CIS 105 Working with directories You have using directories in a Windows environment extensively. Often in Windows we are calling them folders. They are important in order to organize our files. It is best to make a flat and wide structure when we create directories. This assist the operating system in finding the files you are seeking quicker, making the path to the file shorter. The mkdir command is the same as it is in dos, except Linux doesn t give you the shortcut version using md From the PuTTy prompt, type the commands to the left Notice the ~ before the /mystuff/morestuff. Remember that the meaning of the ~ is the currently logged in users home directory. This saves a lot of keystrokes instead of typing /home/ddtest/mystuff/morestuff. You should also practice using the full path also. Add a directory under morestuff called fullpath using the absolute pathname. Create another directory under morestuff called relative using the relative pathname. Change directories to the folder moresetuff and list the current directory structure mkdir mystuff mkdir ~/mystuff/morestuff (you make the directories) cd ~/mystuff/morestuff ls lr Find out where you currently are in the path pwd Change directories to be at the root of your home directory (/home/username) cd ~ Removing directories is just as important as making directories. The command at the left is using the full path, with an environmental variable (~) to remove the directory called fullpath. To get rid of a directory and all of the child directories under it, use Notice no confirmation, Linux just acts on what you request and the entire directory structure is deleted. Notice also that we did not use the ~/ before the directory mystuff. This is using the relative path. rmdir ~/mystuff/morestuff/fullpath rm r mystuff/morestuff We will now use the program winscp to view and modify directories. This is a graphical display of the directory structure. If you have not installed it yet, then go to http://winscp.net/eng/download.php and download the winscp installation package. Install the package, accepting the defaults (typical install and Norton commander interface). Launch winscp. Click on new. Fill in the IP number, your username and password. Click the Save button. Give the session a meaning full name to you. CIS 105 Directories Page 1 of 5
Double-click on the session you just created. You should log on automatically because you have saved your userid and password (consider the security implications of this). Notice the options at the bottom of the right pane F7 will create a directory. If I select a directory or file, I can use the F2 to Rename, F4 to edit a text file (much easier than vi), F5 to Copy and F6 to Move. Linux just got a whole lot simpler. Another really cool thing I can do here is move files from my Windows machine at the left over to a folder on my Linux machine to the right and vice-versa. How much cooler can it get? Moving and Copying files: Now that we can create directories, it is time to play with the files again in the PuTTy terminal. Find out what our present working directory is. Use the pwd command to ensure you are in the root of your home directory (/home/userid) if not there, pwd change to this directory by using the command cd (space) ~ cd ~ Now create a new folder (or directory) to work in from our home directory. mkdir stuff Then create a new file to use by redirecting the output of the who command into a file called namelist who > namelist We can move that existing file using the mv command. mv namelist stuff CIS 105 Directories Page 2 of 5
Check it got there. It should display on the screen. Now we showed mix things up a bit by moving back to the WinSCP program. Move the file namelist back to the original directory in WinSCP by dragging and dropping the file into the root of your home directory Making some copies of files Verify that there is a copy of the file namelist in both the stuff directory and in your home directory ls stuff cp namelist stuff/namelist Permissions Permissions is a very intricate part of directories and files in Linux. You can lock down directories and files very easily, and sometimes lock yourself out. Plan on spending a good amount of time to ensure you really understand this portion. To display the permissions of a file or directory ls l This will list all the files in the present working directory along with the owner, group and permissions. Focus on one of the files [ddtest@cis105 ~]$ ls -l namelist -rw-rw-r-- 1 ddtest ddtest 226 Jan 22 11:38 namelist In the permissions section, each position has a meaning and a number attached to it. We can tell this is a regular file because of the first at the left. The other option would be a d for directory. The next 9 characters define the file permissions. These permissions are given in groups of 3 each. The first 3 characters are the permissions for the owner of the file or directory. The next 3 are permissions for the group that the file is owned by, which by default is the same as the user. The final 3 characters define the access permissions for everyone not part of the group. There are 3 possible attributes that make up file access permissions. r - Read permission. w - Write permission. x - Execute permission. Each position is also assigned an octal number r = 4, w = 2, x = 1 For our file above namelist, we can see that the user has read and write permissions (r4+w2 = 6), the group also has read and write (6) and all others have read permission (4). If we look at our permissions in WinSCP (right click the file and select properties, we can see our permissions and the octal representation of the permissions. CIS 105 Directories Page 3 of 5
From the WinSCP screen, we can change permissions by simply checking the boxes, then clicking OK. We could also change the octal numbers to the proper permission sets and click ok. This is way too easy, so we should also know how to accomplish this when we only have a terminal or putty screen to mess with. We use the command chmod. We must specify what group we are changing permissions for(u=user or owner, g=group or o=others, a=all groups), then use the + or with the proper permission to change the file permissions. This removed the permission to read the file for the use, so also it removed the ability to write to the file. If you check this with WinSCP, you will need to refresh the screen before checking the properties again. chmod a+x namelist chmod u r namelist The WinSCP interface is not continually checking for new information, so you must manually force it to check. To quickly allow all permissions to all users, use octal To return the permissions to the standard, it is easiest to use the octal format chmod 777 namelist chmod 664 namelist Setuid and setgid permissions: We would only use these permissions to run a process as with elevated permissions CIS 105 Directories Page 4 of 5
Setuid or SUID is a permission bit that can be set on a file or directory. Setting the suid bit on a file allows normal users to run that application with raised (usually superuser) privileges. Remember that when a user launches an application, that application runs with the same permissions as that user. This is one of the fundamental differences between Windows and Linux or Unix. In a Unix system a normal user does not have access to system files and therefore neither does any application (or virus or malware) that they may have launched. An example of a file that has the suid bit set in most cases is the /usr/bin/passwd application. You can see that the /usr/bin/passwd application has the suid bit set by the letter s in place of the user s executable bit. -rwsr-xr-x 1 root root 26680 May 10 13:44 passwd The passwd application allows users to change their own passwords. In order to do so, it has to write to the etc/passwd file which contains all of the accounts on a GNU/Linux system. However, if the suid bit was not set on the passwd application then the passwd application would only have the rights of the user and therefore could not make changes to the etc/passwd file. Setting the suid bit on the passwd application allows it to run as the superuser and it can therefore write the new password to the etc/passwd file. Directory Permissions Often we want to keep other users out of our home directory, though sometimes, like when you create a web page, you want to allow users into just one area of your home directory. This can be accomplished using the o+x permission on a directory. This allows others or anonymous users access to navigate to that folder. Check where you are before creating a new directory Change to the root of your home directory if needed, then create a new directory Change the permissions to allow access to all others Change permissions to allow others to navigate to your public_html folder Replace username with your actual username. Create a small web page in vi Type something appropriate to display to the world in here. Include your name. Save and close the file. See if it worked. In a web browser type in In the link to the left, replace username with your actual username. Mine would be http://134.39.47.48/~ddtest Access Control Lists will allow other users to share your files. Share your namelist file with me. Look at the permissions first Share it with me Check your permissions again It should show user ddtest has read and write permissions Check how it changed the display through the ls command There is a + at the end noting that there are additional permissions assigned pwd mkdir public_html chmod o+x public_html chmod o+x /home/username vi public_html/index.html http://134.39.47.48/~username getfacl namelist setfacl m u:ddtest:rw- namelist getfacl namelist CIS 105 Directories Page 5 of 5