Only the owner of a file or directory can modify the permissions that are attached to it.
Changing File Permissions Using Mnemonics The “chmod” command can accept permission settings in the form of letter arguments or numbers. The mnemonic assignment method allows a user to set permissions for each type of user in several ways.
Changing File Permissions Using Mnemonics Assigning specific permissions. Adding and deleting permissions.
Assigning Specific Permissions Assigning All Permissions to All Users
Assigning Specific Permissions Assigning Specific Permissions to Specific Users
Adding and Deleting Permissions Denying Specific Permission to Specific Users
Changing File Permissions Numerically Numbers can also be used for conveying permissions information for all the three types of users. The number 700 specifies the rwx permissions only for the owner of a file. The numerical approach allows a user to specify the exact permissions to be granted regardless of the current permission.
Changing File Permissions Numerically Combination permissions are specified using the sum of the values for the specific permissions. The primitives (0, 1, 2, and 4) can be added to grant any combination of permissions. The combination of the three numbers 1, 2, and 4 can be used to express the eight possible combinations of execute, write, and read permissions.
Changing File Permissions Numerically Numerical Combination of Permissions
Changing File Permissions Numerically Permission Values
Changing File Permissions Numerically Basic File Permissions
Changing Permissions for Group and Other Permissions are usually most restrictive for other, less so for group, and least restrictive for the owner of a file. The process of determining the impact of permissions for a file or directory begins with the determination of the owner of the file, followed by all sets of permissions assigned to it.
Exploring the Effect of Granting Different Permissions Changing the permissions of a file does not impact the current directory or the inode. The permissions of a file are recorded in the inode. Write permissions are required for removing a file.
Modifying Directory Permissions Directories have the same kind of permissions fields as regular files, except that there is a “d” in the leftmost position. Permissions are assigned to directories with the same letters and numbers that assign permissions to files. Directories are special files containing the name of each file or directory along with its associated inode number.
Modifying Directory Permissions Using permissions to control directory access. Listing the files in a directory. Denying write permissions for a directory. Examining the need for execute permissions. Changing permissions for files in all subdirectories. Identifying other system permissions.
Using Permissions to Control Directory Access The owner of a directory has the power and responsibility for setting the directory access permissions. Like file permissions, directory permissions include read, write, and execute. The “d” option instructs ls to provide a listing of information about the directory.
Using Permissions to Control Directory Access The inode contains all the information about a file, including permissions, owner, date of creation, links, and addresses of data blocks on the hard drive where the file’s content resides. A file is accessed by first retrieving its inode number, then examining its permissions, accessing the data block addresses, and then accessing the file itself.
Listing the Files in a Directory Permissions for a directory are contained in the inode listed next to the current directory. Permissions for files are listed in the inodes listed next to the filenames in the current directory. Read permissions are required for reading the directory contents as well as to get a listing of its files.
Denying Write Permissions for a Directory Write permissions must be granted before a user can modify the contents of the file or directory. A new file cannot be added or an existing file cannot be removed if appropriate write permissions are not assigned.
Examining the Need for Execute Permissions Execute permissions have a different impact on a directory than on a file. A directory cannot be listed if it does not have execute permissions. A file cannot be accessed if the directory does not have execute permissions.
Examining the Need for Execute Permissions The files in a subdirectory within the parent directory cannot be accessed if there are no execute permissions on the parent directory. With only execute permission on a directory, a user can “cd” into it, but cannot get a listing of its files. The permissions on directories are specified for user, group, and other in the same fields of the long listing that are associated with file permissions.
Changing Permissions for Files in all Subdirectories The “chmod” utility can be used to change the permissions for all files in a directory and even for all its subdirectories. The “–R” option, when specified with the chmod utility, allows permissions to be applied recursively to all child directories and files encountered.
Identifying Other System Permissions The “s” and “t” are some of the permissions that can only be set by the super user. The executable passwd file is a program that users run to change their passwords. Encrypted passwords are kept in the password file /etc/passwd or in /etc/shadow, depending on the system. Ordinary users do not have write permissions on the password files.
Identifying Other System Permissions The root user has “s” and “r” permissions on the passwd file, where s in the owner field indicates that anyone who has permission to execute the program executes it, the program runs as though root is running it. When an ordinary user runs passwd, the s tells the system that while running the passwd program, the user has root’s identity.
The group ID of the program needs to be turned on if an administrator wishes to restrict users from executing specific programs. A “t” in the last permission slot for a directory puts limits on who can remove files. Identifying Other System Permissions
Identifying Other System Permissions A user cannot remove a file even though they have write permissions on the directory. The t bit is a sticky bit, which, when set, permits only the owner of a file to delete or change the name of the file in the directory.
Setting Permissions when Files and Directories are Created The three ways of creating files in UNIX are: By copying an existing file. Using a “tee” utility. Redirection from a shell command.
Setting Permissions when Files and Directories are Created Examining the default permissions. Specifying default permissions for directories with umask.
Examining the Default Permissions The operating system initially sets permissions for the owner as read and write when a file is created. These default permission settings are determined by the umask value. The umask value determines which permissions are masked from being set.
Examining the Default Permissions The umask setting determines the value of permissions for new files as they are created. Changing the umask has no effect on an existing file. The umask setting is initially determined by default on the system, but can be modified from the shell command-line.
Specifying Default Permissions for Directories with umask A directory created while umask is 000 has full permissions granted to user, group, and other. A directory once created with umask can be modified with the chmod command.
Specifying Default Permissions for Directories with umask Umask Values
Examining the Impact of umask on Other Operations The value of umask determines the initial permissions when files and directories are created. The “cp” command directly copies the permissions of the source file to the destination file if the umask is not set. The “–p” option, when specified, instructs the cp utility to ignore the umask when copying files.
Examining the Impact of umask on Other Operations The “cat” utility can also be used for duplicating a file with the original permissions without applying the umask effect. The shell follows umask instructions when creating files. Permissions are added up to the limit set by umask when mnemonic arguments are used for specifying permissions in the chmod command.
Summary Read permission is needed to access a file’s contents with a utility. Write and execute permissions are required for adding a file, removing a file, or changing a file’s name in a directory. A user must have the execute permission to cd into a directory or include the directory in a path.
Summary Letters or numbers can be used for specifying permissions information in the chmod command. Read and execute permissions are required by a script file to execute as a child process. Files and directories are granted initial permissions at creation determined by the umask setting at the time that the file or directory is created.
Ad

