Exploring UNIX: Session 3

Similar documents
Exploring UNIX: Session 5 (optional)

A Big Step. Shell Scripts, I/O Redirection, Ownership and Permission Concepts, and Binary Numbers

Scripting. Shell Scripts, I/O Redirection, Ownership and Permission Concepts, and Binary Numbers

Contents. Note: pay attention to where you are. Note: Plaintext version. Note: pay attention to where you are... 1 Note: Plaintext version...

CSE II-Sem)

CISC 220 fall 2011, set 1: Linux basics

: the User (owner) for this file (your cruzid, when you do it) Position: directory flag. read Group.

Introduction to UNIX. Logging in. Basic System Architecture 10/7/10. most systems have graphical login on Linux machines

Unix basics exercise MBV-INFX410

CENG 334 Computer Networks. Laboratory I Linux Tutorial

Exercise Sheet 2. (Classifications of Operating Systems)

Working with Basic Linux. Daniel Balagué

The Unix Shell. Permissions

Linux Tutorial #6. -rw-r csce_user csce_user 20 Jan 4 09:15 list1.txt -rw-r csce_user csce_user 26 Jan 4 09:16 list2.

CST8207: GNU/Linux Operating Systems I Lab Six Linux File System Permissions. Linux File System Permissions (modes) - Part 1

12.1 UNDERSTANDING UNIX SHELL PROGRAMMING LANGUAGE: AN INTRODUCTION Writing a Simple Script Executing a Script

Essential Linux Shell Commands

Unix. 1 tblgrant projects 0 Jun 17 15:40 doc1.txt. documents]$ touch doc2.txt documents]$ ls -l total 0

When talking about how to launch commands and other things that is to be typed into the terminal, the following syntax is used:

CSC209. Software Tools and Systems Programming.

Introduction: What is Unix?

Unix as a Platform Exercises + Solutions. Course Code: OS 01 UNXPLAT

UNIX File Hierarchy: Structure and Commands

Introduction to Linux

commandname flags arguments

Linux Training. for New Users of Cluster. Georgia Advanced Computing Resource Center University of Georgia Suchitra Pakala

The Unix Shell & Shell Scripts

Open up a terminal, make sure you are in your home directory, and run the command.

Using UNIX. -rwxr--r-- 1 root sys Sep 5 14:15 good_program

Introduction to Unix May 24, 2008

CENG393 Computer Networks Labwork 1

B a s h s c r i p t i n g

Essentials for Scientific Computing: Bash Shell Scripting Day 3

Introduction to Linux Workshop 1

Introduction to the Linux Command Line

CS246 Spring14 Programming Paradigm Notes on Linux

I/O and Shell Scripting

Introduction to Linux for BlueBEAR. January

Unix Filesystem. January 26 th, 2004 Class Meeting 2

Outline. Structure of a UNIX command

A Brief Introduction to the Linux Shell for Data Science

LING 408/508: Computational Techniques for Linguists. Lecture 5

Permission and Ownership

1. What statistic did the wc -l command show? (do man wc to get the answer) A. The number of bytes B. The number of lines C. The number of words

Linux Operating System Environment Computadors Grau en Ciència i Enginyeria de Dades Q2

Unix as a Platform Exercises. Course Code: OS-01-UNXPLAT

CS 307: UNIX PROGRAMMING ENVIRONMENT FIND COMMAND

INd_rasN SOME SHELL SCRIPTING PROGRAMS. 1. Write a shell script to check whether the name passed as first argument is the name of a file or directory.

Unix/Linux Basics. Cpt S 223, Fall 2007 Copyright: Washington State University

SECTION -C. Getting Started with UNIX

9.2 Linux Essentials Exam Objectives

Table of contents. Our goal. Notes. Notes. Notes. Summer June 29, Our goal is to see how we can use Unix as a tool for developing programs

Mills HPC Tutorial Series. Linux Basics I

Week 2 Lecture 3. Unix

Command Line Interface The basics

CSE 303 Lecture 4. users/groups; permissions; intro to shell scripting. read Linux Pocket Guide pp , 25-27, 61-65, , 176

Chapter 4. Unix Tutorial. Unix Shell

CS 460 Linux Tutorial

Unix File System. Class Meeting 2. * Notes adapted by Joy Mukherjee from previous work by other members of the CS faculty at Virginia Tech

24 Writing Your First Script

Introduction To. Barry Grant

DAVE LIDDAMENT INTRODUCTION TO BASH

5/8/2012. Encryption-based Protection. Protection based on Access Permission (Contd) File Security, Setting and Using Permissions Chapter 9

Introduction. SSH Secure Shell Client 1

PROGRAMMAZIONE I A.A. 2015/2016

Unix Introduction to UNIX

Operating Systems, Unix Files and Commands SEEM

Using LINUX a BCMB/CHEM 8190 Tutorial Updated (1/17/12)

Linux File System and Basic Commands

Basic Survival UNIX.

