lpi 101 ch13 files and directories
Post on 30-May-2018
236 Views
Preview:
TRANSCRIPT
-
8/9/2019 LPI 101 Ch13 Files and Directories
1/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Chapter 13
Files and Directories
-
8/9/2019 LPI 101 Ch13 Files and Directories
2/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Objectives
Describe and explain the Linux filesystem
directory structure
Explain filesystemconcepts
Identify and explain inodes
Utilizechown, chgrp, and other filerelated
commands
Set user and group ID permissions
Identify and explain sticky bits
Identify and explain links
-
8/9/2019 LPI 101 Ch13 Files and Directories
3/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Standard Directories
Under Linux, nearly everything isrepresented as a file. Most
physical devicesin thesystem are accessed using special files
in the filesystem
-
8/9/2019 LPI 101 Ch13 Files and Directories
4/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Directory Hierarchy
-
8/9/2019 LPI 101 Ch13 Files and Directories
5/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Standard Directories
/ The top of the Linux filesystem hierarchy
/bin Essential command binaries which arerequired in single usermode.
/boot Static files of theboot loader (containseverything required for theboot processexcept configuration files and themap installer)
/dev Device files, contains the location ofspecial or device files
/etc Reserved forconfiguration files that are local to yourmachine (nobinariesshould be located under/etc)
/etc/X11 is therecommended location for all X11 host-specificconfigurationfiles
/home User home directories
/lib Essential shared libraries and kernel modules (contains thosesharedlibrary images needed to boot thesystem and run thecommandsin theroot filesystem)
-
8/9/2019 LPI 101 Ch13 Files and Directories
6/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Standard Directories
/mnt mount point of temporary partitions. Thisis generally thelocation to where temporary filesystems, such as floppies orCD-drives
/opt reserved for theinstallation of add-on application softwarepackages
/root Home directory ofroot user
/tmp temporary directory
/etc/init.d Masterstartup scripts (not used as part ofstartupconfiguration)
/etc/rc*.d Run-level startup configuration scripts, usually links to filesinthe/etc/init.d directory
/usr/src sourcecode
/usr/include
/usr/lib
header filesincluded by C programs
libraries
-
8/9/2019 LPI 101 Ch13 Files and Directories
7/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Standard Directories
Windows directoriesrelate to Linux directoriesin terms of
functionality
Windows Linux
WinNT /system32 /bin, /sbin, /etc and /usr
Do not confuse the top level root directory / with the home
directory of thesuper user/root
-
8/9/2019 LPI 101 Ch13 Files and Directories
8/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
FHS Data Types
The Filesystem Hierarchy System (FHS) defines two types
of data use:data sharingand data modification. Each of
theseclassifications has two opposing subtypes:
-
8/9/2019 LPI 101 Ch13 Files and Directories
9/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
FHS Data Types
Data Sharing : defines the type of data used in a network
environment.Within data sharing, there are two subtypes:
Sharable
Non-Sharable Data that is defined assharable can be used by multiple
users orby multiple hosts
Non-sharable data is data that is linked to a specific host.
Passwords, configuration files, and logs areexamples of
non-sharable data
-
8/9/2019 LPI 101 Ch13 Files and Directories
10/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
FHS Data Types
Data Modification : defines how data can be augmented.
There are two categories within thissection :
Variable
Static Variablerefers to data that ischanged by natural,
frequent, processes
Static data is just that: data that does not change on a
frequent orregularbasis. Binary programs are an
example ofstatic data types
-
8/9/2019 LPI 101 Ch13 Files and Directories
11/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
The Linux File System
Linuxsupports diskpartitioning:
Onebranch of directory structurecan reside on one
partition
Different types of filesystems ormount optionscan beassigned to each partition
-
8/9/2019 LPI 101 Ch13 Files and Directories
12/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
The Linux File System
All UNIX-like filesystem types follow similarmodel:
Each filesystem on a partition (orslice) has an inode
table
Inode tablecomprisesone record for each file storedwithin this partition
Itsinode number uniquely identifies a file within the file
system
-
8/9/2019 LPI 101 Ch13 Files and Directories
13/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
The Linux File System
Each file has an inode tableentry:
Inode tableentry holds all attributes (meta data) of a file,
such as: filesize, user, group, permissions, etc.