Recommended

intro unix/linux 07
intro unix/linux 07
duquoi
 
intro unix/linux 11
intro unix/linux 11
duquoi
 
intro unix/linux 02
intro unix/linux 02
duquoi
 
intro unix/linux 06
intro unix/linux 06
duquoi
 
intro unix/linux 08
intro unix/linux 08
duquoi
 
Unix command line concepts
Unix command line concepts
Artem Nagornyi
 
intro unix/linux 10
intro unix/linux 10
duquoi
 
03 browsing the filesystem
03 browsing the filesystem
Shay Cohen
 
intro unix/linux 05
intro unix/linux 05
duquoi
 
Os lab manual
Os lab manual
Neelamani Samal
 
Linux commands
Linux commands
debashis rout
 
Unix commands in etl testing
Unix commands in etl testing
Garuda Trainings
 
Linux Introduction (Commands)
Linux Introduction (Commands)
anandvaidya
 
Commands and shell programming (3)
Commands and shell programming (3)
christ university
 
Perintah dasar terminal kali linux
Perintah dasar terminal kali linux
Faizalguswanda
 
intro unix/linux 04
intro unix/linux 04
duquoi
 
intro unix/linux 03
intro unix/linux 03
duquoi
 
Unix files
Unix files
Sunil Rm
 
Basic Linux day 2
Basic Linux day 2
Saikumar Daram
 
Unix
Unix
Thesis Scientist Private Limited
 
Course 102: Lecture 2: Unwrapping Linux
Course 102: Lecture 2: Unwrapping Linux
Ahmed El-Arabawy
 
Command
Command
somoloye
 
101 4.6 create and change hard and symbolic links
101 4.6 create and change hard and symbolic links
Acácio Oliveira
 
Basic linux commands
Basic linux commands
Harikrishnan Ramakrishnan
 
Comp practical
Comp practical
Kritika Sharma
 
Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling
Ahmed El-Arabawy
 
Directory Commands - R.D.Sivakumar
Directory Commands - R.D.Sivakumar
Sivakumar R D .
 
