Introduction to Linux: Class 4 Notes

Home Résumé Courses Projects Contact

Permissions

On a UNIX system, a user can belong to an arbitrarily large number of groups. Some groups have special meanings, but we will ignore these for now. A group is simply a way of categorizing users.

This matters because every file and directory on a UNIX system has an owner and a controlling group. Therefore every user on the system falls into one of three categories relative to every directory and file:

UNIX permissions are based around this concept. There are three permissions that apply to every file and directory:

There are two representations for this permission system. The first employs letters. Full permissions are:

rwxrwxrwx

You note that this is a pattern repeated three times. The first three letters are for the owner, the second for the controlling group, and the last for others.

A dash indicates an unset permission. In the following, the owner has full permissions, members of the group have read and execute permissions, and others can only read the file:

rwxr-xr--

What would grant full permissions to the owner and others, and read-only to the group? [rwxr--rwx]

Some of you may have noticed that these permissions somewhat correspond to bits. And indeed, this is where the second representation comes from: octal numbers. Readable = 4, Writable = 2, Executable = 1. So full permissions are 777. If the owner has full permissions, members of the group have read and execute permissions, and others can only read the file, the permissions are 754.

What would grant full permissions to the owner and others, and read-only to the group? [747]

A common question with permissions is what happens if you are the owner AND a member of the controlling group. As far as permissions go, you are only considered to fall into one of these areas. If you are the owner, you are controlled ONLY by the owner permissions. If you are not the owner but are a member of the controlling group, you are controlled ONLY by the group permissions. If neither of the above holds for you, you are governed ONLY by the other permissions.

File permissions are modified through the use of three utilites: chmod, chgrp, chown.

chmod

chmod is used for changing the actual permissions of a file. It can be used in two ways. The first way is by giving chmod a number. So to set a file to 777 permissions, one simply calls:

chmod 777 FILE

This is pretty simple.

Permissions can also be modified (and not set) by using letters. For instance, to add executable permissions for everyone (regardless of existing permissions), one can run:

chmod +x FILE

To add read and execute permissions for everyone, one can run:

chmod +rx FILE

To remove write permissions for everyone, you can run:

chmod -w FILE

These commands affect EVERYONE. What if you only want to affect either the owner, group, or others?

We do this by specifying the people we want to affect. We use 'u' (stands for 'user') to represent the owner, 'g' to represent the group, and 'o' to represent others. So to add executable permissions for the owner only, you can run:

chmod u+x FILE

To remove write permissions for the group and others, you can run:

chmod go-w FILE

Finally, you can explicitly set permissions using this system. To set r-x for everyone, you can say:

chmod =rx FILE

Or to do the same for the group only, you can run:

chmod g=rx FILE

chgrp

chgrp is used to change the controlling group of a file. It is very simple to use:

chgrp GROUP FILE

For instance, to set the controlling group to 'users' (a common group), one would run:

chgrp users FILE

chown

chown is used to change the owner of a file. It is also very easy to use:

chown USER FILE

To set a file to be owned by 'alex', you would run:

chown alex FILE

Managing Users

One of the most important jobs of a Linux sysadmin is managing the users and groups on the system. To this purpose, there are several utilities that it is important to be familiar with.

To begin, let's explore where all of this data is stored. User data is stored in the /etc/passwd file. It takes the format of:

User:x:UID:GID:Comment:Home:Shell

The User field is the username. The x represents an encrypted password. The UID is the user's ID. The GID is the group ID of the user's primary group. The Comment may be anything. The Home is the user's home directory. The Shell is the user's default shell.

You notice that the password is stored as an x. This is because the /etc/passwd file is world-readable. The passwords are stored (in an encrypted format) in /etc/shadow. The encryption used is either DES or MD5: both are one-way encryptions (it is impossible to determine the original password from the encrypted string). Furthermore, /etc/shadow is readable only by root, and is therefore significantly more secure than /etc/passwd.

So now it's time to add a user. To do this, we use the useradd command. This command is pretty simple to run:

useradd -m USER

Now, there are a number of other options that can be manually set (see the man page), but this command essentially creates the directory /home/USER, and copies the contents of /etc/skel to that directory. The user will also be created as a member of the group specified in /etc/default/useradd.

Deleting a user is also fairly simple: you simply use userdel. It has several uses:

userdel USER

This simply removes the user from the database.

userdel -r USER

This removes the user and his home directory. Other files owned by the user must be found manually.

Managing Groups

Groups are also fairly easy to manage. Group information is stored in the /etc/group file. The file has the format:

Name:Password:GID:Users

Name is the group name, Password is the encrypted password (if one exists), GID is the group's ID, and Users is a list of the users that belong to the group.

Creating a new group is simple by using the groupadd command:

groupadd GROUP

To set a password for the group, you use the gpasswd command:

gpasswd GROUP

To add a user to a group, an administrator can use the gpasswd command again:

gpasswd -a USER GROUP

Alternatively, a user can add himself to a passworded group with the newgrp utility:

newgrp GROUP

If a password is required, the user will be prompted. If no password is listed for the group, the user will be unable to join it (and must be added by a group administrator).

Finally, to remove a group, one uses the groupdel command:

groupdel GROUP

Filesystem Hierarchy

Although many directories seems fairly randomly-named, there is actually a very well-defined hierarchy. We will explore what each directory means:

/bin and /sbin

These directories contain system-critical programs that must be available before any other filesystems are mounted. bin (Binaries) directories always contain applications available to anyone, while sbin (System Binaries) contains superuser-accessible applications.

/boot

This directory contains the kernel image and other files needed for the boot process.

/home

This directory contains all of the user home directories (except root).

/root

This is root's home directory.

/media

Where removable media are mounted.

/mnt

Where temporarily mounted filesystems are mounted.

