UNIX Concepts (users' eye view)

• users and groups.
• files and directories.
• protections and access.
• processes and daemons.
• user environment and shells.
• commands and libraries.

Users and Groups

• /etc/passwd : defines users.

   couch:983h9482936fk:30:30:Alva L. Couch:/u/f/couch:/usr/bin/tcsh
   ^     ^             ^  ^  ^             ^          ^^^^^^^^^^^^^ shell
   ^     ^             ^  ^  ^             ^^^^^^^^^^ home directory
   ^     ^             ^  ^  ^^^^^^^^^^^^^ GCOS (comment)
   ^     ^             ^  ^^ GID
   ^     ^             ^^ UID
   ^     ^^^^^^^^^^^^^ password      
   ^^^^^ name  
  

  • name: login name
  • password: encrypted password
  • UID: user id, 0<=UID<=65535, 0 is ROOT.
  • GID: group id, 0<=GID<=65535, 0 is SYS.
  • GCOS: user description (treated as a comment)
  • home: home directory location
  • shell: what command to start when you log in.
• /etc/shadow: shows actual encrypted passwords of users.

   name  password      aging policy
   couch:8h938495029ms:6445::::::
   ^     ^             ^^^^ aging policy on account and password 
   ^     ^^^^^^^^^^^^^ password
   ^^^^^ name
  

• /etc/group: defines groups of users

   ta6:*:227:dwk,comp6,astudent,couch,dwv
   ^   ^ ^   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ group members
   ^   ^ ^^^ group id
   ^   ^ group password (unused) 
   ^^^ group name
  

  • group name.
  • group id (GID), 0<=GID<=65535, 0 is SYS.
  • passwd: password (unused)
  • group members: a list of login names.

File protections:

• Owner: the user who owns the file
• Group: the group of users that owns the file.
• Protection word: a binary (octal) protection word describing what one can do with the file.
• All of these are numbers.

Files and Directories

• / - the 'root' filesystem.
• directory: contains files and directories.
• hierarchy starts at /
• each directory has:
  • . - this directory.
  • .. - parent of this directory.

File Concepts

• Exploring files: ls
  • ls -a - list all files in a directory (including hidden ones) Compare with plain ls.
  • ls -l - list everything about files in a directory.
  • du -k - compute disk utilization in a directory (sum up file sizes). This sums up hidden files .file that you won't see in ls.
• Absolute path: /g/150NET/public_html
  • starts with /
  • ls /g/150NET/public_html - works the same regardless of where my current directory is.
• Current directory: where you are right now
  • cd - sends you to your home directory (something like /s/*/yourlogin)
  • cd /g/150NET/public_html takes you to a new current directory.
  • pwd tells you what the directory is.
• Any path not starting with a / is relative:
  • cd /g/150NET/public_html ; ls notes means ls /g/150NET/public_html/notes.

Really subtle

• The current directory is a pointer into a filesystem, not a name but a number.
• pwd: figure out name from number.
• How UNIX does pwd:
  • Prerequisites:
    • every directory is numbered.
    • a directory is a list of names of subdirectories and numbers.
  • Algorithm:
    • start at current directory
    • cd .. (parent)
    • check where you came from (match your number to entry in ..)
    • until you get to /
    • name of directory is the sequence of names that correspond with sequence of numbers (backward)
• Oversimplified example:

   /             50
   /..           50
   /usr          30
   /usr/..       50
   /usr/bin/     55
   /usr/bin/..   30
  

• Suppose your pwd is 55.
  • 55/.. = 30 = 55/../bin so last pathname is bin
  • 30/.. = 50 = 30/../usr so next pathname is usr
  • 50 is / so we're done and path is /usr/bin

Observe!

• .. isn't arbitary.
• if directory doesn't have ..,
  • no files have full pathnames.
  • can't cd to it.

Directory names

• Convention: certain directory names mean the same thing regardless of where they are in the UNIX filesystem
• /: root directory
• /bin: "binary" program repository
• /sbin: "root binaries"
• /lib: "libraries" that make commands work. *.a, *.so
• /etc: "local databases" passwd, group, nsswitch.conf, inetd.conf, hosts
• /usr: "stuff that's needed for multiuser operation"
• /var: "stuff that's local from /, /usr"
• /man: "manual pages"
• /doc: "documentation"
• /share: "machine-independent stuff"
• /adm: "administrative stuff (root)"
• E.g., ls contents of /, /usr, /usr/local, /usr/share, /local.