Ai module
Ai module
KUMARRISHAV29
 
OS Unit IV.ppt
OS Unit IV.ppt
FarhanaMariyam1
 
Linux files and file permission
Linux files and file permission
U.P Police
 

More Related Content

What's hot (19)

intro unix/linux 05
intro unix/linux 05
duquoi
 
Os lab manual
Os lab manual
Neelamani Samal
 
Linux commands
Linux commands
debashis rout
 
Unix commands in etl testing
Unix commands in etl testing
Garuda Trainings
 
Linux Introduction (Commands)
Linux Introduction (Commands)
anandvaidya
 
Commands and shell programming (3)
Commands and shell programming (3)
christ university
 
Perintah dasar terminal kali linux
Perintah dasar terminal kali linux
Faizalguswanda
 
intro unix/linux 04
intro unix/linux 04
duquoi
 
intro unix/linux 03
intro unix/linux 03
duquoi
 
Unix files
Unix files
Sunil Rm
 
Basic Linux day 2
Basic Linux day 2
Saikumar Daram
 
Unix
Unix
Thesis Scientist Private Limited
 
Course 102: Lecture 2: Unwrapping Linux
Course 102: Lecture 2: Unwrapping Linux
Ahmed El-Arabawy
 
Command
Command
somoloye
 
101 4.6 create and change hard and symbolic links
101 4.6 create and change hard and symbolic links
Acácio Oliveira
 
Basic linux commands
Basic linux commands
Harikrishnan Ramakrishnan
 
Comp practical
Comp practical
Kritika Sharma
 
Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling
Ahmed El-Arabawy
 
Directory Commands - R.D.Sivakumar
Directory Commands - R.D.Sivakumar
Sivakumar R D .
 
intro unix/linux 05
intro unix/linux 05
duquoi
 
Os lab manual
Os lab manual
Neelamani Samal
 
Linux commands
Linux commands
debashis rout
 
Unix commands in etl testing
Unix commands in etl testing
Garuda Trainings
 
Linux Introduction (Commands)
Linux Introduction (Commands)
anandvaidya
 
Commands and shell programming (3)
Commands and shell programming (3)
christ university
 
Perintah dasar terminal kali linux
Perintah dasar terminal kali linux
Faizalguswanda
 
intro unix/linux 04
intro unix/linux 04
duquoi
 
intro unix/linux 03
intro unix/linux 03
duquoi
 
Unix files
Unix files
Sunil Rm
 
Basic Linux day 2
Basic Linux day 2
Saikumar Daram
 
Unix
Unix
Thesis Scientist Private Limited
 
Course 102: Lecture 2: Unwrapping Linux
Course 102: Lecture 2: Unwrapping Linux
Ahmed El-Arabawy
 
Command
Command
somoloye
 
101 4.6 create and change hard and symbolic links
101 4.6 create and change hard and symbolic links
Acácio Oliveira
 
Basic linux commands
Basic linux commands
Harikrishnan Ramakrishnan
 
Comp practical
Comp practical
Kritika Sharma
 
Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling
Ahmed El-Arabawy
 
Directory Commands - R.D.Sivakumar
Directory Commands - R.D.Sivakumar
Sivakumar R D .
 

