Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 50 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
50
Dung lượng
247,5 KB
Nội dung
8 Default Permissions Changing the umask Value The umask value can be changed at the command line or with a umask command in the user’s startup (.profile) file Changing umask for the Current Shell and its Subshells You would: Verify the current umask $ umask 022 Change the umask value to 027 and verify $ umask 027 $ umask 027 The new umask value will be lost when you log out of the system unless the umask command is placed in the profile file This file is discussed in detail in Module 11, ‘‘Initialization Files.” 8-26 Caution – If terminal window is opened from the Front Panel, umask may display incorrectly due to a known bug This problem can be circumvented by opening a terminal window from the Workspace Manager instead Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Exercise objective – The purpose of this lab is to give you practice reading permissions on files and changing permissions using symbolic or octal notation Tasks Complete or answer the following: Execute the following commands: $ mkdir ~/perm $ cd /etc $ cp group passwd motd vfstab dumpdates shadow ~/perm $ cd $ cp -r /etc/skel perm When trying to copy /etc/shadow an error message was displayed Why? _ _ Change directory to perm and complete the following table: File or Directory User Permissions group rw- passwd vfstab Group Permissions Other Permissions Octal Value r-rw- skel 755 Create a new file and a new directory w What are the default permissions given to the new file? _ w What are the default permissions given to the new directory? _ File Security 8-27 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Tasks In a directory with permissions of drwxr-xr , who can perform the following actions with the files shown below? Put an X next to each allowed action -rw-r r-user: read _ group: read _ others: read _ modify modify _ modify _ delete _ delete _ delete _ execute _ execute _ execute _ -rwxrwxr-x user: read _ group: read _ others: read _ modify modify _ modify _ delete _ delete _ delete _ execute _ execute _ execute _ Using symbolic mode, add write permission for group to the motd file _ Using symbolic mode, remove group read on the file dumpdates _ Using octal mode, change the permissions on the file motd to rwxrw _ Using octal mode, change the permissions on the file group to add write permission for others _ Why is execute not a default permission for a newly created file? _ _ 10 Create a new file called memo in your practice directory _ 8-28 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Tasks 11 Remove the read permission for the owner from the file memo in the practice directory Use either symbolic or octal mode _ What happens when you try to use the cat command to view the memo file? _ What happens when you try to copy the memo file? _ _ Workshop Labs Use what you have learned so far in this course to work through the following: Make a directory containing some of your files available to coworkers in your group but not to others Create a directory under your home directory called Textfiles Put a copy of four of the text files from your home directory into the new directory Change permissions appropriately so that other users in your group can copy files from the Textfiles directory Create a file in the directory which lists the names of all of the four text files in the directory Make the file modifiable by someone in your group File Security 8-29 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Exercise Summary Discussion – Take a few minutes to discuss what experiences, issues, or discoveries you had during the lab exercises Manage the discussion here based on the time allowed for this module, which was given in the “About This Course” module If you find you not have time to spend on discussion, then just highlight the key concepts students should have learned from the lab exercise q Ask students what their overall experiences with this exercise have been You might want to go over any trouble spots or especially confusing areas at this time q 8-30 Conclusions Have students articulate any conclusions they reached as a result of this exercise experience q Interpretations Ask students to interpret what they observed during any aspects of this exercise q Experiences Applications Explore with students how they might apply what they learned in this exercise to situations at their workplace Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Exercise Solutions Complete the following steps: Execute the following commands: $ mkdir ~/perm $ cd /etc $ cp group passwd motd vfstab dumpdates shadow ~/perm $ cd $ cp -r /etc/skel perm When trying to copy /etc/shadow an error message was displayed Why? Because, as a user who is not part of the sys group, you have no