File Attributes

Objectives

Learn the significance of the seven fields of the ls -l output (listing).

How to obtain the listing of a specific directory.
 Know the importance of ownership and group ownership of a file and how they
affect security.
Use chmod to change file permissions in a relative and absolute manner.
 Use chown and chgrp to change the owner and group owner of files on BSD and
AT&T systems.
6.1 ls –l : LISTING FILE ATTRIBUTES
• The Linux ls command allows you to view a list of the files and folders in a given directory.
• It's the -I (long) option that reveals most. This option displays most attributes of a file—like its
permissions, size and ownership details.
• File attributes are stored in the inode, a structure that is maintained in a separate area of the hard
disk.
• ls looks up the file’s inode to fetch its attributes. Let's use ls –l to list seven attributes of all files
in the current directory.
6.1 ls –l : LISTING FILE ATTRIBUTES
• File Type and Permissions
• The first column of the first field shows the file type. Here we see three possible values—a - (ordinary file), d (directory), or l (symbolic link).
• The remaining nine characters form a string of permissions which can take the values r, w, x, and -.

• Links
• The second field indicates the number of links associated with the file. UNIX lets a file have multiple names, and each name is
interpreted as a link.
• Directories have a link count of at least two.
• Ownership and Group Ownership
• Every file has an owner. The third field shows
• kumar as the owner of most of the files.
field shows metal as the group owner of most of the files.
• A user also belongs to a group, and the fourth
• The owner can tamper with a file in every possible way—a privilege that is also available to the
root user
• Size
• The fifth field shows the file size in bytes( The amount of data it contains)
• This actually reflects the character count and not the disk space consumption of the file.
• The kernel allocates space in blocks of 1024 bytes or more.
• The two directories show smaller file sizes, but that is to be expected because the size of a
directory depends on the number of filenames it contains—whatever the size of the files
themselves.
6.1 ls –l : LISTING FILE ATTRIBUTES
• Last Modification Time
• The sixth field displays the last modification time in three columns—a time stamp that
is stored to the nearest second.
• The file named genie.sh shows the year; the year is displayed if more than a
year has elapsed since it was last modified (six months in Linux).
• This column shows two other time stamps when ls is used with certain
options.
• Filename
• The last field displays the filename, which can be up to 255 characters long.
• If you would like to see an important file at the top of the listing, then choose its name in
uppercase—at least, its first letter.
• There are other file attributes (like the inode number) sometimes we
combine the -l option with other options for displaying other attributes or
ordering the list in a different sequence.
Listing Directory Attributes (-ld)
• We can use ls -l with filenames as arguments for a selective listing.
• we need to combine the -l and -d options to force the listing to list only
directories.
6.2 File OWNERSHIP
• When you create a file, your username shows up in the third column of the file's listing;
you are the owner of the file.
• Your group name is seen in the fourth column; your group is the group owner of the file.
• If you copy someone else's file, you are the owner of the copy.
• If you can't create files in other users home directories, it's because those directories are
not owned by you (and the owner has not allowed you write access).
• Several users may belong to a single group.
• The privileges of the group arc set by the owner of the file and not by the group
members.
• When the system administrator creates a user account, he has to assign these
parameters to the User
• The user-id (UID)—both its name and numeric representation.
• The group-id (GID)—both its name and numeric representation.
• The file /etc/passint maintains the UID (bolls the number and name) and GID (but only the number).
• /etc/group contains the GID (both number and name).
6.3 File Permissions
•UNIX has a simple and well-defined system of assigning permissions to files.
•Let’s examine the permissions of backup.sh:

•UNIX follows a three-tiered file protection system that determines a file’s access rights.

•The initial - (in the first column) signifies an ordinary file and is left out of the permissions string.
•Each group here represents a category.
•There are three categories representing the user (owner), group owner, and others.
• Each category contains three slots representing the read, write, and execute permissions of the file.
• r indicates read permission, which means cat can display the file.
• w indicates write permission; you can edit such a file with an editor.
• x indicates execute permission; the file can be executed as a program.
•The - shows the absence of the corresponding permission.
6.3 File Permissions

• The first category (rwx) shows the presence of all permissions.

• The file is readable, writable, and executable by the owner of the file. Identifying the
owner is easy;
• the third field shows romeo as the owner.
• You have to log in with the username Romeo for these privileges to apply to you.
• the second category (r-x) indicates the absence of write permission for the
group owner of the file.
• This group owner is metal as shown in the fourth field.