Commands to try

• find /local -name bin -print - find every file or directory named bin inside /local.
• /usr/sbin/ping emerald.tufts.edu - use a command ping inside /usr/sbin to see whether emerald is alive or dead!

File Protections and Access

• A combination of filesystem, user, and group concepts.
• Each filesystem node (directory, file, device, etc) has a specific owner and group.
• owner: who is responsible for this file?
• group: what group of people might be able to access this file?

   ls -l 
   total 116
   protection    owner     group      size  modification filename
     flags                                      time 
   drwxr-xr-x   3 couch    faculty      512 Nov 30  1993 4.Xupdate
   drwxr-xr-x   5 root     other        512 Mar  3  1994 5.Xupdate
   -rw-r--r--   1 couch    faculty     1168 Jul 20  1994 Notes-bugs
   -rw-r--r--   1 couch    faculty     7573 Apr 30  1994 block-schedule
   -rw-r--r--   1 couch    faculty     6287 Mar  7  1994 choosing2
    ^  ^  ^       ^        ^           ^    ^            ^^^^^^^^^^^^ filename
    ^  ^  ^       ^        ^           ^    ^^^^^^^^^^^^ last modified
    ^  ^  ^       ^        ^           ^^^^ size in bytes
    ^  ^  ^       ^        ^^^^^^^ group
    ^  ^  ^       ^^^^^ owner
    ^  ^  ^^^   other permissions: *everybody* can do this. 
    ^  ^^^      group permissions: people in the file's *group* can do this. 
    ^^^         owner permissions: the *owner* can do this.
   ^ type: what type is this file
  

• type - what kind of thing is this:
  • d: directory
  • -: normal file
  • l: symbolic link (file alias)
  • c: character special (terminal device)
  • b: block special (disk)
  • s: socket (network link) There are more...

Permissions

• What can we do with the file or directory, etc.
• Most general permissions: rwxrwxrwx. Anyone can do anything
• Least powerful permissions: ----------. No one can do anything.
• Permissions are OCTAL (base-8) numbers. rw-rw-r-- = 110110100_2 = 664_8.

   code binary octal or decimal
   ---  000    0
   --x  001    1
   -w-  010    2
   -wx  011    3
   r--  100    4
   r-x  101    5
   rw-  110    6
   rwx  111    7
  

Watch out!

• Protection meanings differ for files and directories!
• Same code, different interpretation.

   code  for files                         | for dirs
   r     can read it                       | can ls it
   w     can change it                     | can add and delete files
   x     can execute it as a program       | can access content by name
   s     execute with different user/group | contents inherit group
   t     no meaning                        | contents protected against non-owner
  

For files

• r means you can read it
• w means you can change it
• x means you can run it as a program

For directories

• r means you can do an ls of it.
• w means you can create and delete files in it.
• x means that if you know the name of the file, you can open it.
• For example, we can read /g/15/ug/g/hello but can't ls the directories containing it:

   drwxrws--x   7 couch    grading      512 Jan 21  1996 /g/15/ug
   drwxrws--x  18 couch    grading     2048 Jan 26 14:48 /g/15/ug/g
   -rw-rw-r--   1 couch    grading       26 Sep 20 11:41 /g/15/ug/g/hello
  

Program execution permission

• The only difference between a file and a program is the state of the execute permission.
• gcc and g++ make a.out executable!
• A text file can also be made executable. It is interpreted as a script of commands to type.
• If the first two characters of the script are #!, then the rest of the line is a command to use to process the script.
  • #! /local/bin/perl - this is a perl-5 script (man perl for details)
  • #! /bin/csh -fb - this is a csh script (man csh for details)

Special file protections

• x can be s instead:
• ??s as owner protection means the file is executable, but execute as the owner of the file, not the person executing the command. This is called set-user-id (or setuid) execution!

   andante{couch}52: ls -l rlogin
   -r-sr-xr-x   1 root     bin        14552 Oct 25  1995 rlogin
  

  shows that the rlogin command is setuid root! You couldn't contact other computers as yourself. You need superuser privileges.
• ??s as group protection means executable, but execute as if you're in the group of the file, not the group of the person executing it. This is called set-group-id (or setgid) execution!

   andante{couch}54: ls -l submit
   -rwxr-sr-x   1 ugrade   grading      452 Oct 26  1993 submit
  

  shows that the beloved submit command executes as group grading (of which you aren't a member).
• ??S in either user or group protections indicates that the file isn't executable, but that setuid or setgid bits are set.
• ??s and ??S have no meaning in the world protection field (and can't happen).