permissions on this file Change directory to perm and complete the following table: $ cd perm $ ls -l File or Directory User Permissions Group Permissions Other Permissions Octal Value group rw- r r 644 passwd rw- r r 644 vfstab rw- r r 644 skel rwx r-x r-x 755 Create a new file and a new directory w What are the default permissions given to the new file? rw-r r w What are the default permissions given to the new directory? rwxr-xr-x File Security 8-31 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Exercise Solutions In a directory with permissions of drwxr-xr , who can perform the following actions with the files shown below? Put an X next to each allowed action -rw-r r-user: read X group:read X others: read _ modify X delete X execute _ modify _ delete _ execute _ modify _ delete _ execute _ -rwxrwxr-x user: read X group: read X others: read _ modify X delete X execute X modify X delete _ execute X modify _ delete _ execute _ Using symbolic mode, add write permission for group to the motd file $ chmod g+w motd Using symbolic mode, remove group read on the file dumpdates $ chmod g-r dumpdates Using octal mode, change the permissions on the file motd to rwxrw $ chmod 760 motd Using octal mode, change the permissions on the file group to add write permission for others $ chmod 646 group Why is execute not a default permission for a newly created file? Most files are not binary or executable scripts Having execute as a default permission for a file would cause the system to see all new files as executables 8-32 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Exercise: Changing File Permissions Exercise Solutions (Continued) 10 Create a new file called memo in your practice directory $ touch ~/practice/memo 11 Remove the read permission for the owner from the file memo in the practice directory Use either symbolic or octal mode $ chmod u-r ~/practice/memo or chmod 244 ~/practice/memo What happens when you try to use the cat command to view the memo file? You cannot use the cat command because the read permission has been removed for the user (Even though you are part of the group, the permissions are looked at in the order they appear.) What happens when you try to copy the memo file? You cannot copy the file because, as in step 4, the user has no read permission File Security 8-33 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Check Your Progress Before continuing on to the next module, check that you are able to accomplish or answer the following: u u Define permission types (read, write, and execute) u Set and change file permissions using symbolic and octal notation u 8-34 Display file permissions Display the umask value of a file or directory Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D Think Beyond In your work environment, is file security an important issue? What advantages or disadvantages are there to working in a secure computing environment? File Security 8-35 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Shell Variables Overview To make a local variable available in all subshells, it must be exported, either by adding it to an initialization file, as discussed in Module 11, ‘‘Initialization Files,” or by exporting it on the command line Note – See the man pages on ksh, csh, and sh for variable definitions Bourne and Korn Shell Variables 10-5 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Shell Variables Local Shell Variables A user-defined variable enables you to determine both the name of the variable and its value For example, a pathname could be assigned for the on-line dictionary used in text editing programs By convention, the Bourne and Korn shells use capital letters for shell variable names The first command format in the following examples sets the variable based on a name and value selected by the user, while the unset command removes the variable from the current shell and subshells: Command Format VARIABLE=value unset VARIABLE 10-6 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Shell Variables Local Shell Variables Setting a Local Variable $ DT=/usr/dict $ echo $DT /usr/dict $ cd $DT $ pwd /usr/dict $ unset DT $ echo $DT $ cd $ cd $DT $ pwd /home/user2 The echo command simply echoes back to the screen whatever is passed to it as an argument The dollar sign ($) metacharacter preceding a variable name enables the system to use the value of the variable and not the name of the variable In the above example, the echo command with $DT displays the value of DT to the screen Since this is a local variable, if a new subshell is opened, the variable DT is not available Bourne and Korn Shell Variables 10-7 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Shell Variables Displaying Shell Variables Variables and their values can be displayed by typing the set command Command Format set Displaying Variables $ set DISPLAY=:0.0 ERRNO=13 