Directoriesmap namesinto inode numbers: Directoriesstore links to inodes (and some/most store
short symlinks on ext2 and ext3 filesystems)
An inode numbercan havemore than one link
referencing it
-
8/9/2019 LPI 101 Ch13 Files and Directories
14/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Access Control
Primary function:prevent unauthorized access to system databy automatically protect file and directory accessby placinga standard set ofaccess permissions when files and directoriesarecreated
-
8/9/2019 LPI 101 Ch13 Files and Directories
15/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Viewing File and Directory Permissions
View permissions on files and directoriesby using the ls l
command.
Example
$ ls l .profile
-
8/9/2019 LPI 101 Ch13 Files and Directories
16/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Viewing File and Directory Permissions
r =readable
w = writeable
x = executable
- = denied
-
8/9/2019 LPI 101 Ch13 Files and Directories
17/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Permission Categories
User (owner) permissions
Group
Others (world)
-
8/9/2019 LPI 101 Ch13 Files and Directories
18/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Determining Access to a File orDirectory
Access to a file or a directory is determined by theUID andthe GID.
o UID Identifies the user who created the directory or fileand determines ownership.
o GID Identifies the group of users who own the directoryor file. A file or directory can belong to only one group at atime.
To view theseUID and GID numbers, use thels -n
-
8/9/2019 LPI 101 Ch13 Files and Directories
19/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Process ForDetermining Permissions
-
8/9/2019 LPI 101 Ch13 Files and Directories
20/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Types of Permissions
Permissionscontrol who can do whatto a file or directory andarerepresented by thecharacters:
r ( read )
w ( write )x ( execute )
- ( denied )
-
8/9/2019 LPI 101 Ch13 Files and Directories
21/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Types of Permissions
-
8/9/2019 LPI 101 Ch13 Files and Directories
22/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 1
-rwx------
File isread/write/execute forowneronly
dr-xr-x---
Directory isread/execute forownerand group
-rwxr-xr-x
File isread/write/execute forowner, and read/execute forgroup membersand others
-
8/9/2019 LPI 101 Ch13 Files and Directories
23/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 2
-rwxrw----
File isread/write/execute forownerand read/write forgroup
drwxr-x--x
Directory isread/write/execute forowner, read/execute forgroup and execute forothers
dr-x-w-r--
Directory isread/execute forowner, and write forgroupmembers and readforothers
-
8/9/2019 LPI 101 Ch13 Files and Directories
24/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Changing Permissions
You can modify the permissionsset on files or directoriesusing thechmod command.
$ chmod mode filename
Either theownerof the file or directory orsuperusercan usethiscommand to change permissions.
Thechmod command can modify permissionsspecified in
eithersymbolic mode oroctalmode.
-
8/9/2019 LPI 101 Ch13 Files and Directories
25/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
SymbolicMode
-
8/9/2019 LPI 101 Ch13 Files and Directories
26/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 1
Removegroup readpermission :
$ ls -l dante
-rw-r--r-- 1 user2 staff 2 Jun 11 1:44 dante
$ chmod g-r dante
$ ls -l dante
-rw----r-- 1 user2 staff 2 Jun 11 1:44 dante
-
8/9/2019 LPI 101 Ch13 Files and Directories
27/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 2
Add execute permission forowner, and readpermission forgroup and others:
$ ls -l dante
-rw------- 1 user2 staff 2 Jun 11 1:44 dante
$ chmod u+x,go+r dante
$ ls -l dante
-rwxr--r-- 1 user2 staff 2 Jun 11 1:44 dante
-
8/9/2019 LPI 101 Ch13 Files and Directories
28/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 3
Set permission to readand write foreveryone:
$ chmod a=rw dante
$ ls -l dante
-rw-rw-rw- 1 user2 staff 2 Jun 11 1:44 dante
-
8/9/2019 LPI 101 Ch13 Files and Directories
29/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Octal(Absolute) Mode
Each permission has an octalvalue :
-
8/9/2019 LPI 101 Ch13 Files and Directories
30/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
OctalDigits for Permission Sets
-
8/9/2019 LPI 101 Ch13 Files and Directories
31/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Combined Values and Permissions
Command format :
$ chmodoctal_mode filename
-
8/9/2019 LPI 101 Ch13 Files and Directories
32/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example
Giveuser, group, and others readand execute access:
$ ls -l dante
-rw-rw-rw- 1 user2 staff 2 Jun 11 11:54 dante
$ chmod 555 dante
$ ls -l dante
-r-xr-xr-x 1 user2 staff 2 Jun 11 11:54 dante
-
8/9/2019 LPI 101 Ch13 Files and Directories
33/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Compare two Mode
Somesymbolicmodeexpressions have no equivalentexpression in absolutemode.
o Forexample, chmod u+x,g+w somefile has no parallel inabsolutemode.
