Homework & Review

• Questions?• Everything after this is for accuracy

– “All your permanent teeth are in, okay? You’re playing for keeps now!” -Psych

• Review:– Absolute Path– Relative Path– Linux Directory Structure– Shell look and feel

Today

• Linux Folders• Permissions• Directories

Hi Again Tom• I like Tom – it’s a great visualization of paths

Important Directories

• /bin - commands• /dev - devices• /etc - system configuration• /home - user files• /opt - application directory• /root - root user’s home directory• /sbin - commands• /tmp - temporary files• /var - changing files• There are more, but we’re starting here

Quick Aside

Windows has .exe files for ‘executable’ How you differentiate programs from other files

Linux doesn’t have this You can only tell executables by the permissions What flag on the ls command would show

permissions?

Commands are “programs”

Folders - /bin, /sbin and /dev /bin and /sbin – commands

/bin/ls /sbin/ip

/dev – devices /dev/hdd – IDE hard drives /dev/sda – SATA/SAS hard drives /dev/tty – userspace /dev/cciss – HP’s RAID /dev/dvd – DVD /dev/vg_it136centos65vm – Virtual HDD space

Run the df command to see

Folders - /etc, /home, /opt /etc – configuration files

Configures applications on the system Both integrated and not /etc/sudoers, /etc/httpd/conf/httpd.conf /etc/named.conf, /etc/dhcpd.conf

/home – default user space /home/<username> Users will then create/manage their own files/directories

/opt – third party application space Anything you buy from someone that “runs on Linux”

should be here If it’s not that is a BIG red flag (usually)

Folders - /root, /tmp, /var

/root – home directory for the root user, usually contains backups of configuration files or is a staging area for administrative tasks

/tmp – temporary space, some OS “lock” files, staging area for updates/installations

/var – files that will change through the course of normal system operation (mail, logs, some databases/web servers)

Permissions Permissions in Linux are shown by the ls –l

command -l stands for ‘long list’ which includes the

permissions, owner, and group Linux permissions are shown in two ways

Octal and symbolic Each break permissions down into three groups

1) user/owner of the file 2) group set to use the file 3) everyone else

Octal Three groups of numbers, each number runs

from 0 through 7 777, 733, 755 (three very common

permissions), 456, 523, 123, are other possibilities

So each numerical value has a defined level of access: 0 – no access for anybody 1 – execute permissions 2 – write permissions 4 – read permissions

Oct-wait, what?!

1, 2, 4?! Yes, how’s your math? Every unique combination now stands for a

unique type of access If read was 3 (and not 4), then what would

happen if we wanted to make a file that was executable, and writeable?

Octal Math Unique options are 3, 5, 6, and 7 from

1) execute 2) write 4) read

So, what do these unique options mean 3 = 5 = 6 = 7 =

Octal Permissions (partial) So what does ‘read,’ ‘write,’ and ‘execute’ mean? File:

4) Read: You can read the contents (cat, vi but no saving)

2) Write: You can edit the file (vi, plus saving!) 3) Execute: If it’s a script, you can run it (./)

Directory: 4) Read: You can see what’s inside (ls) 2) Write: You can create new files (touch, vi + saving!) 1) Execute: You can move inside the directory (cd)

Symbolic Permissions

Read, write, and execute are now letters Read: r Write: w Execute: x No permissions: - Now there are three spaces: ---

Symbolic Permissions, cont’d Meaning stays the same: Files:

r - can cat the file, open in vi without saving w - can save in editor (vi) x - can run the script No permissions: -

Directories: r - can do an ls to see files inside w - can create new files (vi/touch) x - can move inside

Groups of Groups

So we have three options (read, write, execute) These options combine into three groups User/owner – the primary user (owner) of the

file Group – the primary group the file is associated

with Others – everyone else not the primary user

(owner) or group Don’t get ‘owner’ and ‘others’ confused!