FCEDIT=/bin/ed HELPPATH=/usr/openwin/lib/locale:/usr/openwin/lib/help HOME=/home/guest HZ=100 IFS= LANG=C LINENO=1 LOGNAME=guest MAIL=/var/mail/guest MAILCHECK=600 MANPATH=/usr/openwin/share/man:/usr/man NOSUNVIEW=0 OPENWINHOME=/usr/openwin PATH=/usr/openwin/bin:/usr/bin: PPID=867 PS1=$ PWD=/home/guest RANDOM=4188 SHELL=/bin/ksh TERM=sun-cmd TZ=PST8PDT USER=guest 10-8 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables Your computing environment is composed of special information, such as the location of your mailbox and the type of terminal you have The SunOS 5.x system software provides several default environment variables such as PS1, HOME, LOGNAME, SHELL, and PATH These variables have been defined by the shell to have a specific function The values of these customizable variables can be changed to suit the user’s needs You can temporarily change your environment variables at the command line This affects only the current shell When you exit the shell where the environment variable has been assigned, that environment variable is terminated or set back to its default value Permanent changes are made by modifying the initialization files, discussed in Module 11, ‘‘Initialization Files.” For more information on environment variables, refer to the sources listed in the ‘‘Additional Resources” section of this module The Bourne and Korn shells use the same format for setting environment variables Bourne and Korn Shell Variables 10-9 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables Note – Any shell variable can be made available as an environment variable Exporting Variables Exporting variables in an initialization file enables the variables to be used by the system, processes, scripts, users, and all shells Exporting variables at the command line makes the variables available to the current shell and all of its child processes A variable set in a subshell and exported will be available to any shells opened afterwards but will not be exported to the parent shell It is good practice to use the echo command to check if a value for a variable already exists before setting a new one This protects accidental overwriting of a previously set value Command Format VARIABLE=value;export VARIABLE or export VARIABLE=value Creating Environment Variables $ LPDEST=staffp; export LPDEST $ echo $LPDEST staffp $ EXINIT=’set showmode’; export EXINIT $ echo $EXINIT set showmode $ unset LPDEST $ echo $LPDEST $ 10-10 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables The LPDEST variable defines the default printer EXINIT sets a last line option for vi Note – Setting the EXINIT variable will override any settings saved in a exrc file to customize the behavior of the vi editor Bourne and Korn Shell Variables 10-11 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables Displaying Environment Variables Environment variables and their values can be displayed by typing the env command Command Format env Listing Environment Variables $ env _=/usr/bin/env MANPATH=/usr/openwin/share/man:/usr/man LANG=C HELPPATH=/usr/openwin/lib/locale:/usr/openwin/lib/help HZ=100 NOSUNVIEW=0 PATH=/usr/openwin/bin:/usr/bin: WINDOW_TERMIOS= OPENWINHOME=/usr/openwin LOGNAME=user1 MAIL=/var/mail/user1 TERMCAP=sun-cmd:te=\E[>4h:ti=\E[>4l:tc=sun: DISPLAY=:0.0 SHELL=/bin/ksh HOME=/home/user1 TERM=sun-cmd PWD=/opt TZ=US/Pacific ENV=/export/home/user1/.kshrc XINITRC=/usr/openwin/lib/Xinitrc 10-12 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables The PATH Variable The shell uses the PATH variable to locate commands in directories in the order specified by the PATH statement Command Format PATH=directory:directory:directory export PATH Setting the PATH Variable $ PATH=/usr/bin:/usr/openwin/bin:/etc: $ export PATH $ echo $PATH /usr/bin:/usr/openwin/bin:/etc: The dot (.) in the PATH variable enables the system to search the current working directory for commands You can also add to the existing path by typing the following: $ PATH=$PATH:/usr/ucb $ echo $PATH /usr/bin:/usr/openwin/bin:/etc:.:/usr/ucb $ export PATH Bourne and Korn Shell Variables 10-13 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables The which Command An incorrectly defined PATH variable can result in users not being able to access the right version of a command or software Many user problems can be traced to an incorrectly defined PATH variable The which command displays the pathname leading to an accessible command based on your search path The output will be the name of the first directory in the PATH variable that contains the command you are looking for This can be very useful if a command is not giving the expected output Sometimes the reason for this can be that the system is using an unexpected version of the command If the pathname is not displayed or is incorrect, based on your requirements, modify the PATH variable accordingly