Absolutemodeexpressions aresometimesmoreconcise thansymbolicmodeexpressions.
Absolutemodeexpressions aresometimesmoresuitable for
use within shell scripts that might takeinput from other
utilitiesin numeric form.
-
8/9/2019 LPI 101 Ch13 Files and Directories
34/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Default Permissions
Default permissions, which are automatically assigned when afile or directory iscreated.
Theinitial default permission valuespecified by thesystem for
a filecreation is 666 (rw-rw-rw-).
Theinitial default permission valuespecified by thesystem fora directory creation is 777 (rwxrwxrwx).
-
8/9/2019 LPI 101 Ch13 Files and Directories
35/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
The umask Filter
Theumaskfiltercontrols the default permissions
assigned to newly created files and directories.
Theumaskfilteris a three-digit octal value that refers toread/write/execute permissions forowner, group, and other.
The default value ofumaskis:022
-
8/9/2019 LPI 101 Ch13 Files and Directories
36/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Calculating How the File Mode Creation Mask is
Applied
Write the default permissionsin theirexpanded (bitwise)form.
Write the filemodecreation maskbeneath the defaultpermissions.
Perform thebitwisesubtraction, and write down theresult.
-
8/9/2019 LPI 101 Ch13 Files and Directories
37/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 1
Default file permission r w r w r w ( 666 )
umask of 022 w w ( 022 )
Resulting file permission r w r r ( 644 )
Default dir permission r w x r w x r w x ( 777 )
umask of 022 w w ( 022 )
Resulting dir permission r w x r x r x ( 755 )
-
8/9/2019 LPI 101 Ch13 Files and Directories
38/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Example 2 : Important note
Default file permission r w r w r w ( 666 )
umask of 123 x w w x ( 123 )
Resulting file permission r w r r ( 644 )
(not543!)
Default dir permission r w x r w x r w x ( 777 )
umask of 123 x w w x ( 123 )
Resulting dir permission r w r x r ( 654 )
-
8/9/2019 LPI 101 Ch13 Files and Directories
39/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Changing the umaskValue
Command format :
umask [new_value]
( umask will be valid for current shell and subshells.)
Example :1. Verify the current umask.
$ umask
0222. Change the umask value to 027 and verify.
$ umask 027
$ umask
027
-
8/9/2019 LPI 101 Ch13 Files and Directories
40/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
File & Dir Permission with umask = 027?
Default file permission r w r w r w ( 666 )
umask of 027 w r w x ( 027 )
Resulting file permission r w r ( 640 )
Default dir permission r w x r w x r w x ( 777 )
umask of 027 w r w x ( 027 )
Resulting dir permission r w x r x ( 750 )
-
8/9/2019 LPI 101 Ch13 Files and Directories
41/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Special Permissions
Three types of permission are available forexecutable filesand public directory:
Set user ID:suid
Set group ID:sgid Sticky bit
-
8/9/2019 LPI 101 Ch13 Files and Directories
42/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Set User ID
When suid isset on executale files, a user or process that runsthis fileis granted access based on the owner of the file (usually
root )instead of user who started the file
Thesuid permission displays as an sin the owners
executable field. If fileis not executable, lsshowscapital S
# ls l /bin/su /usr/bin/passwd
-rwsrxrx 1 root root 18452 Jul 2 2003 /bin/su
-r-s-x-x 1 root root 13476 Aug 7 2003 /usr/bin/passwd
-
8/9/2019 LPI 101 Ch13 Files and Directories
43/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Set User ID
Theroot user and ownercan set thesuid permission on fileusing chmod command and the octal value4000 orsymbolic
s:
#chmod 4755
#chmod u+s
-
8/9/2019 LPI 101 Ch13 Files and Directories
44/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Set Group ID
When sgid issimilar to suid, except that a user or process thatruns this fileis granted access based on the owners group of
