summaryrefslogtreecommitdiffstats
path: root/slackbook/html/filesystem-structure-permissions.html
diff options
context:
space:
mode:
Diffstat (limited to 'slackbook/html/filesystem-structure-permissions.html')
-rw-r--r--slackbook/html/filesystem-structure-permissions.html314
1 files changed, 0 insertions, 314 deletions
diff --git a/slackbook/html/filesystem-structure-permissions.html b/slackbook/html/filesystem-structure-permissions.html
deleted file mode 100644
index 0f951e77..00000000
--- a/slackbook/html/filesystem-structure-permissions.html
+++ /dev/null
@@ -1,314 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta name="generator" content="HTML Tidy, see www.w3.org" />
-<title>Permissions</title>
-<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.7" />
-<link rel="HOME" title="Slackware Linux Essentials" href="index.html" />
-<link rel="UP" title="Filesystem Structure" href="filesystem-structure.html" />
-<link rel="PREVIOUS" title="Filesystem Structure" href="filesystem-structure.html" />
-<link rel="NEXT" title="Links" href="filesystem-structure-links.html" />
-<link rel="STYLESHEET" type="text/css" href="docbook.css" />
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-</head>
-<body class="SECT1" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084"
-alink="#0000FF">
-<div class="NAVHEADER">
-<table summary="Header navigation table" width="100%" border="0" cellpadding="0"
-cellspacing="0">
-<tr>
-<th colspan="3" align="center">Slackware Linux Essentials</th>
-</tr>
-
-<tr>
-<td width="10%" align="left" valign="bottom"><a href="filesystem-structure.html"
-accesskey="P">Prev</a></td>
-<td width="80%" align="center" valign="bottom">Chapter 9 Filesystem Structure</td>
-<td width="10%" align="right" valign="bottom"><a href="filesystem-structure-links.html"
-accesskey="N">Next</a></td>
-</tr>
-</table>
-
-<hr align="LEFT" width="100%" />
-</div>
-
-<div class="SECT1">
-<h1 class="SECT1"><a id="FILESYSTEM-STRUCTURE-PERMISSIONS"
-name="FILESYSTEM-STRUCTURE-PERMISSIONS">9.2 Permissions</a></h1>
-
-<p>Permissions are the other important part of the multiuser aspects of the filesystem.
-With these, you can change who can read, write, and execute files.</p>
-
-<p>The permission information is stored as four octal digits, each specifying a different
-set of permissions. There are owner permissions, group permissions, and world
-permissions. The fourth octal digit is used to store special information such as set user
-ID, set group ID, and the sticky bit. The octal values assigned to the permission modes
-are (they also have letters associated with them that are displayed by programs such as
-<tt class="COMMAND">ls</tt> and can be used by <tt class="COMMAND">chmod</tt>):</p>
-
-<div class="TABLE"><a id="AEN3142" name="AEN3142"></a>
-<p><b>Table 9-1. Octal Permission Values</b></p>
-
-<table border="0" frame="void" class="CALSTABLE">
-<col width="3*" />
-<col width="1*" align="CENTER" />
-<col width="1*" align="CENTER" />
-<thead>
-<tr>
-<th>Permission Type</th>
-<th>Octal Value</th>
-<th>Letter Value</th>
-</tr>
-</thead>
-
-<tbody>
-<tr>
-<td>&#8220;sticky&#8221; bit</td>
-<td>1</td>
-<td>t</td>
-</tr>
-
-<tr>
-<td>set user ID</td>
-<td>4</td>
-<td>s</td>
-</tr>
-
-<tr>
-<td>set group ID</td>
-<td>2</td>
-<td>s</td>
-</tr>
-
-<tr>
-<td>read</td>
-<td>4</td>
-<td>r</td>
-</tr>
-
-<tr>
-<td>write</td>
-<td>2</td>
-<td>w</td>
-</tr>
-
-<tr>
-<td>execute</td>
-<td>1</td>
-<td>x</td>
-</tr>
-</tbody>
-</table>
-</div>
-
-<p>You add the octal values for each permission group. For example, if you want the group
-permissions to be &#8220;read&#8221; and &#8220;write&#8221;, you would use
-&#8220;6&#8221; in the group portion of the permission information.</p>
-
-<p><tt class="COMMAND">bash</tt>'s default permissions are:</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">ls -l /bin/bash</kbd>
--rwxr-xr-x 1 root bin 477692 Mar 21 19:57 /bin/bash
-</pre>
-</td>
-</tr>
-</table>
-
-<p>The first dash would be replaced with a &#8220;d&#8221; if this was a directory. The
-three permission groups (owner, group, and world) are displayed next. We see that the
-owner has read, write, and execute permissions (<var class="LITERAL">rwx</var>). The
-group has only read and execute (<var class="LITERAL">r-x</var>). And everyone else has
-only read and execute (<var class="LITERAL">r-x</var>).</p>
-
-<p>How would we set permissions on another file to resemble <tt
-class="COMMAND">bash</tt>'s? First, let's make an example file:</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">touch /tmp/example</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">ls -l /tmp/example</kbd>
--rw-rw-r--- 1 david users 0 Apr 19 11:21 /tmp/example
-</pre>
-</td>
-</tr>
-</table>
-
-<p>We will use <tt class="COMMAND">chmod</tt>(1) (which means &#8220;change mode&#8221;)
-to set the permissions on the example file. Add the octal numbers for the permissions you
-want. For the owner to have read, write, and execute, we would have a value of <var
-class="LITERAL">7</var>. Read and execute would have <var class="LITERAL">5</var>. Run
-those together and pass them to <tt class="COMMAND">chmod</tt> like this:</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">chmod 755 /tmp/example</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">ls -l /tmp/example</kbd>
--rwxr-xr-x 1 david users 0 Apr 19 11:21 /tmp/example
-</pre>
-</td>
-</tr>
-</table>
-