/etc

Configuration files

/usr

The place where everything else is stored. Everything directly under /usr should be standard for the distribution, while /usr/local contains locally installed applications.

For more information regarding the hierarchy, check out the Filesystem Hierarchy Standard (FHS) which is available online.

Partitioning

In Windows, you generally tend to have a single partition per hard drive. The entire hard drive consists of but one partition.

In Linux and UNIX systems, this is not the case. At the barest minimum there are two partitions, but very often at least 3.

The most important partition on a Linux system is the root partition (indicated by '/'). The root partition is the first partition that is mounted on boot, and the partition that all other filesystems are mounted onto. Depending on how one structures the rest of the system, the root partition can actually be fairly small, as (depending on the setup), nothing will ever be installed on it further than the initial applications.

The second partition that will virtually always exist on a Linux system is the swap partition. The swap partition acts essentially as virtual memory, and it is generally recommended to make it at least as big as your physical memory (though this is just a general guide). swap is generally placed near the front of the hard drive so it has best access. It should be noted that swap is not a regular filesystem: it is not mounted, per se, nor does the user ever write anything to it.

While these are the only two required partitions, many people have at least a third for the /boot directory. The reason for this is security. Because the /boot partition does not have to be mounted (except to update the kernel), one can keep the kernel images and boot information completely isolated from the system, allowing for a great deal of security.

Other common partitions are for /usr (where all software is installed) and /home (which makes backups very easy, and makes it easy to transfer between distros).

Filesystem Formats

Once a partition is created, it is necessary to format it. With Windows, you pretty much have one choice: NTFS.

With Linux, there are some 4 filesystem formats that are widely used today. Each has its own associated benefits and drawbacks:

ext2

ext2 is the oldest Linux filesystem still in use, though it is slowly being phased out. There is little to say about this filesystem except that it does not support journalling.

ext3

ext3 is the replacement for ext2, and is a journalled filesystem. Journalling means that all changes to the filesystem are first written to a journal and then performed, which allows for significantly faster crash recovery (as opposed to traversing the entire filesystem and looking for inconsistencies). Further, ext2 can be upgraded to ext3 in place, and since ext2 was formerly the standard, this was a huge drawing point. ext3 is today the most common Linux filesystem.

ReiserFS

ReiserFS was the first journalled filesystem available for Linux, and is known for its tail packing* which results in less internal fragmentation. Due to this, ReiserFS has been shown to have speeds 10-15 times greater than ext3 when accessing files less than KB.

* Tail packing is storing small files in the empty spaces at the end of a block

XFS

XFS was the first journalled filesystem (just not available on Linux until later), and is notable in that files are stored in dynamically-sized groups rather than the standard statically-sized block, allowing for a much lower risk of fragmentation.

Recommendation

You can never go wrong with ext3. I personally used it for a good deal of time before switching to ReiserFS. Since most new-user distros choose a filesystem format for you, this may not be an issue, but I do recommend trying ReiserFS or XFS out at some point. You may notice speed increases, faster recovery from crashes, etc.

Mounting Filesystems

As we discussed before, the Linux filesystem appears as a single tree as opposed to separate drives. Therefore, new filesystems are "mounted" onto the tree at a particular position.

To begin, we need to discuss the /dev directory. This directory contains every device on your system, including drives. It does not matter if the drive is mounted or not. Drives are named in this manner:

SATA drives are named sdX#
ATA drives are named hdX#

X indicates the physical drive and the # indicates the partition of that drive. For instance, the first partition on the first drive is hda1. The third partition on the fourth drive is hdd3.

Now that we know where our drives are actually named, we can mount them onto the filesystem using the mount command. It is fairly simple to use: we simply tell what device to mount and where to mount it:

mount /dev/hda1 /mnt/drive

If mount does not recognize the filesystem type, we can specify it with the '-t' option. There are TONS of options for the mount command: check the man page for all of them.

Once a disk is mounted, you may want to unmount it. In the case of removable media, you may want to move to another computer, or for an internal disk, you may want to simply make it unavailable. This is done with the umount command. You can tell umount the device name or the mount point:

umount /dev/hda1
umount /mnt/drive

fstab

It can be difficult to remember all of the device names and mount points for all of your disks. Further, you may want some devices to mount at boot, have disks be checked for integrity, or allow only certain people to access certain disks. This information can be stored in a file called /etc/fstab.

/etc/fstab uses a columned format. Each column has a particular meaning:

  1. The device name
  2. The mount point
  3. The filesystem type
  4. Options
  5. dump (backup utility)
  6. fsck (integrity checker)

The first two columns are fairly self-explanatory. The third column may be the actual type of the filesystem ('ext3', 'reiserfs', etc.) or the word 'auto', in which case mount will attempt to determine the filesystem type.

The fourth column has many, many options. For a list of all of them, you can check the mount man page, under the '-o' section. Some common options are:

noauto: Do not mount this filesystem on boot (useful for removable media, for instance)
ro: Mount the filesystem read-only
rw: Mount the filesystem readable and writable for the correct parties
user: Allow a user to mount a filesystem (and only he can unmount the filesystem)
users: Allow all users to mount or unmount the filesystem
noexec: Executables on this filesystem cannot be executed

The 5th column contains a number from 0-9. If a 1-9, the number is passed to the dump command (see man page), which performs a sort of backup based on the number. If a 0, dump is not run.

The 6th column contains a number 0-2. If a 1 or a 2, the fsck utility is called on the drive; fsck checks for filesystem consistency. The root filesystem should have a value of 1 in this field, other filesystems you want checked should have a 2. If a 0, fsck is not run.

mtab

Another mount-related file is /etc/mtab, which stores the current mount information for the system. There's not much to say about this file, except that it can be read in one of two manners:

cat /etc/mtab
mount