Special directory protections

• x can be s instead.
• for user and other protections, this is meaningless.
• an s in the group field means to enable "BSD compatibility mode" so that files created in the directory *inherit the group of the enclosing directory*, not the *effective group of the user* running the program that created the file.
• in BSD systems, this is the DEFAULT.
• SVR4 systems must use g+s permission to enable this(suns, decs, sgi6.0).

The "sticky bit"

• /tmp is drwxrwxrwt (01777): anyone anywhere can write to it,
• But only owners of files in /tmp can delete them.
• This behavior is caused by the sticky bit, notated as a trailing t.

Numeric versions of protections

• Setuid and setgid protections are also numeric in octal:

       -rwsr-xr-- = 04754 
     100                for set user-id
        111             user (u)
           101          group (g)
              100       other (o)
     ------------
      4  7  5  4        whole code
   
   
       -rwSrw-rw-
     010                for set group-id
        110             user (u)
           110          group (g) 
              110       other (o)
     ------------
      2  6  6  6  
   
       -rwxrwxrwt
     001                for sticky bit
        111             user (u)
           111          group (g) 
              111       other (o)
     ------------
      1  7  7  7  
  

• Real protection code is, in binary:

   111110000000000
   432109876543210
   XXXsstrwxrwxrwx
   ^     ^  ^  ^^^ other
   ^     ^  ^^^ group
   ^     ^^^ user
   ^    ^ sticky bit: protect files from non-owners
   ^   ^ set group-id
   ^  ^ set user-id
   ^^^ binary code for kind of file: -, d, c, b, l, s
   sst: set user id, set group id, set sticky bit 
  

Problem of the day

• What is the numeric interpretation of the protections rw-r-S-wt?
• What is the resulting protection of a file after one executes

   chmod 2750 file
  

  (this changes the protection word to octal 02750).

Watch out!

• whether you can read from or write to a file is controlled by the file's protection
• whether you can create or delete a file is controlled by the protection of the directory that contains it.

Problem of the Day

• Suppose we have the following directories:

   node                             owner   group     protection
   /u/f/couch/trash                 couch   faculty   drwxr-xr-x
   /u/f/couch/trash/stuff           couch   faculty   -rwxr-xr--
   /u/f/couch/trash/idiot           couch   faculty   -rw-r-xr-x
   /u/f/couch/trash/garbage         couch   faculty   dr-x--x--x
   /u/f/couch/trash/garbage/stuff   root    bin       -r--------
   /u/f/couch/trash/garbage/other   root    faculty   -r--rw----
  

• and the following facts:
• couch is a member of faculty.
• couch is not a member of group bin.
• Answer the following questions:
• Which files can couch look at (using more)
• Which files can couch execute as commands?
• Which directories can couch list?
• Which files can anyone look at (using more)
• Which files can anyone execute as commands?
• Which directories can anyone list?

Keep in mind:

• On andante, default for user files is unreadable for group and world, read-write for owner (rw-------).
• default for directories is rwx for owner, none for group and world (rwx------).
• But: system files (the ones you'll be modifying as a sysadmin) are generally world readable, world executable, and possibly even group writeable.
  • File: -rw-r--r--, owner:you group:staff
  • Program: -rwxr-xr-x owner:you group:staff
  • Directory: drwxr-xr-x owner:you group:staff

Controlling file protections:

• You determine how many protection bits can be set in a new file with your umask. This is a mask of bits that should be 0.
• Normal users have umask 077: make everything private.
• When working on a system, you should type umask 022: make everything public.
• Your umask is the octal complement of the bits you make available:

                 executable file/dir        normal file
   umask 077     -rwx------ 700             -rw------- 600
   umask 002     -rwxrwxr-x 775             -rw-rw-r-- 664
  

Changing file owner

• Must be root.
• Changing the owner of one file or directory

   chown newown file-or-dir
  

• Changing the owner of a hierarchy of directories and files.

   chown -R newown dir
  

• Example:

   chown couch .
  

  makes the current directory owned by me!