Similar to intro unix/linux 09 (20)

Ai module
Ai module
KUMARRISHAV29
 
OS Unit IV.ppt
OS Unit IV.ppt
FarhanaMariyam1
 
Linux files and file permission
Linux files and file permission
U.P Police
 
Unix fundamentals
Unix fundamentals
Dima Gomaa
 
permissions.pptx computer science and tec
permissions.pptx computer science and tec
IqraHanif27
 
Course 102: Lecture 14: Users and Permissions
Course 102: Lecture 14: Users and Permissions
Ahmed El-Arabawy
 
os lab commanaaaaaaaaaaaaaaaaaaaaaads.pptx
os lab commanaaaaaaaaaaaaaaaaaaaaaads.pptx
AdityaGupta221734
 
UNIX -File attributes and permissions; The Security Implications
UNIX -File attributes and permissions; The Security Implications
RAVIRAJ P
 
Access control list acl - permissions in linux
Access control list acl - permissions in linux
Sreenatha Reddy K R
 
Learning Linux v2.1
Learning Linux v2.1
sdiviney
 
04-1-Linux.ppt
04-1-Linux.ppt
EidTahir
 
Linux fundamental - Chap 02 perm
Linux fundamental - Chap 02 perm
Kenny (netman)
 
06 users groups_and_permissions
06 users groups_and_permissions
Shay Cohen
 
QSpiders - Unix Operating Systems and Commands
QSpiders - Unix Operating Systems and Commands
Qspiders - Software Testing Training Institute
 
PowerPoint Presentation Microsoft notes .ppt
PowerPoint Presentation Microsoft notes .ppt
okwalingajoe
 
58518522 study-aix
58518522 study-aix
homeworkping3
 
File permissions
File permissions
Varnnit Jain
 
4_Users_and_File_Permission_and_Directory_Commands
4_Users_and_File_Permission_and_Directory_Commands
Gautam Raja
 
Unix Basics Commands
Unix Basics Commands
Sameeran Jenna
 
Lesson 3 Working with Files in Linux
Lesson 3 Working with Files in Linux
Sadia Bashir
 
Ai module
Ai module
KUMARRISHAV29
 
OS Unit IV.ppt
OS Unit IV.ppt
FarhanaMariyam1
 
Linux files and file permission
Linux files and file permission
U.P Police
 
Unix fundamentals
Unix fundamentals
Dima Gomaa
 
permissions.pptx computer science and tec
permissions.pptx computer science and tec
IqraHanif27
 
Course 102: Lecture 14: Users and Permissions
Course 102: Lecture 14: Users and Permissions
Ahmed El-Arabawy
 
os lab commanaaaaaaaaaaaaaaaaaaaaaads.pptx
os lab commanaaaaaaaaaaaaaaaaaaaaaads.pptx
AdityaGupta221734
 
UNIX -File attributes and permissions; The Security Implications
UNIX -File attributes and permissions; The Security Implications
RAVIRAJ P
 
Access control list acl - permissions in linux
Access control list acl - permissions in linux
Sreenatha Reddy K R
 
Learning Linux v2.1
Learning Linux v2.1
sdiviney
 
04-1-Linux.ppt
04-1-Linux.ppt
EidTahir
 
Linux fundamental - Chap 02 perm
Linux fundamental - Chap 02 perm
Kenny (netman)
 
06 users groups_and_permissions
06 users groups_and_permissions
Shay Cohen
 
QSpiders - Unix Operating Systems and Commands
QSpiders - Unix Operating Systems and Commands
Qspiders - Software Testing Training Institute
 
PowerPoint Presentation Microsoft notes .ppt
PowerPoint Presentation Microsoft notes .ppt
okwalingajoe
 
58518522 study-aix
58518522 study-aix
homeworkping3
 
File permissions
File permissions
Varnnit Jain
 
4_Users_and_File_Permission_and_Directory_Commands
4_Users_and_File_Permission_and_Directory_Commands
Gautam Raja
 
Unix Basics Commands
Unix Basics Commands
Sameeran Jenna
 
Lesson 3 Working with Files in Linux
Lesson 3 Working with Files in Linux
Sadia Bashir
 
Ad

More from duquoi (9)