the file
Thesgid permission displays as an sin the groups
executable field. If fileis not executable, lsshowscapital S
# ls l /usr/bin/slocate /usr/bin/write
-rwxr-srx 1 root slocate 9 Jul 2 2003 /usr/bin/slocate
-rwxr-srx 1 root tty 13476 Aug 7 2003 /usr/bin/write
-
8/9/2019 LPI 101 Ch13 Files and Directories
45/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Set Group ID
Thesgid is a useful feature forcreating shared directories:filescreated in these directoriesbelong to the group to which
the directoriesbelong
Theroot user and ownercan set thesuid permission on file
using chmod command and the octal value2000 orsymbolic
s:
#chmod 2755
#chmod g+s
-
8/9/2019 LPI 101 Ch13 Files and Directories
46/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Sticky Bit Permission
It protects the filesin within a public writable directory. If thedirectory has thesticky bit set, then:
Only the owner and root can delete files
Ownerstill need write permission to the directory Thesticky bit permission displays as an tin theothers
executable field. If fileis not executable, lsshowscapital T
# ls ld /tmp
drwxrwxrwt 8 root root 4096 Jul 2 2003 /tmp
-
8/9/2019 LPI 101 Ch13 Files and Directories
47/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
chown Command
You usechown command to change the origin owner of a fileor directory to another user on thesystem
# ls l /usr/bin/slocate-rwxr-srx 1 root slocate 9 Jul 2 2003 /usr/bin/slocate
# chown minh /usr/bin/slocate
# ls l /usr/bin/slocate
-rwxr-srx 1 minh slocate 9 Jul 2 2003 /usr/bin/slocate
-
8/9/2019 LPI 101 Ch13 Files and Directories
48/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
chgrp Command
Use thechgrp command to change the group of the files ordirectories to another group on thesystem
# ls l /usr/bin/slocate-rwxr-srx 1 root slocate 9 Jul 2 2003 /usr/bin/slocate
# chgrp instructors/usr/bin/slocate
# ls l /usr/bin/slocate
-rwxr-srx 1 root instructors 9 Jul 2 2003 /usr/bin/slocate
-
8/9/2019 LPI 101 Ch13 Files and Directories
49/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Command User and Group OwnershipSimultaneously
chown command help you to change owner and group of a fileor directory simultaneously
# ls l /usr/bin/slocate-rwxr-srx 1 root slocate 9 Jul 2 2003 /usr/bin/slocate
# chown minh:instructors/usr/bin/slocate
# ls l /usr/bin/slocate
-rwxr-srx 1 minh instructors 9 Jul 2 2003 /usr/bin/slocate
-
8/9/2019 LPI 101 Ch13 Files and Directories
50/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
chown andchgrp Commands
You can also ownership and group recursively with Roption:
chown R
chgrp R
-
8/9/2019 LPI 101 Ch13 Files and Directories
51/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
chattr Command
Thechattrcommand changes file attributes on an ext2 orext3filesystem. Using the different options, chattrcan markfiles
asimmutable, secure deletion, and more. Thesyntax forchattr:
chattr
To assign options, chattr uses three different options (called
opcodes):
+ Add attribute
- Remove attribute
= Assign attributes (removing unspecified
attributes)
-
8/9/2019 LPI 101 Ch13 Files and Directories
52/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
chattr Command
The following is a list ofattributes used with chattr:
a Append only for writing. Can beset orcleared only by
a privileged userc Compressed
d No dump
i Immutable. Can beset orcleared only by a privilegeduser.
s Secure deletion; thecontents arezeroed on deletion
S Synchronous updates
-
8/9/2019 LPI 101 Ch13 Files and Directories
53/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
lsattr Command
You can display attributes of a file areset by chattrby usingthiscommand
-
8/9/2019 LPI 101 Ch13 Files and Directories
54/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Access Control Lists
Access Control Lists (ACLs) provide greatercontrol over
file access permissions and providebetter filesecurity forthe file owner, group, other, specific users and specificgroups.
