337 Chapter 21: Introduction to Linux Systems Administration File Listings, Ownerships, and Permissions Managing files under Linux is different from managing files under Windows. This section discusses the tools necessary to perform basic file management. ls: List Files The ls command is used to list all of the files in a directory. The command has more than 26 options. The most common of these options are shown in Table 21-2. See the man page for the complete list of options. You can use these options in any combination with one another. For example, to list all files in a directory with a long listing, type the following: [root@ford /root]# ls -la To list nonhidden files in a directory that start with A, type the following: [root@ford /root]# ls A* About Files and Directories Under Linux (and UNIX in general), you will find that almost everything is abstracted to a file. Linux’s developers originally did this to simplify the programmer’s job. Thus, instead of having to communicate directly with device drivers, you use special files (which to the application appear as ordinary files) as a bridge instead. To accommodate all of these uses of files, different types of files exist: N Normal files Normal files are just that—normal. They contain data or executables, and the operating system makes no assumptions about their contents. Option Description -l Long listing. In addition to the filename, show the file size, date/time, permissions, ownership, and group information. -a All files. Show all files in the directory, including those that are hidden. Hidden files begin with a period. -1 Single column listing. List all files in a single column. -R Recursive. Recursively list all files and subdirectories. Table 21-2. Common ls Command Options 338 Networking: A Beginner’s Guide N Directories Directory files are a special instance of normal files in that their contents list the location of other files. Among the files to which directories point might be other directories. In your day-to-day work, it won’t matter to you much that directories in Linux (and UNIX) are actually files, unless you happen to try to open and read the directory file yourself, rather than use existing applications to navigate directories. N Hard links Each file in the Linux file system gets its own i-node. An i-node keeps track of a file’s attributes and location on the disk. If you need to be able to refer to a single file using two separate filenames, you can create a hard link. The hard link will have the same i-node as the original file, so it will look and behave just like the original file. With every hard link that is created, a reference count is incremented. When a hard link is removed, the reference count is decremented. Until the reference count reaches zero, the file will remain on disk. NOTE A hard link cannot exist between two files that are on separate partitions. This is because the hard link refers to the original file by i-node. A file that is referred to by one i-node on one file system will refer to another file on another file system. N Symbolic links Unlike a hard link, which points to a file by its i-node, a symbolic link points to another file by its name. Thus, symbolic links (often abbreviated as symlinks) can point to files located on other partitions or even on other network drives. N Block devices Since all device drivers are accessed through the file system, files of type block device are used to interface with devices such as disks. N Character devices Similar to block devices, character devices are special files that allow you to access devices through the file system. The obvious difference between block and character devices is that block devices communicate with the actual devices in large blocks, whereas character devices work one character at a time. A hard disk is a block device; a modem is a character device. N Named pipes A named pipe is a special type of file that allows for interprocess communication. Using the mknod command (discussed later in the “File Management and Manipulation” section), you can create this special kind of file that one process can open for reading and another process can open for writing, thus allowing the two processes to communicate with one another. Named pipes work especially well when a package refuses to take input from a command-line pipe, you have another program that you need to feed data, and you don’t have the disk space for a temporary file. Block devices, character devices, and named pipes have certain characteristics that identify their file type. 339 Chapter 21: Introduction to Linux Systems Administration The three identifying traits of a block device are that it has a major number, has a minor number, and when viewed using the ls -l command, shows the first character of the permissions to be a b. Here’s an example: [root@ford /root]# ls-l /dev/sda1 brw-rw 1 root disk 8, 1 2009-04-10 /dev/sda1 In this case, the b is at the beginning of the file’s permissions, the 8 is the major number, and the 1 is the minor number. The significance of the major number is that it identifies which device driver the file represents. When the system accesses this file, the minor number is passed to the device driver as a parameter to tell the driver which device it is accessing. (For example, if there are two serial ports, they will share the same device driver and thus the same major number, but each serial port will have a unique minor number.) The distinguishing characteristics of a character device are that its permissions start with a c, and the device has a major and minor number. Here’s an example: [root@ford /root]# ls -l /dev/ttyS0 crw 1 root tty 4, 64 May 5 1988 /dev/ttySo You can tell that a file is a named pipe by the fact that the first character of its file permissions is a p, as in the following example: [root@ford /root]# ls-l mypipe prw-r r 1 root root 0 June 