Troubleshooting CD Burning
Troubleshooting CD Burning
duquoi
 
Advanced Bash Scripting Guide 2002
Advanced Bash Scripting Guide 2002
duquoi
 
Astrolog: Switches
Astrolog: Switches
duquoi
 
Cinelerra Video Editing Manual
Cinelerra Video Editing Manual
duquoi
 
Iptables
Iptables
duquoi
 
Ffmpeg
Ffmpeg
duquoi
 
rosegarden
rosegarden
duquoi
 
intro unix/linux 12
intro unix/linux 12
duquoi
 
intro unix/linux 01
intro unix/linux 01
duquoi
 
Troubleshooting CD Burning
Troubleshooting CD Burning
duquoi
 
Advanced Bash Scripting Guide 2002
Advanced Bash Scripting Guide 2002
duquoi
 
Astrolog: Switches
Astrolog: Switches
duquoi
 
Cinelerra Video Editing Manual
Cinelerra Video Editing Manual
duquoi
 
Iptables
Iptables
duquoi
 
Ffmpeg
Ffmpeg
duquoi
 
rosegarden
rosegarden
duquoi
 
intro unix/linux 12
intro unix/linux 12
duquoi
 
intro unix/linux 01
intro unix/linux 01
duquoi
 
Ad

Recently uploaded (20)

FIDO Seminar: Evolving Landscape of Post-Quantum Cryptography.pptx
FIDO Seminar: Evolving Landscape of Post-Quantum Cryptography.pptx
FIDO Alliance
 
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik
 
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
SOFTTECHHUB
 
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC
 
High Availability On-Premises FME Flow.pdf
High Availability On-Premises FME Flow.pdf
Safe Software
 
SAP Modernization Strategies for a Successful S/4HANA Journey.pdf
SAP Modernization Strategies for a Successful S/4HANA Journey.pdf
Precisely
 
vertical-cnc-processing-centers-drillteq-v-200-en.pdf
vertical-cnc-processing-centers-drillteq-v-200-en.pdf
AmirStern2
 
Can We Use Rust to Develop Extensions for PostgreSQL? (POSETTE: An Event for ...
Can We Use Rust to Develop Extensions for PostgreSQL? (POSETTE: An Event for ...
NTT DATA Technology & Innovation
 
Down the Rabbit Hole – Solving 5 Training Roadblocks
Down the Rabbit Hole – Solving 5 Training Roadblocks
Rustici Software
 
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
caoyixuan2019
 
Artificial Intelligence in the Nonprofit Boardroom.pdf
Artificial Intelligence in the Nonprofit Boardroom.pdf
OnBoard
 
June Patch Tuesday
June Patch Tuesday
Ivanti
 
OWASP Barcelona 2025 Threat Model Library
OWASP Barcelona 2025 Threat Model Library
PetraVukmirovic
 
National Fuels Treatments Initiative: Building a Seamless Map of Hazardous Fu...
National Fuels Treatments Initiative: Building a Seamless Map of Hazardous Fu...
Safe Software
 
Data Validation and System Interoperability
Data Validation and System Interoperability
Safe Software
 
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
Safe Software
 
Providing an OGC API Processes REST Interface for FME Flow
Providing an OGC API Processes REST Interface for FME Flow
Safe Software
 
“From Enterprise to Makers: Driving Vision AI Innovation at the Extreme Edge,...
“From Enterprise to Makers: Driving Vision AI Innovation at the Extreme Edge,...
Edge AI and Vision Alliance
 
FIDO Seminar: New Data: Passkey Adoption in the Workforce.pptx
FIDO Seminar: New Data: Passkey Adoption in the Workforce.pptx
FIDO Alliance
 
“Addressing Evolving AI Model Challenges Through Memory and Storage,” a Prese...
“Addressing Evolving AI Model Challenges Through Memory and Storage,” a Prese...
Edge AI and Vision Alliance
 
FIDO Seminar: Evolving Landscape of Post-Quantum Cryptography.pptx
FIDO Seminar: Evolving Landscape of Post-Quantum Cryptography.pptx
FIDO Alliance
 
