Unix File System and Permissions

The Unix file system is a hierarchical structure that organizes files and directories. Understanding the file system and permissions is essential for effective system administration and security. This tutorial will explore advanced concepts in the Unix file system and permissions, including file types, directory structure, permission management, access control lists (ACLs), and special permissions.

Introduction to the Unix File System

The Unix file system is organized as a tree structure, with the root directory (/) at the top. All files and directories are organized under the root directory. Key directories include:

  • /bin: Essential binary executables.
  • /etc: System configuration files.
  • /home: User home directories.
  • /lib: Shared libraries.
  • /tmp: Temporary files.
  • /usr: User programs and data.
  • /var: Variable data files.

File Types

Unix supports several file types, each serving a different purpose:

  • Regular Files: Contain data, text, or program instructions.
  • Directories: Contain other files and directories.
  • Symbolic Links: Pointers to other files or directories.
  • Character Devices: Represent devices that handle data character by character (e.g., terminals).
  • Block Devices: Represent devices that handle data in blocks (e.g., hard drives).
  • Sockets: Used for inter-process communication.
  • Named Pipes: Used for inter-process communication.

Directory Structure

The Unix directory structure is hierarchical, with directories containing files and other directories. Key commands for navigating and managing directories include:

  • pwd: Print the current working directory.
  • cd: Change the current directory.
  • ls: List directory contents.
  • mkdir: Create a new directory.
  • rmdir: Remove an empty directory.
  • rm -r: Remove a directory and its contents recursively.

File Permissions

Unix file permissions control access to files and directories. Each file and directory has three types of permissions for three categories of users:

  • User (u): The owner of the file.
  • Group (g): Users who are members of the file's group.
  • Others (o): All other users.

The three types of permissions are:

  • Read (r): Permission to read the file or list the directory contents.
  • Write (w): Permission to modify the file or directory contents.
  • Execute (x): Permission to execute the file or access the directory.

Managing File Permissions

File permissions can be viewed and modified using the ls and chmod commands:

Viewing Permissions

Use the ls -l command to view file permissions:


$ ls -l
-rw-r--r-- 1 user group 1234 Feb  5 12:34 file.txt

The first column shows the file type and permissions. For example, -rw-r--r-- indicates a regular file with read and write permissions for the owner, and read permissions for the group and others.

Changing Permissions

Use the chmod command to change file permissions. Permissions can be specified using symbolic or numeric notation:

Symbolic Notation

Use symbolic notation to add, remove, or set permissions:


$ chmod u+x file.txt   # Add execute permission for the owner
$ chmod g-w file.txt   # Remove write permission for the group
$ chmod o=r file.txt   # Set read-only permission for others

Numeric Notation

Use numeric notation to set permissions directly. Each permission type is represented by a number:

  • Read (r): 4
  • Write (w): 2
  • Execute (x): 1

Combine the numbers to set permissions:


$ chmod 755 file.txt   # rwxr-xr-x
$ chmod 644 file.txt   # rw-r--r--

Ownership and Groups

Each file and directory has an owner and a group. The chown and chgrp commands are used to change ownership and group:

Changing Ownership

Use the chown command to change the owner of a file or directory:


$ chown newuser file.txt

Changing Group

Use the chgrp command to change the group of a file or directory:


$ chgrp newgroup file.txt

Special Permissions

Unix supports special permissions for executable files and directories:

Setuid

When set on an executable file, the file runs with the privileges of the file's owner. Use chmod u+s to set the setuid permission:


$ chmod u+s file.txt

Setgid

When set on an executable file, the file runs with the privileges of the file's group. When set on a directory, new files created in the directory inherit the directory's group. Use chmod g+s to set the setgid permission:


$ chmod g+s file.txt

Sticky Bit

When set on a directory, only the file's owner, the directory's owner, or the root user can delete or rename files within the directory. Use chmod +t to set the sticky bit:


$ chmod +t directory

Access Control Lists (ACLs)

ACLs provide a more flexible permission mechanism than the traditional Unix file permissions. They allow you to specify permissions for individual users and groups. Here are some commands for managing ACLs:

Viewing ACLs

Use the getfacl command to view the ACL of a file or directory:


$ getfacl file.txt

Setting ACLs

Use the setfacl command to set ACLs. Here are some examples:


$ setfacl -m u:username:rwx file.txt   # Set read, write, and execute permissions for a specific user
$ setfacl -m g:groupname:rx file.txt   # Set read and execute permissions for a specific group
$ setfacl -x u:username file.txt       # Remove ACL entry for a specific user

Example: Setting Up a Shared Directory with ACLs

Let's set up a shared directory where members of a group can read, write, and execute files, but only the file's owner can delete or rename files. We will also use ACLs to grant specific permissions to individual users:

Create the Directory


$ mkdir /shared

Set Group Ownership


$ chgrp sharedgroup /shared

Set Permissions


$ chmod 2775 /shared   # rwxrwsr-x

Set Sticky Bit


$ chmod +t /shared

Set ACLs


$ setfacl -m u:username:rwx /shared   # Grant read, write, and execute permissions to a specific user
$ setfacl -m g:groupname:rx /shared   # Grant read and execute permissions to a specific group

Practice Exercises

Here are some practice exercises to help you develop your Unix file system and permissions skills:

  1. Create a directory structure with nested directories and files. Set appropriate permissions for different users and groups.
  2. Write a script to automate the process of setting up a shared directory with specific permissions and ownership.
  3. Experiment with symbolic and numeric notation to change file permissions. Verify the changes using the ls -l command.
  4. Set up a directory with the setuid, setgid, and sticky bit permissions. Test the behavior of these special permissions.
  5. Use the find command to search for files with specific permissions or ownership. Write a script to automate this process.
  6. Set up a directory with ACLs to grant specific permissions to individual users and groups. Verify the permissions using the getfacl command.
  7. Write a script to automate the process of setting ACLs for a directory and its contents.

 

 

Check out some Bands on Bandcamp.com. Altogether Steve and the Mercenaries, Crazy Fingers (Vancouver 1991), Flying Butt Pliers, and Hammy Ham Hands.

Proudly powered by a Text Editor, an Sftp client and some Internet Searches.

2025 dispelled.ca end of file.