• The third category (r--) applies to others (neither owner nor group
owner). This category is often referred to as the world.
• This file is world-readable, but others can’t write or execute it.
• you can set different permissions for the three categories of users—owner,
group, and others.
chmod: Changing File Permissions

• Henceforth, we’ll refer to the owner as user because that’s how the chmod
command (which changes file permissions) refers to the owner.
• We’ll now use chmod to change a file’s permissions.
• The command uses the following syntax:
• chmod [-R] mode file ...
• The mode can be represented in two ways:
• In a relative manner by specifying the changes to the current permissions.
• In an absolute manner by specifying the final permissions.
• We’ll consider both ways of using chmod, but just remember that only the owner
of this file (romeo) can change these permissions.
Relative Permissions
• When changing permissions in a relative manner, chmod only changes the permissions specified in mode and
leaves the other permissions unchanged.
• The structure of a chmod command is shown in Fig. 4.3.

• The mode as used in the syntax contains three components:

• User category (user, group, others)
• The operation to be performed (assign or remove a permission)
• The type of permission (read, write, execute)
Relative Permissions
To make the file date.sh executable, We
need to assign (+) execute permission (x)
to the user (u). The expression required
is u+x:

Permissions are removed with the

- operator.

The expression can comprise multiple

categories.

The synonym a is available for ugo, so

ugo+x is the same as a+x (or even +x). We
can also assign multiple permissions:
Absolute Permissions
• Sometimes you don't need to know what a file's current permissions are, but want to set all nine permission
bits explicitly.
• Absolute assignment is actually done with octal numbers.
• Octal numbers use the base 8, and octal digits have the values 0 to 7. This means that a set of three bits can
represent one octal digit.
• If we represent the permissions of each category by one octal digit, then this is how the permissions can be
represented:
• Read permission—4 (Octal 100)
• Write permission—2 (Octal 010)
• Execute permission—1 (Octal 001)
Absolute Permissions
• We have three categories and three permissions for each category, so three octal digits can describe a
file’s permissions completely.
• The most significant digit represents user, and the least significant one represents others.
• chmod can use this three-digit string as the expression.
• The default file permissions on our system are rw-r--r--.
• This is octal 644, so let’s use it with chmod:

• It’s obvious that 000 indicates the absence of all permissions, and 777 signifies the presence of all
permissions for all categories.
• But can we delete a file with permissions 000?Yes, we can.
• Can we prevent a file with permissions 777 from being deleted? We can do that, too.
• A file’s permissions can only be changed by the owner (understood by chmod as user) of the file.
• One user can’t change the protection modes of files belonging to another user.
• However, this restriction doesn’t apply to the privileged user, root.
 The Security Implications
• To understand the security implications behind these permissions and the role played by chmod,
• consider the default permissions of the file xstart .

• These permissions are fairly safe; only the user can edit the file.
• What are the implications if we remove all permissions in either of these ways?

• The listing in either case will look like this:

• This setting renders the file virtually useless; you simply can't do anything useful with it.
• But owner still delete this file.
• To understand why that can happen, you need to understand directory permissions and how they are related to file
permissions.
• On the other hand, you must not be too generous (and careless, too) to have all permissions enabled for all categories of
users, using either of these commands
• The resulting permissions setting is simply dangerous: -
• If that were possible, you can never have a secure system. The UNIX system, by default, never allows that, and no
sensible user will compromise security so easily.
Recursive Operation (-R)
• chmod -R descends a directory hierarchy and applies the expression to every file and subdirectory it finds in
the tree-walk:

• So, to use chmod on your home directory tree, “cd” to it and use it in one of these ways:
The Directory Permission
• A directory stores the filename and inode number. So the size of a directory is determined by the
number of files housed by it and not by the size of the files.
• A directory also has its own set of permissions whose significance differs a great deal from
ordinary files.
• The default permissions of a directory on this system are
• All categories have read and execute permissions and only the user has write permission.
• A directory’s permissions also affect the access rights of its files.

• If you find that your files are being tampered with even
though they appear to be protected, check up the directory
permissions.
chown: Changing File Ownership
• There are two commands meant to change the ownership of a file or directory—chown and chgrp.
• UNIX systems differ in the way they restrict the usage of these two commands.
• On BSD-based systems, only the system administrator can change a file’s owner with chown.
• On the same systems, the restrictions are less severe when it comes to changing groups with chgrp.
• On other systems, only the owner can change both.
 chown: Changing File Ownership
• We’ll first consider the behavior of BSD-based chown (change owner)
that has been adopted by many systems, including Solaris and Linux.
The command is used in this way:
• chown transfers ownership of a file to a user, and the syntax shows that
it can change the group as well. The command requires the (UID) of the
recipient, followed by one or more filenames.