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik
 
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
SOFTTECHHUB
 
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC
 
High Availability On-Premises FME Flow.pdf
High Availability On-Premises FME Flow.pdf
Safe Software
 
SAP Modernization Strategies for a Successful S/4HANA Journey.pdf
SAP Modernization Strategies for a Successful S/4HANA Journey.pdf
Precisely
 
vertical-cnc-processing-centers-drillteq-v-200-en.pdf
vertical-cnc-processing-centers-drillteq-v-200-en.pdf
AmirStern2
 
Can We Use Rust to Develop Extensions for PostgreSQL? (POSETTE: An Event for ...
Can We Use Rust to Develop Extensions for PostgreSQL? (POSETTE: An Event for ...
NTT DATA Technology & Innovation
 
Down the Rabbit Hole – Solving 5 Training Roadblocks
Down the Rabbit Hole – Solving 5 Training Roadblocks
Rustici Software
 
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
caoyixuan2019
 
Artificial Intelligence in the Nonprofit Boardroom.pdf
Artificial Intelligence in the Nonprofit Boardroom.pdf
OnBoard
 
June Patch Tuesday
June Patch Tuesday
Ivanti
 
OWASP Barcelona 2025 Threat Model Library
OWASP Barcelona 2025 Threat Model Library
PetraVukmirovic
 
National Fuels Treatments Initiative: Building a Seamless Map of Hazardous Fu...
National Fuels Treatments Initiative: Building a Seamless Map of Hazardous Fu...
Safe Software
 
Data Validation and System Interoperability
Data Validation and System Interoperability
Safe Software
 
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
Safe Software
 
Providing an OGC API Processes REST Interface for FME Flow
Providing an OGC API Processes REST Interface for FME Flow
Safe Software
 
“From Enterprise to Makers: Driving Vision AI Innovation at the Extreme Edge,...
“From Enterprise to Makers: Driving Vision AI Innovation at the Extreme Edge,...
Edge AI and Vision Alliance
 
FIDO Seminar: New Data: Passkey Adoption in the Workforce.pptx
FIDO Seminar: New Data: Passkey Adoption in the Workforce.pptx
FIDO Alliance
 
“Addressing Evolving AI Model Challenges Through Memory and Storage,” a Prese...
“Addressing Evolving AI Model Challenges Through Memory and Storage,” a Prese...
Edge AI and Vision Alliance
 