-
8/9/2019 LPI 101 Ch13 Files and Directories
55/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
ACL Commands
ACLscan beset orviewed using thesecommands:
getfacl filename(s):Display ACL entries on a file(s). setfacl acl_entries: Creates ormodifies ACL entries on
files
-
8/9/2019 LPI 101 Ch13 Files and Directories
56/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
ACL Entry Examples
u[ser]::perm Sets permissions for file owner.
g[roup]::perm Sets permissions for owners group. o[ther]:perm Sets permissions for users other than the
owner or owners group.
-
8/9/2019 LPI 101 Ch13 Files and Directories
57/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
u[ser]:UID:perm or u[ser]:username:perm Sets
permissions for a specific user. g[roup]:GID:perm or g[roup]:groupname:perm Sets
permission for a specific group.
m[ask]:perm Sets ACL mask. Indicates themaximum
permissions allowed for all users, (except the owner) andfor all groups.
-
8/9/2019 LPI 101 Ch13 Files and Directories
58/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Adding ACL Permissions on a File
To add ACL permissions on a file, use thesetfacl mcommand.
#setfacl -m user:user8:6 file.txt#getfacl file.txt
# file: file.txt# owner: user1# group:classuser::rwxuser::user8:rw- #effective:r--
group::r- #effective:r--mask:rother:---
-
8/9/2019 LPI 101 Ch13 Files and Directories
59/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Modifying ACL Permissions on a File
#setfacl -m m:6 file.txt#getfacl file.txt
# file: file.txt
# owner: user1
# group:class
user::rwx
user::user8:rw- #effective:rw
group::r- #effective:r--
mask:rw
other:---
-
8/9/2019 LPI 101 Ch13 Files and Directories
60/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Determining if a File has an ACL
There are two ways to determineif a file has an ACL: By using the getfacl command By using the ls -l command
Using the ls -l command on any file with an ACL displays a
plus (+)sign at theend of the permission mode field. Forexample:#ls -l file.txt-rwxr-----+ 1 user1 class 167 Apr 18 11:13 file.tx
-
8/9/2019 LPI 101 Ch13 Files and Directories
61/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Deleting an ACL Entry on a File
To delete an ACL entry from a file, use thesetfacl xcommand and specify theentry type and theUID(username) or GID (groupname).
Thisexample deletes an ACL entry from file.txt:
#setfacl -x u:user8 file.txt
-
8/9/2019 LPI 101 Ch13 Files and Directories
62/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Replacing an Entire ACL on a File
Thisexamplesets the file owner permissions to read andwrite, group permissions to read only, and otherpermissions to none on file.txt.
#setfacl -m user::rw-,group::r--,other:---,mask:rw-,user:user8:rw- file.txt
#getfacl file.txt# file: file.txt# owner: user1# group:class
user::rwuser:user8:rw- #effective:rwgroup::r-- #effective:r--mask:rwother:---
-
8/9/2019 LPI 101 Ch13 Files and Directories
63/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Linking Files and Directories
Links are used to createalternate names oraliases for files anddirectories on a system
There are two kinds of links:
hardlink
symbolic link (orsoftlink)
-
8/9/2019 LPI 101 Ch13 Files and Directories
64/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Hard link
Used to linkfiles on thesame file system
Files that are hard linked share the same inode number (referto thesame data on disk)
Hard links arenot used to link directories and cannot cross filesystems.
-
8/9/2019 LPI 101 Ch13 Files and Directories
65/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Creating Link
Command Format :ln [-s]
-
8/9/2019 LPI 101 Ch13 Files and Directories
66/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Examle Creating Hard Link
$ln/export/home/user2/dante essay
$ls -i /export/home/user2/dante
89532 dante
$ls -i essay
89532 essay
Examle Creating Symbolic
-
8/9/2019 LPI 101 Ch13 Files and Directories
67/68
SAIGONLAB 83 Nguyn Th Nh, P9, Q.Tn Bnh, Tp. HCM LPI 102
Examle Creating SymbolicLink
$ln-s tutor.vi symlink
$ls -l symlink
lrwxrwxrwx 1 torey staff 8 May 9 symlink--->tutor.vi
-
8/9/2019 LPI 101 Ch13 Files and Directories
68/68
Summary
Describe and explain the Linux file system directory structure Explain file system concepts
Identify and explain inodes
Utilize chown,chgrp, and other file related commands
Set user and group ID permissions
Identify and explain sticky bits Identify and explain links
top related