• Changing ownership requires superuser permission,

• su lets us acquire superuser status if we know the root password, and it

returns a # prompt,the same prompt used by root.
• To now renounce the ownership of the file date.sh to juliet, use chown
in the following way:

• Once ownership of the file has been given away to juliet, the user file
permissions that previously applied to romeo now apply to juliet.
• Thus, romeo can no longer edit date.sh since there’s no write privilege
for group and others.
• He can’t get back the ownership,either.
 chown: Changing File Ownership
• We’ll first consider the behavior of BSD-based chown (change owner)
that has been adopted by many systems, including Solaris and Linux.
The command is used in this way:
• chown transfers ownership of a file to a user, and the syntax shows that
it can change the group as well. The command requires the (UID) of the
recipient, followed by one or more filenames.

• Changing ownership requires superuser permission,

• su lets us acquire superuser status if we know the root password, and it

returns a # prompt,the same prompt used by root.
• To now renounce the ownership of the file date.sh to juliet, use chown
in the following way:

• Once ownership of the file has been given away to juliet, the user file
permissions that previously applied to romeo now apply to juliet.
• Thus, romeo can no longer edit date.sh since there’s no write privilege
for group and others.
• He can’t get back the ownership,either.
chgrp: Changing Group Owner
• By default, the group owner of a file is the group to which the owner belongs. The chgrp (change group) command
changes a file’s group owner.
• On systems that implement the BSD version of chgrp (like Solaris and Linux), a user can change the group owner
of a file, but only to a group to which she also belongs.
• Yes, a user can belong to more than one group, and the one shown in /etc/passwd is the user’s main group.
• chgrp shares a similar syntax with chown.
• In the following example, romeo changes the group ownership of a file to dba (no superuser permission required):

• This command will work on a BSD-based system if romeo is also a member of the dba group. If he is not, then only
the superuser can make the command work.
• Note that Romeo can reverse this action and restore the previous group ownership (to metal) because he is still
owner of the file and consequently retains all rights related to it.
• Using chown to Do Both As an added benefit, UNIX allows the administrator to use only chown to change both
owner and group. The syntax requires the two arguments to be separated by a :
More File Attributes

• The concept of the file system and how multiple file systems are seen as
one.
• The use of the inode to store file attributes and Is to display the inode
number.
• Use In to create a hard link by providing a file with a different name.
• The limitations of hard links and how they are overcome by symbolic links.
• The concept of the user mask and how umask changes the default file and
directory permissions.
• How to display the listing in order of a file's time stamps.
• Use touch to change a file's modification and access times.
File Systems and Inodes
• The hard disk is split up into distinct partitions (or slices), with a separate file
system in each partition (or slice).
• Every file system has a directory structure headed by root. If you have three file
systems, then you are dealing with three separate root directories.
• One of these file systems is called the root file system, which is more equal than
others in at least one respect:
• its root directory is also the root directory of the combined UNIX system.
• The root file system contains most of the essential files of the UNIX system.
At the time of booting,
• the other file systems mount (attach) themselves to the root file system,
creating the illusion of a single file system to the user.
• Every file is associated with a table called the inode (shortened from index node).
File Systems and Inodes
• The inode is accessed by the inode number and contains the following
attributes of a file:
• File type (regular, directory, device, etc.)
• File permissions (the nine permissions and three more)
• Number of links (the number of aliases the file has)
• The UID of the owner
• The GID of the group owner
• File size in bytes
• Date and time of last modification
• Date and time of last access
• Date and time of last change of the inode
• An array of pointers that keep track of all disk blocks used by the file

• Observe that the inode doesn’t store either the name of the file or the inode number. Both attributes are stored
in the directory.
File Systems and Inodes
• ls displays the inode number with the -i option:

• Every file system has its own set of inodes stored in a separate area of the disk.
• Since a UNIX machine usually comprises multiple file systems, you can conclude that the inode number for a
file is unique in a single file system.
Hard Links
• Why is the filename not stored in the inode? So that a file can have multiple filenames.
• When that happens, we say the file has more than one link.
• We can then access the file by any of its links.
• A file’s link count is normally one, but observe from Fig. 4.1 that backup.sh has two links:

• We can't really refer to them as two "files'', but only as two "filenames.
• This file simply has two aliases; changes made in one alias (link) are automatically available in the others.
• There arc two entries for this file in the directory, both having the same inode number.
ln: Creating Hard Links
• The ln command links a file, thus providing it with an alias and increasing the link count by one.
• This count is maintained in the inode. ln can create both a hard and a soft link (discussed later) and has a
syntax similar to the one used by cp.