intro unix/linux 09

  • 1. Lesson 9-Setting and Using Permissions
  • 2. Overview Describing file permissions. Using execute permissions with a file. Changing file permissions using mnemonics. Changing file permissions numerically.
  • 3. Overview Changing permissions for group and other. Exploring the effect of granting different permissions. Modifying directory permissions. Setting permissions when files and directories are created. Examining the impact of umask on other operations.
  • 4. Describing File Permissions The permissions read, write, and execute govern access to files and directories. The owner can modify the permissions on a file for three classes of users. The owner or user, the members of the owner’s group, and other users are the three classes of users.
  • 5. Describing File Permissions Examining the permissions field. Employing read and write permissions. Changing permissions for a file to read only. Changing permissions for a file to write only.
  • 6. Examining the Permissions Field The “ls –l” command displays the permissions for regular files and directories. Every slot in the permissions field is occupied by either a dash or a letter. A minus sign indicates that a particular permission is denied. The “t” field in the directory permissions is a special permission called the sticky bit.
  • 7. Examining the Permissions Field The first slot indicates whether the listing is for a directory, a plain file, or a special UNIX file. A “c” or “b” at the beginning of many permissions fields indicates whether the device processes data in units of single characters or in whole blocks. The remainder of the permissions field is divided into three sets of three slots each.
  • 8. Examining the Permissions Field Permission Field For Users
  • 9. Examining the Permissions Field File permissions: An owner has full powers over the assignment of permissions to self, its group members, and others. The rwx value for the first slot indicates that the user has read, write, and execute permissions for the file. Every file has an associated permissions field for user, group, and all others on the system.
  • 10. Employing Read and Write Permissions To access the contents of a file, a user must have read permissions for that file. To make changes to or modify a file, a user needs write permissions for that file.
  • 11. Changing Permissions for a File to Read Only Assigning Read Only Permission
  • 12. Changing Permissions for a File to Write Only Assigning Write Permission
  • 13. Using Execute Permissions with a File The “vi” editor can be used for creating a shell script. The “source” command in the C shell and the “dot” (.) command in the Korn or Bourne shell instruct the shell to read the file and execute each commands in it. The process id (PID) of the current shell can be determined with the help of the “$$” sign.
  • 14. Using Execute Permissions with a File A file with the appropriate execute permission can run a shell script like any other UNIX command by typing its name and pressing the ENTER key. The “+x” option instructs chmod to grant execute permission for a file. When a script is run by entering its name, the current shell starts a child shell that reads the script file and runs the listed commands.
  • 15. Using Execute Permissions with a File The read permission is sufficient when sourcing a script, because the current shell needs to read it. A user must have both, execute and read permissions, to run a script in a child process. Only the owner of a file or directory can modify the permissions that are attached to it.
  • 16. Changing File Permissions Using Mnemonics The “chmod” command can accept permission settings in the form of letter arguments or numbers. The mnemonic assignment method allows a user to set permissions for each type of user in several ways.
  • 17. Changing File Permissions Using Mnemonics Assigning specific permissions. Adding and deleting permissions.
  • 18. Assigning Specific Permissions Assigning All Permissions to All Users
  • 19. Assigning Specific Permissions Assigning Specific Permissions to Specific Users
  • 20. Adding and Deleting Permissions Denying Specific Permission to Specific Users
  • 21. Changing File Permissions Numerically Numbers can also be used for conveying permissions information for all the three types of users. The number 700 specifies the rwx permissions only for the owner of a file. The numerical approach allows a user to specify the exact permissions to be granted regardless of the current permission.
  • 22. Changing File Permissions Numerically Combination permissions are specified using the sum of the values for the specific permissions. The primitives (0, 1, 2, and 4) can be added to grant any combination of permissions. The combination of the three numbers 1, 2, and 4 can be used to express the eight possible combinations of execute, write, and read permissions.
  • 23. Changing File Permissions Numerically Numerical Combination of Permissions
  • 24. Changing File Permissions Numerically Permission Values
  • 25. Changing File Permissions Numerically Basic File Permissions
  • 26. Changing Permissions for Group and Other Permissions are usually most restrictive for other, less so for group, and least restrictive for the owner of a file. The process of determining the impact of permissions for a file or directory begins with the determination of the owner of the file, followed by all sets of permissions assigned to it.
  • 27. Exploring the Effect of Granting Different Permissions Changing the permissions of a file does not impact the current directory or the inode. The permissions of a file are recorded in the inode. Write permissions are required for removing a file.
  • 28. Modifying Directory Permissions Directories have the same kind of permissions fields as regular files, except that there is a “d” in the leftmost position. Permissions are assigned to directories with the same letters and numbers that assign permissions to files. Directories are special files containing the name of each file or directory along with its associated inode number.
  • 29. Modifying Directory Permissions Using permissions to control directory access. Listing the files in a directory. Denying write permissions for a directory. Examining the need for execute permissions. Changing permissions for files in all subdirectories. Identifying other system permissions.
