Files and directories
Files contain data. They have a name, permissions, owner (user+group), contents, and some other metadata.
Filenames may contain any character except ‘/’, which is reseved as a separator between directory and filenames. The special characters would require quotaion while dealing, with such filenames, though it makes sence to avoid them anyway.
Path can be absolute, starts with ‘/’ or relative, that is related to the current directory.
ls is the standard way of getting information about files. By default it lists
your current directory (i.e. pwd), but there are many options:
# list directory content
ls /usr/bin
# list directory files including dot files (i.e. hidden ones)
ls -A ~/directory1
# list all files and directories using long format (permissions, timestamps, etc)
ls -lA ../../directory2
Special notations and expanssions in BASH, can be used with any command:
./ stands for the current directory
../ parent directory
~ home directory
* a wildcard, replaces any character(s) or none
? only one character
[] a group of characters, like [abc]
[!] same as above but negated, i.e. all but those, like [!a-zA-Z]
{ab,cd,xyz} expands by BASH as 'ab cd xyz'
{0..9} expands as '0 1 2 3 4 5 6 7 8 9'
For the quotation:
'', "", \
Quotation matters ls 'file name' vs ls file name or echo "$USER" vs echo '$USER'
BASH first expand the expanssions and substitute the wildcards, and then execute the command. Could be as complex as:
ls -l ~/[!abc]???/dir{123,456}/filename*.{1..9}.txt
There are a variety of commands to manipulate files/directories:
cd, mkdir, cp, cp -r, rm, rm -r, mv, ln, touch
For file/directory meta information or content type:
ls, stat, file, type -a
Note that cd is a shell builtin which change’s the shell’s own
working directory. This is the base from which all other commands
work: ls by default tells you the current directory. . is the
current directory, .. is the parent directory, ~ is your HOME. This is
inherited to other commands you run. cd with no options drops your to your $HOME.
# copy a directory preserving all the metadata to two levels up
cp -a dir1/ ../../
# move all files with the names like filename1.txt, filename_abc.txt etc to dir2/
mv filename*.txt dir2/
# remove a directories/files in the current dir without asking for the confirmation
rm -rf dir2/ dir1/ filename*
# create an empty file if doesn't exist or update its access/modification time
touch filename
# create several directories at once
mkdir dir3 dir4 dir5
# -or-
mkdir dir{3,4,5}
# make a link to a target file (hard link by default, -s for symlinks)
ln target_file ../link_name
Discover other ls features ls -lX, ls -ltr, ls -Q
You may also find useful rename utility implemented by Larry Wall.
File/directory permissions
Permissions are one of the types of file metadata.
They tell you if you can read a file, write a file, and execute a file/list directory
Each of these for both user, group, and others
Here is a typical permission bits for a file:
-rw-r--r--In general, it is
rwxrwxrwx– read, write, execute/search for user, group, others respectivelyls -lgives you details on files.
Modifying permissions: the easy part
chmod/chown is what will work on all filesystems:
chmod u+rwx,g-rwx,o-rwx <files> # u=user, g=group, o=others, a=all
# -or-
chmod 700 <files> # r=4, w=2, x=1
# recursive, changing all the subdirectories and files at once
chmod -R <perm> <directory>
# changing group ownership (you must be a group member)
chgrp group_name <file or directory>
Extra permission bits:
s-bit: setuid/setgid bit, preserves user and/or group IDs.
t-bit: sticky bit, for directories it prevents from removing file by another user (example /tmp)
Setting default access permissions: add to .bashrc umask 027
[1]. The umask is what permissions are removed from any newly
created file by default. So umask 027 means “by default,
g-w,o-rwx any newly created files”. It’s not really changing the
permissions, just the default the operating system will create with.
Hint:
even though file has a read access the top directory must be
searchable before external user or group will be able to access
it. Sometimes on Triton, people do chmod -R o-rwx $WRKDIR; chmod o+x
$WRKDIR. Execute (x) without read (r) means that you can
access files inside if you know the exact name, but not list the
directory. The permissions of the files themselves still matter.
Modifying permissions: advanced (*)
Access Control Lists (ACLs) are advanced access permissions. They don’t work everywhere, for example mostly do no work on NFS mounted directories. They are otherwise supported on ext4, lustre, etc (thus works on Triton $WRKDIR).
In “normal” unix, files have only “owner” and “group”, and permissions for owner/group/others. This can be rather limiting.
Access control lists (ACLS) are an extension that allows an arbitrary number of users and groups to have access rights to files. The basic concept is that you have:
ACLs don’t show up in normal
ls -loutput, but there is an extra plus sign:-rw-rwxr--+. ACLs generally work well, but there are some programs that won’t preserve them when you copy/move files, etc.POSIX (unx) ACLs are controlled with
getfaclandsetfaclAllow read access for a user
setfacl -m u:<user>:r <file_or_dir>Allow read/write access for a group
setfacl -m g:<group>:rw <file_or_dir>Revoke granted access
setfacl -x u:<user> <file_or_dir>See current stage
getfacl <file_or_dir>
File managers on Triton we have installed Midnight Commander – mc
Advanced file status to get file meta info stat <file_or_dir>
Exercise 1.2
Exercise
mkdir in the current direcotory, cd there and
toucha file. Rename it. Make a copy and then remove the original. What doestouchdo?list all files in /usr/bin and /usr/sbin that start with non-letter characters with one
lscommandlist with
lsdot files/directories only (by default it lists all files/directories but not those that begin with.). “dotfiles” are a convention where filenames that begin with.such as.bashrcare considered “hidden”.Explore
stat fileoutput. What metadata do you find? Try to stat files of different types (a regular file, directory, link, special device in /dev)create a directory, use
chmodto allow user and any group members full access and no access for others(*) change that directory group ownership with
chownorchgrp(any group that you belong to is fine), set s-bit for the group and apply t-bit to a directory, check that the upper directory has o+x bit set: now you should have a private working space for your group. Tip: see groups that you are a member ofid -Gnls -ldtells you that directory has permissionsrwxr-Sr--. Do group members have access there?(*) create a directory (in /tmp if you are on a server with ), use
setfaclto set its permissions so that only you and some user/group of your choice would have access to it.(*) create a directory and a subdirectory in it and set their permissions to 700 with one command.