Groups of Groups, again

Each group gets a full set of permissions Octal

000 (no permissions to anyone) 777 (full permissions to everyone)

Symbolic --------- (no permissions to anyone) rwxrwxrwx (full permissions to everyone)

Or some combination

Groups of Groups, 3

Each set of permissions stands for a different group

Octal 7 7 7 Owner Group Others

Symbolic rwx rwx rwx Owner Group Others

Real Example

[student@it136centos58vm ~]$ ls -l

total 20

-rw-rw-r– 1 student student 29 Apr 17 16:53 err.out

-rwxrwxr-x1 student student 29 Apr 17 16:53 script.sh

-rw-rw-r– 1 student student 29 Apr 17 16:53 teams2.txt

-rw-rw-r– 1 student student 29 Apr 17 16:53 teams.txt

permissions owner group filename

Manipulation Commands mkdir <arg> – make new directory at (and

named) <arg> - ~/backups or /tmp/test cd <arg> – change directory into ‘arg’ (path) ls -l <arg> – list file permissions at ‘arg’ (path) chmod <arg1> <arg2> - change the

permissions to ‘arg1’ (new permissions) on ‘arg2’ (file/path), explained next slide

chmod is awesome, works on directories or files

chmod

chmod <permissions> /path/to/anything chmod <permissions> /etc/passwd chmod <permissions> ~/myscript.sh <permissions> Can be octal or symbolic Otcal: chmod 755 ~/myscript.sh chmod 700 ~

chmod, symbolic Symbolically, we can update one specific group

(user_owner, group, others) chmod g+rwx file - give rwx to the group chmod o+rwx file - give rwx to ‘others’ chmod u+rwx file - give rwx to the user/owner chmod a+rwx file - give rwx to everyone chmod o-r file - remove read permissions from

‘others’ chmod u-x file - remove execute permissions

from user/owner

Your Turn – Interpret the Following Octal: User full, group read, nothing for others

755

Symbolic: User read and write, group write, others read

r-xrw---x

Necessary File Permissions• To read a file (cat, less, grep, etc…)• As owner -r--------; group ----r-----; other_users -------r--• To write to a file (vi, nano, emacs, etc…)• As owner -rw-------; group ----rw----; users -------rw-• You need to be able to read (see the contents of) the file you

want to write to • You can’t write in a book unless you can open the book• To run a script (./script.sh)• As owner -r-x------; group ----r-x---; users -------r-x• Again, you need to be able to see the contents of the script to

know what actions the script is telling you to do• These are all file-based (not directory)

Necessary Directory Permissions• To list the contents of a directory (ls backups)• Owner: -r--------; group: ----r-----; users: -------r--• To move into a directory (cd backups)• Owner: ---x------; group: ------x---; users: ---------x• Note that execute-only will not allow the user to do an ls• Create or modify files inside a directory (touch/echo/vi)• Owner: --wx------; group: ------wx---; users: --------wx• Note - you will still not be able to do an ls as you do not have

‘read’ permissions• Run scripts inside a directory (./script.sh)• Owner: --wx------; group: ------wx---; users: --------wx• Note - again, if something inside the script requires read

permissions, it will not work, but the script will run

Questions on Permissions?

Symbolic or octal Three groups of three Read, Write, Execute, None User/owner, Group, Others chmod

Switch User

su <username> Will switch to the account named <username>

su Will switch to the ‘root’ or admin account Root has all privileges Used for adding users,

patching/updating/installing, reading log files, troubleshooting and other administrative tasks

Corporate Environments As an admin you’ll get several passwords 1) Your own (as a “power user”) 2) An account that can access all devices (if needed) 3) Administrator/root password #3 is what is known as the ‘keys to the kingdom’ –

Windows group doesn’t share with Linux group, which doesn’t share with network group

Keep the root pw extremely confidential Is usually something clever like we have so they can

reference it out loud without others knowing exactly what it is

Quiz Monday 30 minutes 10 questions From Day 1 to now

So expect a question on each topic listed in the “review” or “today” slides from each lecture

And at least one “what is a kernel/os/etc…” question Open book, open note No collaboration

Email, chat, text, social network, etc…

Own Study

Folders review Sobell Ch 4 – The Filesystem (81-89)

Permissions Sobell Ch 4 – Access Permissions (98-103)