-1- csh cd. cd alias!! ; set prompt=" pwd % " 16 cd. 17 cd.. 18 his /home% set prompt. alias. yasuoka : root :

Some Linux (Unix) Commands that might help you in ENSC351

UNIX Quick Reference

Introduction in Unix. Linus Torvalds Ken Thompson & Dennis Ritchie

Files and Directories

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

(a) About Unix. History

A Brief Introduction to Unix

genome[phd14]:/home/people/phd14/alignment >

Introduction to Lab Practicals (Lab Intro 3) Access Control, Synchronisation and Remote Access

Crash Course in Unix. For more info check out the Unix man pages -orhttp:// -or- Unix in a Nutshell (an O Reilly book).

CSC209. Software Tools and Systems Programming.

CS Fundamentals of Programming II Fall Very Basic UNIX

3/8/2017. Unix/Linux Introduction. In this part, we introduce. What does an OS do? Examples

Introduction to UNIX Command Line

Unix Handouts. Shantanu N Kulkarni

CHE3935. Lecture 1. Introduction to Linux

Bash Programming. Student Workbook

Lab Assignment #1. University of Pittsburgh Department of Electrical and Computer Engineering

Tutorial 1: Unix Basics

Lezione 8. Shell command language Introduction. Sommario. Bioinformatica. Mauro Ceccanti e Alberto Paoluzzi

Common UNIX Commands. Unix. User Interfaces. Unix Commands Winter COMP 1270 Computer Usage II 9-1. Using UNIX. Unix has a command line interface

Unix Shell scripting. Dr Alun Moon 7th October Introduction. Notation. Spaces

CS4350 Unix Programming. Outline

Hands-on Keyboard: Cyber Experiments for Strategists and Policy Makers

CSC111 Computer Science II

Introduction to Lab Practicals (Lab Intro 3) Access Control, Synchronisation and Remote Access

FILE MAINTENANCE COMMANDS

ENCM 339 Fall 2017: Editing and Running Programs in the Lab

Getting started with Hugs on Linux

Transcription:

Exploring UNIX: Session 3 UNIX file system permissions UNIX is a multi user operating system. This means several users can be logged in simultaneously. For obvious reasons UNIX makes sure users cannot access files other than their own, or those they have been given permission to access. In UNIX, every user has a user name, or login name, and in addition belongs to at least one group. You can see which groups you belong to using the groups command. You may belong to a cut or cst group, and perhaps some others: groups cst These two properties, user name and group, form the basis for the UNIX file permissions system. Every file or directory belongs to a user (the owner) and a group. By default, when you create a new file or directory, it initially belongs to you and is associated with your group. Each file has three separate sets of access permissions: User - permissions for the user who owns the file. Group - permissions for users that don't own the file, but are in the same group as the file. Other - permissions for everyone else (people who do not own the file and who are not in the same group as it). These are sometimes known as world permissions (i.e. for the rest of the world). You may hear a file referred to as being group writeable, meaning that anyone in its group can write to it, or world readable, meaning any user can read the file, regardless of their username or group. Each set of permissions has three modes which can be turned on or off: readable - the file is allowed to be read writeable - the file is allowed to be written (modified) executable - the file is allowed to be executed (if it s a program or script) [ execute means run ] Permissions on directories have the same names, but their meaning is interpreted slightly differently: A directory which is marked readable can be listed (you can use ls on it) - in other words you can read its listing of what s in it. A directory which is marked writeable allows you to create or delete files within (it allows you to modify the listing). A directory that is marked executable allows you to traverse through it to access files it contains - e.g. to cd into or through it. If a directory doesn t have execute permissions, you cannot access any files stored in it, even if those files have permissions that let you!