  • 30. Using Permissions to Control Directory Access The owner of a directory has the power and responsibility for setting the directory access permissions. Like file permissions, directory permissions include read, write, and execute. The “d” option instructs ls to provide a listing of information about the directory.
  • 31. Using Permissions to Control Directory Access The inode contains all the information about a file, including permissions, owner, date of creation, links, and addresses of data blocks on the hard drive where the file’s content resides. A file is accessed by first retrieving its inode number, then examining its permissions, accessing the data block addresses, and then accessing the file itself.
  • 32. Listing the Files in a Directory Permissions for a directory are contained in the inode listed next to the current directory. Permissions for files are listed in the inodes listed next to the filenames in the current directory. Read permissions are required for reading the directory contents as well as to get a listing of its files.
  • 33. Denying Write Permissions for a Directory Write permissions must be granted before a user can modify the contents of the file or directory. A new file cannot be added or an existing file cannot be removed if appropriate write permissions are not assigned.
  • 34. Examining the Need for Execute Permissions Execute permissions have a different impact on a directory than on a file. A directory cannot be listed if it does not have execute permissions. A file cannot be accessed if the directory does not have execute permissions.
  • 35. Examining the Need for Execute Permissions The files in a subdirectory within the parent directory cannot be accessed if there are no execute permissions on the parent directory. With only execute permission on a directory, a user can “cd” into it, but cannot get a listing of its files. The permissions on directories are specified for user, group, and other in the same fields of the long listing that are associated with file permissions.
  • 36. Changing Permissions for Files in all Subdirectories The “chmod” utility can be used to change the permissions for all files in a directory and even for all its subdirectories. The “–R” option, when specified with the chmod utility, allows permissions to be applied recursively to all child directories and files encountered.
  • 37. Identifying Other System Permissions The “s” and “t” are some of the permissions that can only be set by the super user. The executable passwd file is a program that users run to change their passwords. Encrypted passwords are kept in the password file /etc/passwd or in /etc/shadow, depending on the system. Ordinary users do not have write permissions on the password files.
  • 38. Identifying Other System Permissions The root user has “s” and “r” permissions on the passwd file, where s in the owner field indicates that anyone who has permission to execute the program executes it, the program runs as though root is running it. When an ordinary user runs passwd, the s tells the system that while running the passwd program, the user has root’s identity.
  • 39. The group ID of the program needs to be turned on if an administrator wishes to restrict users from executing specific programs. A “t” in the last permission slot for a directory puts limits on who can remove files. Identifying Other System Permissions
  • 40. Identifying Other System Permissions A user cannot remove a file even though they have write permissions on the directory. The t bit is a sticky bit, which, when set, permits only the owner of a file to delete or change the name of the file in the directory.
  • 41. Setting Permissions when Files and Directories are Created The three ways of creating files in UNIX are: By copying an existing file. Using a “tee” utility. Redirection from a shell command.
  • 42. Setting Permissions when Files and Directories are Created Examining the default permissions. Specifying default permissions for directories with umask.
  • 43. Examining the Default Permissions The operating system initially sets permissions for the owner as read and write when a file is created. These default permission settings are determined by the umask value. The umask value determines which permissions are masked from being set.
  • 44. Examining the Default Permissions The umask setting determines the value of permissions for new files as they are created. Changing the umask has no effect on an existing file. The umask setting is initially determined by default on the system, but can be modified from the shell command-line.
  • 45. Specifying Default Permissions for Directories with umask A directory created while umask is 000 has full permissions granted to user, group, and other. A directory once created with umask can be modified with the chmod command.
  • 46. Specifying Default Permissions for Directories with umask Umask Values
  • 47. Examining the Impact of umask on Other Operations The value of umask determines the initial permissions when files and directories are created. The “cp” command directly copies the permissions of the source file to the destination file if the umask is not set. The “–p” option, when specified, instructs the cp utility to ignore the umask when copying files.
  • 48. Examining the Impact of umask on Other Operations The “cat” utility can also be used for duplicating a file with the original permissions without applying the umask effect. The shell follows umask instructions when creating files. Permissions are added up to the limit set by umask when mnemonic arguments are used for specifying permissions in the chmod command.
  • 49. Summary Read permission is needed to access a file’s contents with a utility. Write and execute permissions are required for adding a file, removing a file, or changing a file’s name in a directory. A user must have the execute permission to cd into a directory or include the directory in a path.
  • 50. Summary Letters or numbers can be used for specifying permissions information in the chmod command. Read and execute permissions are required by a script file to execute as a child process. Files and directories are granted initial permissions at creation determined by the umask setting at the time that the file or directory is created.