| Add comments here | |
|
|
| |
Every file and directory on a UNIX system, besides being owned
by a user and a group, has access flags17.1 dictating what kind of access that
user and group has to the file.
|
| |
Doing an ls -ald /bin/cp /etc/passwd /tmp will give you a
listing:
|
| |
|
-rwxr-xr-x 1 root root 28628 Mar 24 1999 /bin/cp
-rw-r--r-- 1 root root 1151 Jul 23 22:42 /etc/passwd
drwxrwxrwt 5 root root 4096 Sep 25 15:23 /tmp
|
|
| |
In the left most column are these flags, which give a complete
description of the access rights to the file.
|
| |
The furthest flag to the left is, so far, either - or
d indicating an ordinary file or directory. The
remaining nine have a - to indicate an unset value or
one of several possible characters. Table
17.1 gives a complete description of file
system permissions.
|
| |
Table 17.1:
File and directory permissions
 |
|
| |
|
| |
The chmod command is used to change the permissions of
a file. It usually used like:
|
chmod [-R] [u|g|o|a][+|-][r|w|x|s|t] <file> [<file>] ...
|
For example
adds execute permissions for the user of myfile. And,
removes read and execute permissions
for all -- i.e. user, group and other.
|
| |
The -R options once again means recursive,
diving into subdirectories as usual.
|
| |
Permission bits are often represented in their binary form,
especially when programming. It is convenient to show the
rwxrwxrwx set in octal, where each digit fits
conveniently into three bits. Files on the system are usually
created with mode 0644, meaning
rw-r-r-. You can set permissions explicitly with an octal
number:
Gives myfile the permissions rwxr-xr-x.
|
| |
In the table you can see s, the setuid or
setgid bit. If it is used without execute permissions
then it has no meaning and is written capitalised as an S.
This bit effectively colourises a x into an s,
hence you should read an s as execute
with the setuid or setgid bit set.
t is known as the sticky bit. It also has no
meaning if there are no execute permissions and is written as a capital
T.
|
| |
The leading 0 can in be ignored, but is preferred in
order to be explicit. It can take on a value representing
the three bits, setuid (4), setgid
(2) and sticky (1). Hence a value of
5764 is
 in binary and gives
-rwsrw-r-T.
|
| |
|
| |
umask sets the default permissions for newly created files, it
is usually 022. This means that the permissions of any new
file you create (say with the touch command) will be
masked with this number. 022 hence excludes write
permissions of group and of other. A umask of 006
would exclude read and write permissions of other, but allow read
and write of group. Try
5
|
umask
touch <file1>
ls -al <file1>
umask 026
touch <file2>
ls -al <file2>
|
026 is probably closer to the kind of mask we like
as an ordinary user. Check your /etc/profile file to see
what umask your login defaults to, when and also why.
|
| |
|
| |
In addition to permissions, each file has three integers
associated with it that represent in seconds, the last time the
file was accessed (read), when it was last modified, and when it
was created. These are known as the atime, mtime
and ctime of a file respectively.
|
| |
To get a complete listing of the file's permissions, use the stat
command. Here is the result of stat /etc:
5
|
File: "/etc"
Size: 4096 Filetype: Directory
Mode: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Device: 3,1 Inode: 14057 Links: 41
Access: Sat Sep 25 04:09:08 1999(00000.15:02:23)
Modify: Fri Sep 24 20:55:14 1999(00000.22:16:17)
Change: Fri Sep 24 20:55:14 1999(00000.22:16:17)
|
The Size: quoted here is the actual amount of disk
space used in order to store the directory listing, and
is the same as reported by ls. In this case it is
probably four disk blocks of 1024 bytes each. The size of a
directory as quoted here does not mean the sum of all
files contained under it.
|