Changing the group of a file

• Must be owner or root.
• Must be in the group you're putting a file into.
• Changing a group of a file or directory:

   chgrp group file-or-dir
  

• Changing the group of a hierarchy of files all at once:

   chgrp -R group dir
  

  All files in the directory dir get changed.

Changing protections

• Many options depending upon how you'd like to type commands.
• Examples:

   chmod 755 file      makes a file executable.
   chmod go+rx file    makes a file executable to group and others.
   chmod -R go+rX dir  makes directories readable and searchable to all. 
                       X means "make something x only if it makes sense." 
  

• Entities: ugo represents user, group, and other.
• Protections: rwx represents read, write, execute,
• X : make executable only if one execute bit already set.
• s and t have special meanings as above.
• + : add a permission.
• - : remove a permission.

Problem of the day

• Suppose file1 has protection -rw-------. What is its protection after

   chmod g+s file1; chmod o+X file1
  

  ?
• Suppose file2 has protection -rwxr-xr-x. What is its protection after

   chmod go-x file2
  

  ?
• Suppose file3 has protection -rwxr--r--. What is its protection after

   chmod 06755 file3
  

  ?

Caveats

• To make a command accessible to others, it must be executable to them.
• To make a script executable by others, it must be readable and executable.
• Most common mistake in beginning system administration: botching protections on files users need!

Protection Rackets

• How does one protect a file from all users yet let a command modify it?
• Answer: use setuid or setgid execution.
• Case study: gripe command to allow users to gripe about things.
• First, we write a command gripe that allows people to gripe.

  contents of files/gripe.c...
  #include <stdio.h> 
  #define SIZE 1024
  main()
  { 
      FILE *f = fopen("/g/150NET/public_html/notes/solaris/gripes","a"); 
      char buf[SIZE]; 
      printf("Please type your gripe. End with control-D.\n"); 
      fprintf(f,"-------------------------------\n"); 
      while(!feof(stdin) && fgets(buf,SIZE,stdin)) 
         fprintf(f,"%s",buf); 
      fclose(f); 
  } 
  ...end of files/gripe.c
  

• Then we compile it:

   gcc -g -o gripe gripe.c
  

• and change it to a non-public group

   chgrp staff gripe
  

• and change it to be setgid.

   chmod g+s gripe
  

• Now make a file gripes:

   touch gripes
  

• and make it available only to you and staff:

   chgrp staff gripes
   chmod 660 gripes
  

• At the end of this you have the following situation:

   blackhole{couch}113: ls -l
   -rwxr-sr-x   1 couch    staff    27400 Jan 25 15:36 gripe
   -rw-r--r--   1 couch    staff      354 Jan 25 15:36 gripe.c
   -rw-rw----   1 couch    staff      102 Jan 25 15:37 gripes
  

Special problems with files

• Naming files weird things.
• Making files invisible or visible.
• Protecting files from yourself.

Naming files weird things

• Easiest file hack: embedding spaces.

   cat > name\ with\ spaces\ in\ it
   hi there
   control-D
  

• To remove it, type the name the same way.
• Handy for MacIntosh files that you transfer into UNIX.

Dealing with weird names

• Move everything not weirdly named out of the directory.
• Use * matching to match weird names and rename or delete.

Visibility and invisibility

• By default, filenames starting with . are invisible.
• .netscape: invisible.
• netscape: visible.
• ls -a: show invisible files.

Protecting files from yourself

• You can protect files from yourself.
• chmod u-w file: protects file from your ability to write it.
• chmod 000 file: protects file from all access.
• You can recover the file only by changing its protections back.

Subtle point on directories

• You can delete a file from a directory you own even if you don't own the file.
• But you can't write the file directly.
• Consider the scheme

   protection owner group    name
   drwxrwxr-x couch faculty  foo
   -rwx------ dwk   faculty  foo/bar
  

• couch owns foo, but the contained file foo/bar is owned by dwk.
• couch can't do anything with foo/bar as a file: no read, write, or execute permission.
• But couch can rm foo/bar and then create his own!

Write-only drop points

• It's possible to make a directory write-only.
• Consider d-wx-wx-wx
• Anyone can write anything there.
• No one can find out the contents.