16 10:47 mypipe chown: Change Ownership The chown command allows you to change the ownership of a file to someone else. Only the root user can change this ownership. (Normal users may not “give away” or “steal” ownership of a file from another user.) The format of the command is as follows: [root@ford /root]# chown [-R] username filename where username is the user’s login to which you want to change the ownership and filename is the name of the file that will have its ownership changed. The filename may be a directory as well. The -R option applies when the specified filename is a directory name. It tells the command to descend recursively through the directory tree and apply the new ownership not only to the directory itself, but to all of the files and subdirectories within it. chgrp: Change Group chgrp is another command-line utility that allows you to change the group settings of a file. The command works in much the same way as chown does. The format of the command is as follows: [root@ford /root]# chgrp [-R] groupname filename 340 Networking: A Beginner’s Guide where groupname is the name of the group to which you want to change filename. The filename may be a directory as well. The -R option applies when the specified filename is a directory name. As with chown, the option tells the chgrp command to descend recursively through the directory tree and apply the new ownership not only to the directory itself, but to all of the files and subdirectories within it. chmod: Change Mode Permissions are broken into four parts. The first part is the first character of the permissions. If the file is a normal file, then it will have no value and be represented with a hyphen (-). If the file has a special attribute, it will be represented with a letter. The two special files that you are most interested in are directories that are represented with a d and symbolic links that are represented with an l. The second, third, and fourth parts are represented in three-character chunks. The first part is the permissions for the owner of the file. The second part is the permissions for the group. Finally, the last part is the permissions for the world. In the context of UNIX, the world is simply all the users in the system, regardless of their group settings. The letters used to represent permissions are R for read, W for write, and X for execute. Each permission has a corresponding value. The read attribute is equal to 4, the write attribute is equal to 2, and the execute attribute is equal to 1. When you combine attributes, you add their values. The reason that these attributes need values is to ensure that you can use the chmod command to set them. Although the chmod command does have more readable ways to set permissions, it is important that you understand the numbering scheme since it is used for programming. Plus, not everyone uses the naming scheme, and Linux users often assume that if you understand file permissions, you understand the numeric meanings as well. The most common groups of three and their meanings are listed in Table 21-3. Permission Values Meaning 0 No permissions r 4 Read only rw- 6 Read and write rwx 7 Read, write, and execute r-x 5 Read and execute x 1 Execute only Table 21-3. Common Permission Combinations 341 Chapter 21: Introduction to Linux Systems Administration Each of these three-letter chunks is then grouped together three at a time. The first chunk represents the permissions for the owner of the file, the second chunk represents the permissions for the group of the file, and the last chunk represents the permissions for all of the users on the system. Table 21-4 lists some common permission. Permission Numeric Equivalent Meaning -rw 600 The owner has read and write permissions. You want this setting for most of your files -rw-r r 644 The owner has read and write permissions. The group and world have read-only permissions. Be sure that you want to let other people read this file. -rw-rw-rw- 666 Everyone has read and write permissions on a file. This setting is bad. You don’t want other people to be able to change your files. -rwx 700 The owner has read, write, and execute permissions. You want this setting for programs that you wish to run (such as the file that results from compiling a C or C++ program). -rwxr-xr-x 755 The owner has read, write, and execute permissions. The rest of the world has read and execute permissions. -rwxrwxrwx 777 Everyone has read, write, and execute privileges. Like the 666 setting, this is bad. -rwx x x 711 The owner has read, write, and execute permissions. The rest of the world has execute-only permissions. This setting is useful for programs that you want to let others run but not copy. drwx 700 This is a directory created with the mkdir command. Only the owner can read and write to this directory. Note that all directories must have the executable bit set. drwxr-xr-x 755 Only the owner can change this directory, but everyone else can view its contents. drwx x x 711 A handy trick is to use this setting when you need to keep a directory world-readable, but you don’t want people to be able to list the files by running the ls command. The setting enables users to read a directory only if they know the filename that they want to retrieve. Table 21-4. Common File Permissions . blocks, whereas character devices work one character at a time. A hard disk is a block device; a modem is a character device. N Named pipes A named pipe is a special type of file that allows for. have another program that you need to feed data, and you don’t have the disk space for a temporary file. Block devices, character devices, and named pipes have certain characteristics that identify. to the application appear as ordinary files) as a bridge instead. To accommodate all of these uses of files, different types of files exist: N Normal files Normal files are just that—normal. They