Note: One important point to note here about permissions on directories is that if a user has write permission on a directory, they can delete files from that directory even if they don't own the files, or have permission to read/write them! So be careful to whom you give write access on directories... Inspecting permissions To view the permissions on a file, you use the ls command with the l ( ell ) flag. If you want to see permissions for a directory, you also have to add the -d flag, otherwise you just see the contents of the directory, not the directory itself. Here s an example: ls -l /courses/projweek/unix/commands total 10 drwxr-xr-x 2 rde cur 1024 Nov 20 17:37 data -rw-r--r-- 1 rde cur 2974 Nov 20 14:58 hitchhikers.txt drwxr-xr-x 2 rde cur 1024 Nov 20 14:54 quotes In the output of the ls -l command, the first block of characters on each line lists the permissions for that file. Let's consider the permissions for the directory quotes in the listing above. The permissions for this directory are these: drwxr-xr-x Let's go through those permissions step by step. The first character indicates whether the entry is for a directory (d) or not (-). So, as you can see, in this example quotes is a directory. The next three characters indicate the permissions for the owner of the file. In this case, the file has rwx as its permissions, meaning the owner can read, write and execute the directory. The next three characters indicate the permissions for users in the same group as the file. In this case that is r-x, meaning people in the same group can read and execute, but not write to the directory. The final three characters are the permissions for all other users, and are r-x again. The owner and group for the file are shown in the third and fourth columns of the listing. For instance, the files in the listing above are all owned by aa99 and are in the cur group. Modifying permissions on files File access permissions can be changed using the chmod command (another of those weird words; it s short for change mode ). The basic syntax of the command is: chmod permission files File permissions are specified as a comma separated list of expressions of the form: who operator permissions The who specifies whether the permissions apply to the owner, group, etc., and can be one of these values: u - The user who owns the file g - People in the same group as the file o - All people who are not the owner or in the same group as the file a - All users. Useful for setting the same permissions (e.g. read) for everyone

The operator specifies whether the permissions are overwriting the existing permissions, or just modifying them. The operator can be one of: + - Add this permission - - Remove this permission = - Set the permissions to exactly these permissions The permissions are just like those in the output of the ls -l command. Try these examples on raptor. You will of course see your own username in the listings, rather than aa99, and a different group than cur: cp -r /courses/projweek/unix/permissions ~/projweek cd ~/projweek/permissions pwd ls -l total 8 -rw-r--r-- 1 aa99 cur 261 Nov 27 13:54 group-stuff -rw-r--r-- 1 aa99 cur 28 Nov 27 13:54 mind-your-own-business -rw-r--r-- 1 aa99 cur 13 Nov 27 13:54 public -rw-r--r-- 1 aa99 cur 12 Nov 27 13:54 top-secret Now, those four files are all world readable, but clearly two of them should not be! Let's start by stopping anyone from being able to read the top-secret information! Do this on raptor: cat top-secret TOP SECRET! chmod a-r top-secret ls -l total 8 -rw-r--r-- 1 aa99 cur 261 Nov 27 13:54 group-stuff -rw-r--r-- 1 aa99 cur 28 Nov 27 13:54 mind-your-own-business -rw-r--r-- 1 aa99 cur 13 Nov 27 13:54 public --w------- 1 aa99 cur 12 Nov 27 13:54 top-secret cat top-secret cat: top-secret: Permission denied As you can see, no one can read the top-secret file anymore - not even yourself (though you can change the permissions). If you look at the chmod command, you will see you used the a-r setting, which says for all users (a) remove (-) read (r) permissions. Now, let s consider the mind-your-own-business file. Perhaps you want to be able to read it yourself, but block all other users from reading it. Try this: ls -l total 8 -rw-r--r-- 1 aa99 cur 261 Nov 27 13:54 group-stuff -rw-r--r-- 1 aa99 cur 28 Nov 27 13:54 mind-your-own-business -rw-r--r-- 1 aa99 cur 13 Nov 27 13:54 public --w------- 1 aa99 cur 12 Nov 27 13:54 top-secret cat mind-your-own-business Curiosity killed the cat... chmod g-r,o-r mind-your-own-business ls -l total 8 -rw-r--r-- 1 aa99 cur 261 Nov 27 13:54 group-stuff -rw------- 1 aa99 cur 28 Nov 27 13:54 mind-your-own-business