-<p>Now you may be thinking, &#8220;Why didn't it just create a file with those
-permissions in the first place?&#8221; Well the answer is simple. <tt
-class="COMMAND">bash</tt> includes a nice little built-in called <tt
-class="COMMAND">umask</tt>. This is included with most Unix shells as well, and controls
-what file permissions are assigned to newly created files. We discussed <tt
-class="COMMAND">bash</tt> built-ins to some degree in <a
-href="shell-bash.html#SHELL-BASH-ENVIRONMENT">Section 8.3.1</a>. <tt
-class="COMMAND">umask</tt> takes a little getting used to. It works very similar to <tt
-class="COMMAND">chmod</tt>, only in reverse. You specify the octal values you do not wish
-to have present in newly created files. The default umask value is <var
-class="LITERAL">0022</var>.</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">umask</kbd>
-0022
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">umask 0077</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">touch tempfile</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">ls -l tempfile</kbd>
--rw-------- 1 david users 0 Apr 19 11:21 tempfile
-</pre>
-</td>
-</tr>
-</table>
-
-<p>See the man page for <tt class="COMMAND">bash</tt> for more information.</p>
-
-<p>To set special permissions with <tt class="COMMAND">chmod</tt>, add the numbers
-together and place them in the first column. For example, to make it set user ID and set
-group ID, we use 6 as the first column:</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">chmod 6755 /tmp/example</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">ls -l /tmp/example</kbd>
--rwsr-sr-x 1 david users 0 Apr 19 11:21 /tmp/example
-</pre>
-</td>
-</tr>
-</table>
-
-<p>If the octal values confuse you, you can use letters with <tt
-class="COMMAND">chmod</tt>. The permission groups are represented as:</p>
-
-<div class="INFORMALTABLE"><a id="AEN3246" name="AEN3246"></a>
-<table border="0" frame="void" class="CALSTABLE">
-<col />
-<col />
-<tbody>
-<tr>
-<td>Owner</td>
-<td>u</td>
-</tr>
-
-<tr>
-<td>Group</td>
-<td>g</td>
-</tr>
-
-<tr>
-<td>World</td>
-<td>o</td>
-</tr>
-
-<tr>
-<td>All of the above</td>
-<td>a</td>
-</tr>
-</tbody>
-</table>
-</div>
-
-<p>To do the above, we would have to use several command lines:</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">chmod a+rx /tmp/example</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">chmod u+w /tmp/example</kbd>
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">chmod ug+s /tmp/example</kbd>
-</pre>
-</td>
-</tr>
-</table>
-
-<p>Some people prefer the letters over the numbers. Either way will result in the same
-set of permissions.</p>
-
-<p>The octal format is often faster, and the one you see most often used in shell
-scripts. Sometimes the letters are more powerful however. For example, there's no easy
-way to change one group of permissions while preserving the other groups on files and
-directories when using the octal format. This is trivial with the letters.</p>
-
-<table border="0" bgcolor="#E0E0E0" width="100%">
-<tr>
-<td>
-<pre class="SCREEN">
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">ls -l /tmp/</kbd>
--rwxr-xr-x 1 alan users 0 Apr 19 11:21 /tmp/example0
--rwxr-x--- 1 alan users 0 Apr 19 11:21 /tmp/example1
-----r-xr-x 1 alan users 0 Apr 19 11:21 /tmp/example2
-<samp class="PROMPT">%</samp> <kbd class="USERINPUT">chmod g-rwx /tmp/example?</kbd>
--rwx---r-x 1 alan users 0 Apr 19 11:21 /tmp/example0
--rwx------ 1 alan users 0 Apr 19 11:21 /tmp/example1
--------r-x 1 alan users 0 Apr 19 11:21 /tmp/example2
-</pre>
-</td>
-</tr>
-</table>
-
-<p>We mentioned set user ID and set group ID permissions in several places above. You may
-be wondering what this is. Normally when you run a program, it is operating under your
-user account. That is, it has all the permissions that you as a user have. The same is
-true for the group. When you run a program, it executes under your current group. With
-set user ID permissions, you can force the program to always run as the program owner
-(such as &#8220;root&#8221;). Set group ID is the same, but for the group.</p>
-
-<p>Be careful with this, set user ID and set group ID programs can open major security
-holes on your system. If you frequently set user ID programs that are owned by <tt
-class="USERNAME">root</tt>, you are allowing anyone to run that program and run it as <tt
-class="USERNAME">root</tt>. Since <tt class="USERNAME">root</tt> has no restrictions on
-the system, you can see how this would pose a major security problem. In short, it's not
-bad to use set user ID and set group ID permissions, just use common sense.</p>
-</div>
-
-<div class="NAVFOOTER">
-<hr align="LEFT" width="100%" />
-<table summary="Footer navigation table" width="100%" border="0" cellpadding="0"
-cellspacing="0">
-<tr>
-<td width="33%" align="left" valign="top"><a href="filesystem-structure.html"
-accesskey="P">Prev</a></td>
-<td width="34%" align="center" valign="top"><a href="index.html"
-accesskey="H">Home</a></td>
-<td width="33%" align="right" valign="top"><a href="filesystem-structure-links.html"
-accesskey="N">Next</a></td>
-</tr>
-
-<tr>
-<td width="33%" align="left" valign="top">Filesystem Structure</td>
-<td width="34%" align="center" valign="top"><a href="filesystem-structure.html"
-accesskey="U">Up</a></td>
-<td width="33%" align="right" valign="top">Links</td>
-</tr>
-</table>
-</div>
-</body>
-</html>
-