File attributes
File Attributes
Example file attribute anotomy
# Example file attributes broken down
-rw-rw-r-- 2 mat mat 12 May 26 19:50 original.txt
# ┌----- type ----┐ ┌---------- mode ----------------┐
[ 4 bits: file type ][ 3 bits: special ][ 9 bits: permissions ]
1000 000 110110100
codes = regular file n/a for this rw-rw-r--
| binary | meaning | ls char |
|---|---|---|
| 1000 | regular file | - |
| 0100 | directory | d |
| 1010 | symlink | l |
| 0110 | block device | b |
| 0010 | char device | c |
| 0001 | named pipe | p |
| 1100 | socket | s |
9 bits: Permissions
rthe read bit allows the file to be opened and readwwrite bit controls modifying or truncating a file’s contents. Deleting or renaming it requires write permission on the parent directory, since that’s where the filename-to-inode mapping is stored — each directory manages only its own entries.eexecutable bit allows files to be executed, there two types binaries that run on the cpu directly and scripts which need to be interpreted by a shell or other program
chmod change mode (permissions)
| Octal | Binary | Perms |
|---|---|---|
| 0 | 000 | — |
| 1 | 001 | –x |
| 2 | 010 | -w- |
| 3 | 011 | -wx |
| 4 | 100 | r– |
| 5 | 101 | r-x |
| 6 | 110 | rw- |
| 7 | 111 | rwx |
# Options for chmod targeting
u = user (owner)
g = group
o = other (everyone)
a = all 3
# The main ways to use chmod
chmod u+w # write access for owner
chmod ug=rw,o=r # r/w to user and group, read for others
chmod a-x # remove execute for all
chmod g=u # group gets the permissions user has
# recursively give group write to all its contents, preserving bits that were not explicitly set
chmod -R g+w mydir
# -> warning execute on a directory has different effects
A note about x permissions
xexecute on a directory means you can traverse (cd) inchmod 711 myproggives all perms to the owner and execxfor everyone else. ifmyprogwas a shell script it would need read and exec permissions so it can be read by the interpreter. Binary files only need exec permissions.
chown - change owner
To change a file’s group, you must either be the superuser or be the owner of the file and belong to the group you’re changing.
chown # change a files user and group
# sudo chown user:group file
sudo chown -R mat backup/ # just the user
sudo chown -R matt:staff backup/ # user and group
umask
umask is a shell command to influence the default permissions given to the files you create.
You define as three digit ocavlue that represents the permissions to take away
umask 027 # allow all permissoins for owner but forbid write perms to the group and no perms for anyone else
# default is typically 022 = 755
3 bits - special
| binary | meaning | ls char |
|---|---|---|
| 100 | setuid | s or S |
| 010 | setgid | s or S |
| 001 | sticky | t or T |
setuid / setgid
setuid = set user id (run as user ID)
setguid = set group id (run as group ID)
# Basically allows an executable to have some code that allows them access files or processes that would otherwise be offlimits to the user that runs them
# owner's execute bit is S meaning "everyone" who executes will get the owners system permissions
# s = setuid and executable
# S = setuid set, but no execute permission
-rwSrw-r-x 1 mat mat 0 May 27 11:18 testfile
# Remember, ls is just formatting it this way the "x" still exists theres always 16 bits
sticky
sticky bit is only useful on directories (the name is historical).
It makes it so you can only delete or rename a file if you are the own of the dir/file or are the root user. This is used by the /tmp directory to make it more private and secure
ls list
ls -a # a = all
ls -l # l = long list
ls -ld # d = directory -> list attributes for the directory itself
ls -t # t = time -> sort by modifcation time
ls -tr # tr = time reversed -> sort by modifcation time REVERSED
ls -F # -> puts a slash after directory names (easier determine file vs dir)
ls -R # R = recursive
ls -h # h = human readable -> converts file sizes
Breakdown of ls output
-rwSrw-r-x 2 mat admins 49 May 27 11:18 testfile
- # type
rwSrw-rwx # mode
2 # link count (hard links) <- directories always have 2 parent dir and the special file .
mat # owner ---┐ if text versions can't be determined
admins # group owner ---┙ ls shows the fields as their uid numbers
# this can happen if the user or group is deleted from /etc/passwd or /etc/group
49 # size in bytes
May 27 11:18 # date of last modification
testfile # name of file
bonus flags
linux has bonus flags to use on files for edge cases
if a file is behaving stangely check it with
lsattrto see it has one or more flags enabled
lsattr # list bonus flags
chattr # change bonus flags
Example using the bonus i flag = immutable
chattr +i testfile
lsattr testfile
----i---------e------- testfile # flag is now set
rm testfile
rm: cannot remove 'testfile'
sudo rm testfile
rm: cannot remove 'testfile' # even sudo can't remove it
sudo chattr -i testfile # removing the flag
lsattr testfile
--------------e------- testfile
rm testfile
Some of the optional flags
| Flag | FSa | Meaning |
|---|---|---|
| A | XBE | Never update access time (st_atime; for performance) |
| a | XBE | Allow writing only in append modeb |
| C | B | Disable copy-on-write updates |
| c | B | Compress contents |
| d | XBE | Do not back up; backup utilities should ignore this file |
| i | XBE | Make file immutable and undeletableb |
| X | B | Avoid data compression if it is the default |
a X = XFS, B = Btrfs, E = ext3 and ext4
b Can be set only by root