-rw-r--r-- 1 aa99 cur 13 Nov 27 13:54 public --w------- 1 aa99 cur 12 Nov 27 13:54 top-secret cat mind-your-own-business Curiosity killed the cat... Here you can see that we have used g-r,o-r to remove read permission for group and other. Now let s look at the group-stuff file. Let s give the whole group write access to it: ls -l group-stuff -rw-r--r-- 1 aa99 cur 261 Nov 27 13:54 group-stuff chmod g+w group-stuff ls -l group-stuff -rw-rw-r-- 1 aa99 cur 261 Nov 27 13:54 group-stuff Here you can see we ve used g+w to add write permission for the group. Now let s consider that final file - public. Let's make it world read and writeable: ls -l public -rw-r--r-- 1 aa99 cur 13 Nov 27 13:54 public chmod a=rw public ls -l public -rw-rw-rw- 1 aa99 cur 13 Nov 27 13:54 public You can see here we have used the "=" operator to specify exactly what permissions we want on the file (all users to have both read and write permission). Permissions on directories So far you ve seen how we manipulate permissions on files, so let s now experiment with permissions on directories. Permissions on directories are set in the same way as with files; it s just the interpretation of read/write/execute which are different. Try some examples - first, let s create a directory for us to experiment with. We ll make sure only you have access to it so that we can concentrate on the meaning of the permissions, but setting permissions for other users is just the same. pwd mkdir test ls -ld test drwxr-xr-x 2 aa99 cur 96 Nov 27 14:55 test chmod g=,o= test ls -ld test drwx------ 2 aa99 cur 96 Nov 27 14:55 test So now we have a directory (test) on which you have read, write and execute permission. First, let s demonstrate the meaning of a directory being writeable. Try this: ls -ld test drwx------ 2 aa99 cur 96 Nov 27 15:01 test ls -l test total 0 cp public test ls -l test total 2 -rw-r--r-- 1 aa99 cur 13 Nov 27 15:01 public rm test/public ls -l test

total 0 So, at the moment you have write permission on the test directory and can create and remove files in it. Now remove your write permission and try again... ls -ld test drwx------ 2 aa99 cur 96 Nov 27 15:01 test chmod u-w test ls -ld test dr-x------ 2 aa99 cur 96 Nov 27 15:01 test cp public test cp: cannot create regular file `test/public': Permission denied chmod u+w test ls -ld test drwx------ 2 aa99 cur 96 Nov 27 15:01 test cp public test ls -l test total 2 -rw-r--r-- 1 aa99 cur 13 Nov 27 15:04 public chmod u-w test ls -ld test dr-x------ 2 aa99 cur 96 Nov 27 15:04 test ls -ld test dr-x------ 2 aa99 cur 96 Nov 27 15:04 test rm test/public rm: cannot remove `test/public': Permission denied So as you can see, if you don't have write access to a directory, you can t add or remove files to it. Now let s look at the meaning of read permissions on a directory. Try these: ls -ld test dr-x------ 2 aa99 cur 96 Nov 27 15:04 test ls -l test total 2 -rw-r--r-- 1 aa99 cur 13 Nov 27 15:04 public chmod u-r test ls -ld test d--x------ 2 aa99 cur 96 Nov 27 15:04 test ls -l test test: cannot open directory test: Permission denied total 0 cat test/public Hello World! chmod u+r test ls -ld test dr-x------ 2 aa99 cur 96 Nov 27 15:04 test ls -l test total 2 -rw-r--r-- 1 aa99 cur 13 Nov 27 15:04 public So, having read permission allows you to see what s inside a directory. Note however, that even if you can t see what is inside it (i.e. you can t use ls to see what s inside it) you can still access files inside it if you know (or can guess...) their names. Now let s look at what execute permissions mean for a directory. Execute permissions allow you to access the contents of a directory, e.g. to cd into it, to use it as part of a path, etc. Try these experiments: pwd ls -ld test

dr-x------ 2 aa99 cur 96 Nov 27 15:04 test ls test public cat test/public Hello World! cd test pwd /test cd.. pwd chmod u-x test ls -ld test dr-------- 2 aa99 cur 96 Nov 27 15:04 test ls test public pwd cd test -bash: cd: test: Permission denied pwd cat test/public cat: test/public: Permission denied So you can see here that execute permission on a directory is what allows you to use its contents. If you don't have execute permission, you can still look at its contents, but cannot use that content. Practice Experiment with making directories and files and changing their permissions. For instance, you could try making a drop box - a directory in which anyone (or anyone in a group) can place files, without them being able to see what files other users have put in them. For extra geek points (if you are really keen!), try reading the manual page for chmod and see if you can learn about setting file permissions using numbers - e.g. what does chmod 644 do? Some users (guess who?) use the number method all the time it was all they had when they first learned about UNIX Shell Scripts So far you have seen how to use the UNIX command line by hand - that is, by typing commands manually. Now you will see how you can automate the UNIX command line using shell scripts. They are called shell scripts because the UNIX command line interpreter is known as the shell. There are lots of different shells which provide slightly different syntax, but you have been using one of the most common ones, known as bash. We will continue to use bash for this session and the next. Throughout the following, you will need to both type commands at the command prompt and type text into files. To make the distinction clearer, text shown inside a white box like this: This should be typed at the command prompt should be typed at the command prompt, and text inside a yellow box like this: This should be typed in a file should be typed into a file.