• After the invocation, the kernel performed two tasks:

• It added an entry to the directory for the filename who.sh, but with the same inode number.
• It also updated the link count in the inode from one to two.
• Changes made in one alias (link) are automatically available in the others.
• If you create one more link (using, for example, ln who.sh ps.sh), another directory entry will be created and the
link count will be incremented to three.
ln: Creating Hard Links
• ln won’t work if the destination filename exists, but you can force
linking with the -f option.
• You can also use ln with multiple files (i.e., create a link for each), but
then the destination filename must be a directory.
• Here’s how you create links for all shell scripts in the directory
shell_scripts:

ln *.sh shell_scripts

• If *.sh matches 27 filenames, then there will be 27 linked filenames in

shell_scripts; i.e., there will be 27 entries in that directory.
ln: Creating Hard Links
• We use rm to remove files. Technically speaking, rm simply reverses the action of ln;
• the kernel removes the directory entry for the link and brings down the link count in the inode. The following
command removes one link:

• The link count has come down to one. Another rm will further bring it down to zero.
• A file is considered to be completely removed from the system when its link count drops to zero.
Where to Use Hard Links
• Links are an interesting feature of the file system, but where does one use them?
We can think of three situations straightaway:
1. Creates link in directory input_files With this link available, your existing
programs will continue to find foo.txt in the input_files directory. It’s more
convenient to do this than to modify all programs to point to the new path.
2. Links provide some protection against accidental deletion, especially when they
exist in different directories. Referring to the previous application, even though
there’s only a single file foo.txt on disk, you have effectively made a backup of this
file.
3. Because of links, we don’t need to maintain two programs as two separate disk
files if there is very little difference between them. A file’s name is available to a C
program (as argv[0]) and to a shell script (as $0). A single file with two links can
have its program logic make it behave in two different ways depending on the name
by which it is called.
ln Again: Creating Symbolic Links
• It’s here that one encounters two serious limitations of hard links:
• You can’t link a file across two file systems. In other words, if input_files and data are on two separate file
systems, you can’t connect a file in one file system with a link to the other.
• You can’t link a directory even within the same file system.
• A symbolic link overcomes both problems. Until now, we have divided files into three categories (ordinary,
directory, and device); the symbolic link is the fourth file type.

• A symbolic link is identified by the l (el) as the file type and the pointer notation, ->, that follows the
filename.
ln Again: Creating Symbolic Links
• The ln command creates symbolic links also, but it needs the -s option. We can create a symbolic link to
date.sh, but this time the listing tells you a different story:

• Here, date.sym is a symbolic link to date.sh. Unlike a hard link, a symbolic link is a separate file with its own
inode number. date.sym simply contains the pathname date.sh as is evident from the file size (date.sh contains
seven characters).
• The two files are not identical; it’s date.sh that actually has the contents.
• A command like cat date.sym follows the symbolic link and displays the file the link points to.
• A symbolic link can also point to an absolute pathname, but to ensure portability, we often make it point to a
relative pathname.
• To return to the problem of linking a hundred files in the directory data, you can use ln to connect data to a
symbolic link named input_files:a symbolic link is also known as a soft link or symlink.
The Directory Permission
• A directory stores the filename and inode number. So the size of a directory is determined by the
number of files housed by it and not by the size of the files.
• A directory also has its own set of permissions whose significance differs a great deal from
ordinary files.
• The default permissions of a directory on this system are
• All categories have read and execute permissions and only the user has write permission.
• A directory’s permissions also affect the access rights of its files.

• If you find that your files are being tampered with even
though they appear to be protected, check up the directory
permissions.
Read Permission
• Read permission for a directory means that the list of filenames stored in that directory is accessible.
• Since ls reads the directory to display filenames, if a directory’s read permission is removed, ls won’t work.
• Consider removing the read permission first from the directory progs:

• However, this doesn’t prevent you from reading the files separately if you know their names.
 Write Permission
• Write permission for a directory implies that you are permitted to create or remove files in it (that would
make the kernel modify the directory entries).
• Security issues are usually related to a directory’s write permission.
• First, we’ll restore the read permission and then copy a file with permissions 644 to this directory:

• Both file and directory have write permission for the user. date.sh can now be both edited and deleted.
Write Permission
Write Permission
 Write Permission

We can now summarize our observations in this manner:

• The write permission for a directory determines whether you can create or remove files
in it because these actions modify the directory.

• Whether you can modify a file depends solely on whether the file itself has write
permission. Changing a file doesn’t modify its directory entry in any way.
Execute Permission
• Executing a directory just doesn’t make any sense, so what does its execute privilege mean? It only means
that a user can “pass through” the directory in searching for subdirectories.
• When you use a pathname with any command:

• you need to have execute permission for each of the directories in the pathname.
• The directory home contains the entry for romeo, and the directory romeo contains the entry for progs, and so
forth.
• If a single directory in this pathname doesn’t have execute permission, then it can’t be searched for the name
of the next directory.
• That’s why the execute privilege of a directory is often referred to as the search permission.
• A directory has to be searched for the next directory, so the cd command won’t work if the search permission
for the directory is turned off:
 umask: Default File and Directory
• Permissions
When you create files and directories, the permissions assigned to them depend on the system’s default
setting. The UNIX system has the following default permissions for all files and directories:
 umask: Default File and Directory
Permissions

• This is an octal number which has to be subtracted from the system default to obtain the actual default. This becomes
644 (666 – 022) for ordinary files and 755 (777 – 022) for directories.
• When you create a file on this system, it will have the permissions rw-r--r--. A directory will have the permissions rwxr-
xr-x.
• umask is a shell built-in command. A user can also use this command to set a new default. Here’s an extreme setting:

• A umask value of 000 means that you haven’t subtracted anything, and this could be dangerous. The system’s default
then applies (666 for files and 777 for directories). All files and directories are then writable by all; nothing could be
worse than that!
• The important thing to remember is that no one—not even the administrator— can use umask to turn on permissions
not specified in the systemwide default settings.
• However, you can always use chmod as and when required. The systemwide umask setting is placed in one of the
machine’s startup scripts and is automatically made available to all users.
Modification and Access Times

• Whenever you write to a file, the time of last modification is updated in the inode.
• A file also has an access time, i.e., the last time someone read, wrote, or executed the file.
• This time is distinctly different from the modification time that gets set only when the contents of the
file are changed.
• ls -l displays the last modification time, and ls –lu displays the last access time.
• directory can be modified by changing its entries—by creating, removing, and renaming files in the
directory.
• Note that changing a file’s contents only changes its last modification time but not that of its directory.
Modification and Access Times

• Many tools used by the system administrator look at these time stamps to decide whether a particular
file will participate in a backup or not.
• A file is often incorrectly stamped when it is extracted from a backup with tar or cpio.
 touch: Changing the Time Stamps
• You may sometimes need to set the modification and access times to predefined values.
• The touch command changes these times,and is used in the following manner:
touch options expression filename(s)
• When touch is used without options or expression, both times are set to the current time.
• The file is created if it doesn't exist:
touch emp.lst Creates file if it doesn't exist
• When touch is used without options but with expression, it changes both times.
• The expression consists of an eight-digit number using the format MMDDhhwm (month, day hour and
minute).
• Optionally: you can suffix a two- or four-digit year string:
• It's also possible to change the two times individually. The -m and -a options change the modification
and access times,
 touch: Changing the Time Stamps
• You may sometimes need to set the modification and access times to predefined values.
• The touch command changes these times,and is used in the following manner:
touch options expression filename(s)
• When touch is used without options or expression, both times are set to the current time.
• The file is created if it doesn't exist:
touch emp.lst Creates file if it doesn't exist
• When touch is used without options but with expression, it changes both times.
• The expression consists of an eight-digit number using the format MMDDhhwm (month, day hour and
minute).
• Optionally: you can suffix a two- or four-digit year string:
• It's also possible to change the two times individually. The -m and -a options change the modification
and access times,
find: Locating Files
• find is one of the power tools of the UNIX system. It recursively examines a directory tree to look for files
matching some criteria and then takes some action on the selected files
• find is easily tamed if you break up its arguments into three components:
find path_list selection_criteria action
• Fig. 4.6 shows the structure of a typical find command. The command completely examines a directory tree in
this way:

• First, it recursively examines all files in the directories specified in path_list. Here, it begins the search from
/home.
• It then matches each file for one or more selection_criteria. This always consists of an expression in the form
-operator argument (-name index.html). Here, find selects the file if it has the name index.html.
• Finally, it takes some action on those selected files. The action -print simply displays the find output on the
terminal.
find: Locating Files
• All find operators (also referred to as options in this text) begin with a hyphen.
• You can provide one or more subdirectories as the path_list and multiple selection_criteria to match one or
more files.
• This makes the command difficult to use initially, but it is a program that every user must master since it lets
her select files under practically any condition.

• Since the search starts from the root directory, find displays absolute pathnames.
• You can also use relative names in the path list, and find will then output a list of relative pathnames.
find: Locating Files
find: Locating Files
find: Locating Files
find: Locating Files
find: Locating Files
find: Locating Files
find: Locating Files
find: Locating Files
Options Available in the Action Component
Options Available in the Action Component