Command Format which filename Determining the PATH Location $ which vi /usr/bin/vi The whence command, which is built into the Korn shell, does the same thing as which The whereis Command The whereis command can be used to add appropriate directories to your PATH variable Unlike which, which searches the directories found in your PATH statement, the whereis command searches all of the directories on the system that usually have executable files located in them The whereis command will display all directories where the command is located, including the appropriate man page Command Format whereis filename 10-14 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Environment Variables The whereis Command Using the whereis Command $ /usr/ucb/whereis vi vi: /usr/bin/vi /usr/ucb/vi /usr/man/man1/vi.1 If the whereis command is not found, use /usr/ucb/whereis to run the command Bourne and Korn Shell Variables 10-15 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Exercise: Using Bourne and Korn Shell Variables Exercise objective – In this exercise, you will use the concepts taught in this module to determine the settings of local and environmental variables and create a custom variable Tasks Complete the following steps: Create a shell variable, NAME, with your name as its value Display the value of the new variable Start another Korn shell Does the subshell recognize the variable NAME? Why or why not? _ Exit the subshell Display the value of the NAME variable Is the variable set? _ Make the NAME variable an environmental variable and open another subshell Does the subshell recognize the value of NAME this time? _ List all of the environment variables Is NAME an environmental variable? _ Determine how your current PATH variable is set Add the /usr/ucb directory to your path and export the variable 10-16 Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Workshop Labs Use what you have learned so far in this course to work through the following: Making new directories many levels down in the heirarchy can require a lot of typing Using the information presented in this module about system variables, create a subdirectory in the coffees directory Bourne and Korn Shell Variables 10-17 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Exercise: Using Bourne and Korn Shell Variables Exercise Summary Discussion – Take a few minutes to discuss what experiences, issues, or discoveries you had during the lab exercises Manage the discussion here based on the time allowed for this module, which was given in the “About This Course” module If you find you not have time to spend on discussion, then just highlight the key concepts students should have learned from the lab exercise q Ask students what their overall experiences with this exercise have been You might want to go over any trouble spots or especially confusing areas at this time q 10-18 Conclusions Have students articulate any conclusions they reached as a result of this exercise experience q Interpretations Ask students to interpret what they observed during any aspects of this exercise q Experiences Applications Explore with students how they might apply what they learned in this exercise to situations at their workplace Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D 10 Exercise: Using Bourne and Korn Shell Variables Exercise Solutions Complete the following steps: Create a shell variable, NAME, with your name as its value Display the value of the new variable $ NAME=name $ echo $NAME Start another Korn shell $ ksh Does the subshell recognize the variable NAME? Why or why not? $ echo $NAME No, because the variable was only local to the shell it was created in Exit the subshell Display the value of the NAME variable Is the variable set? $ exit $ echo $NAME Yes, as this is the shell in which the variable was originally set Make the NAME variable an environmental variable and open another subshell Does the subshell recognize the value of NAME this time? $ export NAME $ ksh $ echo $NAME Yes List all of the environment variables Is NAME an environmental variable? $ env Yes, NAME should be an environmental variable Bourne and Korn Shell Variables 10-19 Copyright 1999 Sun Microsystems, Inc All Rights Reserved Enterprise Services August 1999, Revision D ... consistently display the mode, even with showmode turned on 9-6 Consider having students run vi with set showmode set from the beginning Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All... end of current word $ Move to end of line (zero) or ^ Move to beginning of line Return Move down to beginning of next line H Move to top of screen M Move to middle of screen L Move to bottom of. .. Experiences Applications Explore with students how they might apply what they learned in this exercise to situations at their workplace Fundamentals of Solaris Copyright 1999 Sun Microsystems, Inc All