Editing files Shell scripts are just text files containing commands that are run as if you had typed them yourself. To be able to easily edit your shell scripts, you need to use a text editor. We will use one called nano. nano is a full screen text editor which should be straightforward to use. To use nano, type plain text to put it into the file; use the arrow keys and the backspace key to move and delete. Note that many other PC keyboard keys will not do what you expect. Certain characters have special effects; for example Control- X (often written as ^X) will leave the editor. Let's try an example. First, at the command line, run these commands: cd ~/projweek/ mkdir scripts cd scripts nano first.txt This should (after a short delay) open up the text editor and show you an empty file. Type the following into the editor: Hello world! Save the file by typing control- X, then Y and finally Enter. Now check that the file has been saved by typing these commands: pwd /home/cur/aa99/projweek/scripts cat first.txt Hello world! You may notice that the contents of the file are displayed on the same line as the prompt - this is normal, and just shows that the text in the file doesn't have a new line character at the end (you didn t press Enter after typing the! character). A first shell script Now you can edit files, let s write our first shell script. First open a new file in nano: pwd /home/cur/aa99/projweek/scripts nano hello Now type the following into that new file #!/bin/bash # A small hello world program echo "Hello world!" and save it. Now type the following commands: pwd /home/cur/aa99/projweek/scripts chmod u+x hello./hello Hello world! Congratulations, you've just written and run a shell script!

What it means... Now, let's go through that small shell script and explain what it all means and how it works. Firstly, the # character is the comment character. Any text from the # to the end of the line is ignored by the shell script when it runs. The very first line of the file contains the text #!/bin/bash. When you try to run the shell script, UNIX looks at that first line to find out which shell it should use to run your script (yes, I know it s a comment, but it s a special case). The final line of this shell script just runs the echo command which prints out its arguments (the string Hello world!). By default, an ordinary text file cannot be run as if it were a program (it is not executable), so to tell UNIX that we want to be able to run our shell script as if it were an ordinary program we have to set its file permissions to be executable (+x), which we do using the chmod command you saw earlier. Variables The bash shell also lets you use variables in your shell scripts (and at the command prompt - we will describe those later, though). Variables come in two types - local and global. Local variables are only accessible within the shell script itself - any commands executed by the shell script cannot see them. Global variables can be seen by both the shell script and any commands executed by it. Variables can be created anywhere within a shell script just by assigning a value to them. This is done with the syntax variable=value. Note that there are no spaces in that if you use spaces, it won t work!. By default, variables are local; to make a variable be global, you use the export keyword, e.g. export variable=value. In this session, we will just use global variables for simplicity. To use the value of a variable, you use the $ symbol in front of its name. e.g. $variable Here s an example of how to use variables. Edit the hello file you wrote previously so that it looks like this: #!/bin/bash # A small hello world program # Who to say hello to export name="earth" echo "Hello $name!" you can see that this stores the name of who the script is saying hello to in a variable. Try running this now and see what it does... pwd /home/cur/aa99/projweek/scripts./hello Hello Earth!

Reading user input Sometimes you want your shell scripts to exhibit different behaviour based on some input from the user (e.g. yourself). There are two main ways of doing this Prompting the user with a question and waiting for them to answer by typing at the keyboard Using arguments on the command line Input from the keyboard bash provides a way to read user input from the keyboard using the read command. read takes the name of a variable on the command line and stores the text read from the keyboard into a variable with that name. It's easier to demonstrate with an example! Modify the hello file again so that it looks like this: #!/bin/bash # A small hello world program # Who to say hello to export name="" echo "What is your name? (type your name, then press enter)" read name echo "Hello $name!" and now try running the script:./hello What is your name? (type your name, then press enter) Bob Hello Bob! As you can see, the text read from the keyboard is stored into name - which is then used in the output message. Further work Look at the manual pages for ls and chmod. There are other flags that you can set on files and directories; find out what they are, and what they do. Be warned that this is one area of incompatibility between UNIX- like systems. Use ls l on /dev/null. Take a look at the output. Notice that /dev/null is neither a file nor a directory. Find out what it actually is (Hint: use man ls). Find out about the xargs command. Satisfy yourself that you know how it works (at least in its basic form), then try it out a few times to test your understanding. Help others Ask your supervisor if there is anyone in the class who isn t as experienced as you. See if they would welcome some help.

Acknowledgement: this document is heavily based on work done by Chris Ryder for the CO806 module. Thanks, Chris! Bob Eager November 2014

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback