Difference between revisions of "Linux Primer"

From CS Support
Jump to navigation Jump to search
(added external beocat reference link)
(remove extra whitespace)
 
(3 intermediate revisions by the same user not shown)
Line 47: Line 47:
 
| cat <filename> || print the contents of <filename> to the screen
 
| cat <filename> || print the contents of <filename> to the screen
 
|-
 
|-
| cp <source> <destination> || copy from <source> to <destination>
+
| cp &lt;source&gt; <destination> || copy from &lt;source&gt; to <destination>
 
|-
 
|-
| mv <source> <destination> || move or renamce from <source> to <destination>
+
| mv &lt;source&gt; <destination> || move or rename from &lt;source&gt; to <destination>
 
|-
 
|-
 
| touch <filename> || create an empty file if it doesn't exists or update the last modified timestamp if it does
 
| touch <filename> || create an empty file if it doesn't exists or update the last modified timestamp if it does
Line 64: Line 64:
 
=== General CLI Notes ===
 
=== General CLI Notes ===
  
* Linux interprets everything you type in a case-sensitve manner. This means upper- and lower-case letters matter, both in commands and filenames. e.g. "Documents" is '''''not''''' the same as "documents".
+
* Linux interprets everything you type in a case-sensitive manner. This means upper- and lower-case letters matter, both in commands and filenames. e.g. "Documents" is '''''not''''' the same as "documents".
  
 
* Your shell does not deal with spaces in filenames very nicely. I would strongly discourage you from doing so. If you must use spaces in your filenames, you will need to enclose them with double-quotes (") to interact with them on the command line. Other special characters you should stay away from in filenames include <code>$, #, ;, \, ~, <, >, |, `, [, ], {, }, (, )</code>, and <code>&</code>. These all have special meanings in bash (and other shells) and could result in unexpected (or damaging) behavior of your commands.
 
* Your shell does not deal with spaces in filenames very nicely. I would strongly discourage you from doing so. If you must use spaces in your filenames, you will need to enclose them with double-quotes (") to interact with them on the command line. Other special characters you should stay away from in filenames include <code>$, #, ;, \, ~, <, >, |, `, [, ], {, }, (, )</code>, and <code>&</code>. These all have special meanings in bash (and other shells) and could result in unexpected (or damaging) behavior of your commands.
Line 78: Line 78:
 
==== Navigating and listing directories ====
 
==== Navigating and listing directories ====
 
* What files and directories are in the directory I am currently in?
 
* What files and directories are in the directory I am currently in?
<code>
 
 
  testacct@viper:~$ ls
 
  testacct@viper:~$ ls
 
  Application Data  Favorites  My Music    Public    Videos
 
  Application Data  Favorites  My Music    Public    Videos
Line 85: Line 84:
 
  desktop.ini      Maildir    procmail-log  Templates
 
  desktop.ini      Maildir    procmail-log  Templates
 
  Documents        Music      procmailrc    Trash
 
  Documents        Music      procmailrc    Trash
</code>
 
  
 
* No, really, show me '''all''' the files.
 
* No, really, show me '''all''' the files.
<code>
 
 
  testacct@viper:~$ ls -a
 
  testacct@viper:~$ ls -a
 
  .                  .gnome2                        .nx
 
  .                  .gnome2                        .nx
Line 103: Line 100:
 
  .cache            .gtkrc-1.2-gnome2              .pulse
 
  .cache            .gtkrc-1.2-gnome2              .pulse
 
  <...>
 
  <...>
</code>
+
 
 
: <code>-a</code> is for "all files"
 
: <code>-a</code> is for "all files"
  
 
* Can I have some more useful info about those files?
 
* Can I have some more useful info about those files?
<code>
 
 
  testacct@viper:~$ ls -la
 
  testacct@viper:~$ ls -la
 
  total 380
 
  total 380
Line 128: Line 124:
 
  drwxrwx---  2 testacct testacct_users    22 Aug 21  2007 Cookies
 
  drwxrwx---  2 testacct testacct_users    22 Aug 21  2007 Cookies
 
  <...>
 
  <...>
</code>
 
 
: <code>-l</code> is for "long listing"
 
: <code>-l</code> is for "long listing"
 
: <code>-la</code> is the equivalent of <code>-l -a</code>
 
: <code>-la</code> is the equivalent of <code>-l -a</code>
  
 
* Can I get that with human-readable file sizes in bytes?
 
* Can I get that with human-readable file sizes in bytes?
<code>
 
 
  testacct@viper:~$ ls -lah
 
  testacct@viper:~$ ls -lah
 
  total 380K
 
  total 380K
Line 154: Line 148:
 
  drwxrwx---  2 testacct testacct_users  22 Aug 21  2007 Cookies
 
  drwxrwx---  2 testacct testacct_users  22 Aug 21  2007 Cookies
 
  <...>
 
  <...>
</code>
 
  
 
* Change directory to <code>Documents</code>
 
* Change directory to <code>Documents</code>
<code>
 
 
  testacct@viper:~$ cd Documents
 
  testacct@viper:~$ cd Documents
 
  testacct@viper:~/Documents$
 
  testacct@viper:~/Documents$
</code>
 
  
 
* Change directory to <code>foo</code> that is in <code>Documents</code>
 
* Change directory to <code>foo</code> that is in <code>Documents</code>
<code>
 
 
  testacct@viper:~$ cd Documents/foo
 
  testacct@viper:~$ cd Documents/foo
 
  testacct@viper:~/Documents/foo$
 
  testacct@viper:~/Documents/foo$
</code>
 
  
 
* Change back to the parent directory of the one I am currently in
 
* Change back to the parent directory of the one I am currently in
<code>
 
 
  testacct@viper:~/Documents/foo$ cd ..
 
  testacct@viper:~/Documents/foo$ cd ..
 
  testacct@viper:~/Documents$
 
  testacct@viper:~/Documents$
</code>
 
  
 
* Change back to my home directory
 
* Change back to my home directory
<code>
 
 
  testacct@viper:~/Documents/foo$ cd
 
  testacct@viper:~/Documents/foo$ cd
 
  testacct@viper:~$
 
  testacct@viper:~$
</code>
 
 
: '''''or'''''
 
: '''''or'''''
<code>
 
 
  testacct@viper:~/Documents/foo$ cd ~
 
  testacct@viper:~/Documents/foo$ cd ~
 
  testacct@viper:~$
 
  testacct@viper:~$
</code>
 
 
: '''''or'''''
 
: '''''or'''''
<code>
 
 
  testacct@viper:~/Documents/foo$ cd $HOME
 
  testacct@viper:~/Documents/foo$ cd $HOME
 
  testacct@viper:~$
 
  testacct@viper:~$
</code>
 
  
 
* Make a directory here called <code>bar</code>
 
* Make a directory here called <code>bar</code>
<code>
 
 
  testacct@viper:~$ mkdir bar
 
  testacct@viper:~$ mkdir bar
</code>
 
  
 
* Make a directory here called <code>bar</code> and contains another directory called <code>baz</code>
 
* Make a directory here called <code>bar</code> and contains another directory called <code>baz</code>
<code>
 
 
  testacct@viper:~$ mkdir -p bar/baz
 
  testacct@viper:~$ mkdir -p bar/baz
</code>
 
 
: <code>-p</code> is for "parents", or "create parent subdirectories as needed to get this full path created"
 
: <code>-p</code> is for "parents", or "create parent subdirectories as needed to get this full path created"
  
 
* Remove an empty directory here called <code>bar</code>
 
* Remove an empty directory here called <code>bar</code>
<code>
 
 
  testacct@viper:~$ rmdir bar
 
  testacct@viper:~$ rmdir bar
</code>
 
  
 
* Remove a directory here called <code>bar</code> and all of its contents, no matter how many sub-directories or files it contains ('''''Potentially very dangerous as it will not ask you for confirmation''''').
 
* Remove a directory here called <code>bar</code> and all of its contents, no matter how many sub-directories or files it contains ('''''Potentially very dangerous as it will not ask you for confirmation''''').
<code>
 
 
  testacct@viper:~$ rmdir -rf bar
 
  testacct@viper:~$ rmdir -rf bar
</code>
 
 
* <code>-r</code> for "recursive" and <code>-f</code> for "force"
 
* <code>-r</code> for "recursive" and <code>-f</code> for "force"
  
Line 215: Line 188:
  
 
* Show me the contents of the file <code>lorem_ipsum.txt</code>
 
* Show me the contents of the file <code>lorem_ipsum.txt</code>
<code>
 
 
  testacct@viper:~$ cat lorem_ipsum.txt
 
  testacct@viper:~$ cat lorem_ipsum.txt
 
  Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus placerat,
 
  Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus placerat,
Line 223: Line 195:
 
  eget scelerisque est. Pellentesque ultricies non neque interdum euismod.
 
  eget scelerisque est. Pellentesque ultricies non neque interdum euismod.
 
  Quisque ac ante eu mauris eleifend commodo vitae id erat.
 
  Quisque ac ante eu mauris eleifend commodo vitae id erat.
</code>
 
  
 
* Create an empty file named <code>empty.txt</code>
 
* Create an empty file named <code>empty.txt</code>
<code>
 
 
  testacct@viper:~$ touch empty.txt
 
  testacct@viper:~$ touch empty.txt
</code>
 
  
 
* Copy the file <code>foo.c</code> to a new file called <code>bar.c</code>
 
* Copy the file <code>foo.c</code> to a new file called <code>bar.c</code>
<code>
 
 
  testacct@viper:~$ cp foo.c bar.c
 
  testacct@viper:~$ cp foo.c bar.c
</code>
 
  
 
* Rename or move the file <code>bar.c</code> to <code>baz.c</code>
 
* Rename or move the file <code>bar.c</code> to <code>baz.c</code>
<code>
 
 
  testacct@viper:~$ mv bar.c baz.c
 
  testacct@viper:~$ mv bar.c baz.c
</code>
 
  
 
* Delete or remove the file <code>baz.c</code>
 
* Delete or remove the file <code>baz.c</code>
<code>
 
 
  testacct@viper:~$ rm baz.c
 
  testacct@viper:~$ rm baz.c
</code>
 
  
 
* What the heck kind of file is <code>win-cis-64</code>
 
* What the heck kind of file is <code>win-cis-64</code>
<code>
 
 
  testacct@viper:~$ file win-cis-64
 
  testacct@viper:~$ file win-cis-64
 
  win-cis-64: PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
 
  win-cis-64: PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
</code>
 
  
 
== What are "Linux file permissions"? ==
 
== What are "Linux file permissions"? ==
Line 265: Line 226:
 
You may, however, change the group ownership of your files (or directories). You are only able to change a file's group ownership to another group to which you belong. You may change group ownership with the <code>chgrp</code> program:
 
You may, however, change the group ownership of your files (or directories). You are only able to change a file's group ownership to another group to which you belong. You may change group ownership with the <code>chgrp</code> program:
  
<code>
 
 
  chgrp foobar_users file.txt
 
  chgrp foobar_users file.txt
 
  chgrp foobar_users dir
 
  chgrp foobar_users dir
</code>
 
  
 
=== File Mode ===
 
=== File Mode ===
Line 280: Line 239:
 
To view the permissions on a file or directory you can use the <code>-l</code> option to the file list command, <code>ls</code>:
 
To view the permissions on a file or directory you can use the <code>-l</code> option to the file list command, <code>ls</code>:
  
<code>
 
 
  foobar@viper projects$ ls -l
 
  foobar@viper projects$ ls -l
 
  total 4
 
  total 4
Line 287: Line 245:
 
  -rw-r--r--  1 foobar foobar_users  667 Mar 16 19:51 foo.txt
 
  -rw-r--r--  1 foobar foobar_users  667 Mar 16 19:51 foo.txt
 
  -rwxrwxr-x  1 foobar foobar_users  408 Mar 16 19:51 a.out
 
  -rwxrwxr-x  1 foobar foobar_users  408 Mar 16 19:51 a.out
</code>
 
  
 
Here we see two directories and two files.  The permissions are shown in the first column of the listing.  The user owner is the third column and the group owner is the fourth column.  The permissions are shown via the 10-character string. The first character (either <code>d</code> or <code>-</code> here) tells us what kind of thing is shown: <code>d</code> for directory and <code>-</code> for regular file (there are other kinds of "things" in a Linux file system, but those are beyond the scope of this discussion).  The rest of the columns show the file mode.
 
Here we see two directories and two files.  The permissions are shown in the first column of the listing.  The user owner is the third column and the group owner is the fourth column.  The permissions are shown via the 10-character string. The first character (either <code>d</code> or <code>-</code> here) tells us what kind of thing is shown: <code>d</code> for directory and <code>-</code> for regular file (there are other kinds of "things" in a Linux file system, but those are beyond the scope of this discussion).  The rest of the columns show the file mode.
Line 305: Line 262:
 
The first, or "who", part of the options are specified with one or more letters: <code>u</code> for user, <code>g</code> for group, <code>o</code> for other, and <code>a</code> for all.
 
The first, or "who", part of the options are specified with one or more letters: <code>u</code> for user, <code>g</code> for group, <code>o</code> for other, and <code>a</code> for all.
  
The second part is specified with either the plus (</code>+</code>) sign to grant permission or the minus (</code>-</code>) sign to revoke permission.
+
The second part is specified with either the plus (<code>+</code>) sign to grant permission or the minus (<code>-</code>) sign to revoke permission.
  
 
The third part is specified with the same letters as were used by <code>ls</code> when viewing permissions: <code>r</code> for read, <code>w</code> for write, and <code>x</code> for execute.
 
The third part is specified with the same letters as were used by <code>ls</code> when viewing permissions: <code>r</code> for read, <code>w</code> for write, and <code>x</code> for execute.
Line 311: Line 268:
 
For example:
 
For example:
  
<code>
 
 
  chmod a+rx script.pl
 
  chmod a+rx script.pl
 
  chmod og-w file.txt
 
  chmod og-w file.txt
 
  chmod ug+rw source.c
 
  chmod ug+rw source.c
</code>
 
  
 
The first line above would grant read and execute permission to all users on the file named <code>script.pl</code>. The second line would revoke write permissions on <code>file.txt</code> for other users and the group owner. The third would grant read and write permissions to the user owner and group owner on <code>source.c</code>.
 
The first line above would grant read and execute permission to all users on the file named <code>script.pl</code>. The second line would revoke write permissions on <code>file.txt</code> for other users and the group owner. The third would grant read and write permissions to the user owner and group owner on <code>source.c</code>.
Line 327: Line 282:
 
For example:
 
For example:
  
<code>
 
 
  chmod 755 script.pl
 
  chmod 755 script.pl
 
  chmod 644 file.txt
 
  chmod 644 file.txt
 
  chmod 660 source.c
 
  chmod 660 source.c
</code>
 
  
 
After running these commands, we would see something like the following listing (note the first column especially):
 
After running these commands, we would see something like the following listing (note the first column especially):
  
<code>
 
 
  foobar@viper src$ ls -l
 
  foobar@viper src$ ls -l
 
  total 3
 
  total 3
Line 341: Line 293:
 
  -rw-r--r--  1 foobar foobar_users  2590 Mar  8 17:22 file.txt
 
  -rw-r--r--  1 foobar foobar_users  2590 Mar  8 17:22 file.txt
 
  -rw-rw----  1 foobar foobar_users  596 Mar 12  7:04 source.c
 
  -rw-rw----  1 foobar foobar_users  596 Mar 12  7:04 source.c
</code>
 
  
 
Again see the man-page for <code>chmod</code> for details.
 
Again see the man-page for <code>chmod</code> for details.

Latest revision as of 15:15, 25 March 2020

Don't know anything about using Linux? Let us help you. This guide will give you basic info on terminology, file permissions, and using the command line.

NOTE: This document borrows heavily from the excellent documentation found in the Beocat wiki. Please have a look there for more details and in-depth examples.

What does this Linux term mean?

Here are a few basic terms we use when referring to "things" on a Linux system.

Term Definition
Directory A "Folder" in Windows or OS-X terms. A location where files or other directories are stored. The current directory is sometimes represented as . and the parent directory can be referenced as ..
Home Directory
Shell The interface or environment under which you can run commands. For most users, your shell is bash
SSH Secure Shell. A protocol that encrypts data and can give access to another system, usually by a username and password
SCP Secure Copy. Copying to or from a remote system using part of SSH
path The list of directories which are searched when you type the name of a program. There is a section below on this
ownership Every file and directory has an user and a group attached to it, called its owners. These affect permissions.
permissions The ability to read, write, and/or execute a file. Permissions are based on ownership
switches Modifiers or options to a command-line program, usually in the form of -(letter) or --(word). Multiple single-letter switches may frequently be combined if needed for a command
pipes and redirects Changes the input (often called 'stdin') and/or output (often called stdout) to a program or a file

What are some basic Linux commands?

Here are some of the most common commands you will be using:

Command Function
ls list files
cd change directory
mkdir <dirname> make a directory called <dirname>
rmdir <dirname> remove or delete a directory called <dirname>
cat <filename> print the contents of <filename> to the screen
cp <source> <destination> copy from <source> to <destination>
mv <source> <destination> move or rename from <source> to <destination>
touch <filename> create an empty file if it doesn't exists or update the last modified timestamp if it does
file <filename> show some information about <filename>, such as what type of file it is
nano edit files (probably the easiest text-based editor on our systems)
man user manuals

If you need more details on how to use any of these, you can type man cmd where "cmd" is the name of the command you want more information about.

General CLI Notes

  • Linux interprets everything you type in a case-sensitive manner. This means upper- and lower-case letters matter, both in commands and filenames. e.g. "Documents" is not the same as "documents".
  • Your shell does not deal with spaces in filenames very nicely. I would strongly discourage you from doing so. If you must use spaces in your filenames, you will need to enclose them with double-quotes (") to interact with them on the command line. Other special characters you should stay away from in filenames include $, #, ;, \, ~, <, >, |, `, [, ], {, }, (, ), and &. These all have special meanings in bash (and other shells) and could result in unexpected (or damaging) behavior of your commands.
  • Tab-completion is your friend. No need to type that very long directory or filename, just hit the <Tab> key once you've typed enough unique letters and the shell will complete the name as it matches in the current directory. You can even do this multiple times for any filename or path as you type it.
  • Linux has no concept of "file extensions". Most GUI desktops will try to interpret them if you use typical ones (.pdf, .doc, .txt, etc), but there are no "rules" about what you name files. Use your own discretion. As with all things, consistent naming will keep you out of trouble later.

Some Practical Examples

Output is truncated in some of these. More can be found on the Beocat wiki.

Navigating and listing directories

  • What files and directories are in the directory I am currently in?
testacct@viper:~$ ls
Application Data  Favorites  My Music     Public     Videos
Cookies          foo        My Pictures   Sent       workspace
Desktop          Ghost.pif  Pictures      steamtest.vmf  xauth
desktop.ini      Maildir    procmail-log  Templates
Documents        Music      procmailrc    Trash
  • No, really, show me all the files.
testacct@viper:~$ ls -a
.                  .gnome2                         .nx
..                 .gnome2.old                     .openwin-menu
.AbiSuite          .gnome2.old.old.old             .phoenix
.acrobat           .gnome2_private                 Pictures
.adobe             .gnome2_private.old             .pinerc
Application Data   .gnome2_private.old.old.old     .pki
.bash_history      .gnome.old.old.old              procmail-log
.bash_profile      .gnupg                          procmailrc
.bash_profile.bak  .gstreamer-0.10                 .profile
.bashrc            .gstreamer-0.8                  .profile.bak
.bashrc.bak        .gtk-bookmarks                  Public
.cache             .gtkrc-1.2-gnome2               .pulse
<...>
-a is for "all files"
  • Can I have some more useful info about those files?
testacct@viper:~$ ls -la
total 380
drwxr-xr-x  70 testacct testacct_users  4096 Oct  2 15:56 .
drwxr-xr-x 199 root     root            8192 Aug 26 18:10 ..
drwx------   2 testacct testacct_users    28 Aug 28  2008 .AbiSuite
drwxr-x---   2 testacct testacct_users    18 Jul 23  2004 .acrobat
drwx------   5 testacct testacct_users   115 Aug 28  2008 .adobe
drwxrwx---   4 testacct testacct_users    39 Aug 21  2007 Application Data
-rw-------   1 testacct testacct_users  6608 Aug 25 14:23 .bash_history
-rw-r--r--   1 testacct testacct_users   533 Sep  3  2009 .bash_profile
-rw-r-----   1 testacct testacct_users   279 Sep  3  2009 .bash_profile.bak
-rw-r--r--   1 testacct testacct_users  1733 Sep  3  2009 .bashrc
-rw-r-----   1 testacct testacct_users  2532 Sep  3  2009 .bashrc.bak
drwx------  34 testacct testacct_users  4096 Aug 25 14:32 .cache
drwxr-xr-x   7 testacct testacct_users    72 Aug  8  2004 .cfagent
drwx------   3 testacct testacct_users    20 Aug 28  2012 .compiz
drwxr-xr-x  22 testacct testacct_users  4096 Jul 24 16:40 .config
drwx------   7 testacct testacct_users   155 Jan  8  2010 .config.bak
drwxrwx---   2 testacct testacct_users    22 Aug 21  2007 Cookies
<...>
-l is for "long listing"
-la is the equivalent of -l -a
  • Can I get that with human-readable file sizes in bytes?
testacct@viper:~$ ls -lah
total 380K
drwxr-xr-x  70 testacct testacct_users 4.0K Oct  2 15:56 .
drwxr-xr-x 199 root     root           8.0K Aug 26 18:10 ..
drwx------   2 testacct testacct_users   28 Aug 28  2008 .AbiSuite
drwxr-x---   2 testacct testacct_users   18 Jul 23  2004 .acrobat
drwx------   5 testacct testacct_users  115 Aug 28  2008 .adobe
drwxrwx---   4 testacct testacct_users   39 Aug 21  2007 Application Data
-rw-------   1 testacct testacct_users 6.5K Aug 25 14:23 .bash_history
-rw-r--r--   1 testacct testacct_users  533 Sep  3  2009 .bash_profile
-rw-r-----   1 testacct testacct_users  279 Sep  3  2009 .bash_profile.bak
-rw-r--r--   1 testacct testacct_users 1.7K Sep  3  2009 .bashrc
-rw-r-----   1 testacct testacct_users 2.5K Sep  3  2009 .bashrc.bak
drwx------  34 testacct testacct_users 4.0K Aug 25 14:32 .cache
drwxr-xr-x   7 testacct testacct_users   72 Aug  8  2004 .cfagent
drwx------   3 testacct testacct_users   20 Aug 28  2012 .compiz
drwxr-xr-x  22 testacct testacct_users 4.0K Jul 24 16:40 .config
drwx------   7 testacct testacct_users  155 Jan  8  2010 .config.bak
drwxrwx---   2 testacct testacct_users   22 Aug 21  2007 Cookies
<...>
  • Change directory to Documents
testacct@viper:~$ cd Documents
testacct@viper:~/Documents$
  • Change directory to foo that is in Documents
testacct@viper:~$ cd Documents/foo
testacct@viper:~/Documents/foo$
  • Change back to the parent directory of the one I am currently in
testacct@viper:~/Documents/foo$ cd ..
testacct@viper:~/Documents$
  • Change back to my home directory
testacct@viper:~/Documents/foo$ cd
testacct@viper:~$
or
testacct@viper:~/Documents/foo$ cd ~
testacct@viper:~$
or
testacct@viper:~/Documents/foo$ cd $HOME
testacct@viper:~$
  • Make a directory here called bar
testacct@viper:~$ mkdir bar
  • Make a directory here called bar and contains another directory called baz
testacct@viper:~$ mkdir -p bar/baz
-p is for "parents", or "create parent subdirectories as needed to get this full path created"
  • Remove an empty directory here called bar
testacct@viper:~$ rmdir bar
  • Remove a directory here called bar and all of its contents, no matter how many sub-directories or files it contains (Potentially very dangerous as it will not ask you for confirmation).
testacct@viper:~$ rmdir -rf bar
  • -r for "recursive" and -f for "force"

Working with files

  • Show me the contents of the file lorem_ipsum.txt
testacct@viper:~$ cat lorem_ipsum.txt
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus placerat,
odio vel ultricies commodo, lectus mi ornare enim, in ornare risus lacus ac
ipsum. Sed ac dui nec risus maximus porttitor. Quisque at lacinia sem, at
blandit ex. Cras gravida felis in pretium tincidunt. Etiam nec hendrerit orci,
eget scelerisque est. Pellentesque ultricies non neque interdum euismod.
Quisque ac ante eu mauris eleifend commodo vitae id erat.
  • Create an empty file named empty.txt
testacct@viper:~$ touch empty.txt
  • Copy the file foo.c to a new file called bar.c
testacct@viper:~$ cp foo.c bar.c
  • Rename or move the file bar.c to baz.c
testacct@viper:~$ mv bar.c baz.c
  • Delete or remove the file baz.c
testacct@viper:~$ rm baz.c
  • What the heck kind of file is win-cis-64
testacct@viper:~$ file win-cis-64
win-cis-64: PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

What are "Linux file permissions"?

All student and faculty files in the CIS department are stored on a Linux file server. However, not everyone needs or should have access to every file. Linux file permissions are how the file server decides who can access which files and what kind of access is permitted.

Ownership

Every file in Linux is assigned an user owner and a group owner. These form the basis of file security.

Each group may contain zero or more users. In the CIS department, every user has a special group which contains only their user (e.g., if your username were foobar, your group would be foobar_users).

You may not change the user ownership of your files. If you find that some of your files are owned by the wrong user, you will need to contact the systems staff to get that problem correct.

You may, however, change the group ownership of your files (or directories). You are only able to change a file's group ownership to another group to which you belong. You may change group ownership with the chgrp program:

chgrp foobar_users file.txt
chgrp foobar_users dir

File Mode

The second component of Linux file ownership is called "file mode." The file mode determines what access the user owner, group owner, or other user has to a file.

There are three kinds of access: read, write, and execute. The access granted by each of these depends upon whether they are applied to a directory or to a file. For files, read access gives the user permission to see the contents of the file, write access gives the user permission to change the contents of the file, and execute access gives the user permission to run the file as a program. For directories, read access gives the user permission to see what files are stored in that directory, write access gives the user permission to create files in that directory, and execute access allows the user to enter that directory (note that directory execute is required for read or write to mean anything).

Viewing File Permissions

To view the permissions on a file or directory you can use the -l option to the file list command, ls:

foobar@viper projects$ ls -l
total 4
drwx------   3 foobar foobar_users 4096 Mar 16 19:51 bin/
drwxrwxr-x   4 foobar foobar_users 4096 Mar 16 19:51 lib/
-rw-r--r--   1 foobar foobar_users  667 Mar 16 19:51 foo.txt
-rwxrwxr-x   1 foobar foobar_users  408 Mar 16 19:51 a.out

Here we see two directories and two files. The permissions are shown in the first column of the listing. The user owner is the third column and the group owner is the fourth column. The permissions are shown via the 10-character string. The first character (either d or - here) tells us what kind of thing is shown: d for directory and - for regular file (there are other kinds of "things" in a Linux file system, but those are beyond the scope of this discussion). The rest of the columns show the file mode.

The file mode is divided into three sections. The first applies to the user onwer, the second to the group owner, and the third to all other users. These fields are then divided into three letters, one for each permission granted: r for read, w for write, and x for execute.

The first row above shows a directory that is only accessible by user foobar. This user is allowed to change to the bin directory, see what files are in that directory, and allowed to put new files into that directory. The second row shows a publically accessible directory that is both user and group writable. Here anyone can change to and see the contents of the lib directory. However, only foobar and members of foobar_users are allowed to create files in that directory.

The third and forth rows show files. The first file is readable by everyone, but only writeable by foobar. The second file is readable and executable by everyone, but is only writable by foobar or members of foobar_users.

Changing File Mode

If you need to change the mode of a file or directory, you may do so with the chmod command. The chmod command takes two or more options. The first option is the permission changes you wish to make and the rest of the arguments are the files to change. (The actual command is a lot more flexible, but you may find out more about that by typing man chmod.)

The permission changes are specified in three parts: (1) whose permissions are being changed, (2) stating that permissions are being added or removed, and (3) what access is being granted or revoked.

The first, or "who", part of the options are specified with one or more letters: u for user, g for group, o for other, and a for all.

The second part is specified with either the plus (+) sign to grant permission or the minus (-) sign to revoke permission.

The third part is specified with the same letters as were used by ls when viewing permissions: r for read, w for write, and x for execute.

For example:

chmod a+rx script.pl
chmod og-w file.txt
chmod ug+rw source.c

The first line above would grant read and execute permission to all users on the file named script.pl. The second line would revoke write permissions on file.txt for other users and the group owner. The third would grant read and write permissions to the user owner and group owner on source.c.

Notice that this doesn't say anything about the existing permissions. For example, in the second line above, the user may not be allowed to write to the file either if the user was never granted that permission.

Absolute File mode

Advanced users may want to specify the mode quickly and exactly. This can be done by specifying the numeric file mode directly. The file mode may be specified as an octal number where the last three digits represent each of the three levels of access, user, group, and other, respectively. Each digit then specifies all three read, write, and execute for each of the three fields. Read is specified by the digit 4, write by 2, and execute by 1. Adding these together will get the overall permission.

For example:

chmod 755 script.pl
chmod 644 file.txt
chmod 660 source.c

After running these commands, we would see something like the following listing (note the first column especially):

foobar@viper src$ ls -l
total 3
-rwxr-xr-x   1 foobar foobar_users   432 Mar 10 12:40 script.pl
-rw-r--r--   1 foobar foobar_users  2590 Mar  8 17:22 file.txt
-rw-rw----   1 foobar foobar_users   596 Mar 12  7:04 source.c

Again see the man-page for chmod for details.

General Note About Directories

Linux requires that directories have the "execute" permission enabled. Without this permission, you will not be able to display the contents of a directory, even if you have "read" permissions enabled.

What about the /tmp directory?

Whenever working on a Linux system in the department, please be aware of the /tmp directory since it allows you to store files for a short time without affecting your quota. If you need to download a large file or work with some large files that you don't need to work with for long and can't fit into your home directory, you can place these files in /tmp, which is stored on the local disk of the current machine.

However, there are some things you should be aware of when using the the /tmp folder. First, filling up all space in the /tmp folder is a bad idea. You can cause certain programs on the system to freeze up if there is no room left on the drive, which may make working on that computer difficult. Second, the temporary folder is temporary and is cleaned out automatically once every hour. You should not rely on this directory for anything important.