Information about File Types and File Permissions in Linux.
File Types:
Most filesystem implementations define seven types of files. They are:
-
Regular Files “ – “
-
Directories “ d “
-
Character Device Files “ c “
-
Block Device Files “ b “
-
UNIX domain sockets “ s “
-
Named Pipes (FIFOs) “ p “
-
Symbolic Links “ l “
Regular Files:
A regular file is just a bag of bytes. Unix imposes no structure on its contents. Text files, data files, executable programs and shared libraries are stored as regular files
Directories:
A directory contains references to other files.
The special entries “.” and “..” refer to the directory itself and to its parent directory. They cannot be removed.
Character and Block Device Files:
These files are allow linux kernel to communicate with the system’s hardware. Linux Kernel deals with hardware with the help of modules. The module for particular hardware is called device driver.
Character Device drivers are used for Serial devices. And Block Device drivers handle parallel & storage devices.
Unix Domain Sockets:
Sockets are connections between processes that allow them to communicate.
Unix Domain sockets are local to a particular host and are referenced through a filesystem object rather than a network port.
Unix Sockets are created with the socket() system call and can be removed with “rm” command or unlink() system call.
Named Pipes:
Named Pipes allow communication between two unrelated processes running on same host. They are also known as “FIFO Files”. “mknod” command is used to create Named Pipes.
Symbolic Links:
A symbolic or soft link points to a file by name.
================================================================================
File permissions are very crucial in Linux. It is very important part of Linux Security.
If you do ‘ls –l’ in any directory of Linux, you will find below kind of output.
Permissions User Group Size Date & Time Filename Source path
———– —- —– —- ———– ——– ———–
drwxrwxrwx 3 root root 1024 Jul 17 15:02 Desktop
drwxr-xr-x 18 neel user 32768 Jan 1 19:70 Test
lrwxrwxrwx 1 oracle dba 17 Jul 20 19:57 Inv -> ../etc/oraInst
-rw-r–r– 1 root root 9261 Jul 17 22:24 dmesg.log
| — other’s permissions
| — group’s permissions
|— user’s permissions
|
First Character defines the type of file.
d => dir
– => file
l => link
b => block
c => character
Here rwx means ->
r = read = 4
w = write = 2
x = execute = 1
Change Group of Owner:
# usermod -g <group> <user>
# usermod -g <primary_group> -G <secondary_group> <user>
Modify group:
# groupmod -n <new_groupname> <old_groupname>
Change ownership:
# chown <user>.<group> <file>
# chown -R <user>.<group> <directory>
Change permissions:
We can change permissions by 2 methods
-
Octal Method -> Here we use Numeric permissions
-
Symbolic Method -> Here we use Character permissions
# chmod xxx <file> -> Octal method
# chmod -R xxx <directory> – Here –R for recursive
# chmod ugoa +- rwx <file> -> Symbolic method
# chmod -R ugoa +- rwx <directory> -^
In above example let’s see permissions of “Desktop”
drwxrwxrwx 3 root root 1024 Jul 17 15:02 Desktop
d -> for Directory
First rwx –> Readable, Writable and Accessible to owner i.e. root
Second rwx –> Readable, Writable and Accessible to group i.e. root
Thrid rwx –> Readable, Writable and Accessible to other. That means it is World writable. Which is not Secured
Please Note that, Directory must have ‘x’ in permissions otherwise it cannot be open. Also if any file has ‘x’ in its permission then that file becomes executable.
————————————————————————————————————————————————
Umask
Umask is for User Mask. It sets the file mode creation mask.
By default Linux wants to create a File with ‘777’ i.e.’ rwxrwxrwx’ and Directory with ‘666’ i.e. ‘rw-rw-rw-‘ permissions. But due to Umask settings it gets change.
Just give below command to know your current umask.
# umask
0022
So here umask is 0022. So whenever I create a new file by default its permissions will be
0666 – 0022 = 0644 That means ‘rw-r—r—‘
And whenever I create a new Directory its permissions will be
0777-0022 = 0755 That means ‘rwxr-xr-x’
Remember ‘x’ is must for directory.
————————————————————————————————————————————-
SetUidGid
1. It applies to executable only
2. When ‘setuid’ is enabled, the file is executed under the user ID of the file owner.In other words, if an exec program is owned by root and the ‘setuid’ perm is set, then no matter who executes that program, it runs as if being executed by ‘root’
3. This means that the program can do a lot more [eg. read all files, create new files and delete files] than what a normal file would do
4. This can be extremely hazardous if the exec has some security hole which crackers can exploit it.
Examine /usr/bin/passwd
-r-s–x–x 1 root root 16K Feb 14 2003 passwd
It has ‘s’ in Owner permissions field. That means ‘setuid’ is enabled. Due to this, whoever run ‘passwd’ command, it loads in RAM as if being loaded by ‘root’. And that’s why users can change their password.
Passwords are stored in /etc/shadow. It has 600 permissions i.e. only root can modify it.
To setuid,
# chmod u+s
or
# chmod 4511
Whenever ‘setgid’ is enabled, that programs comes into the RAM with its group-owner permissions.
To setgid,
# chmod g+s
or
# chmod 2511
5. So see all setuid enabled programs:
# find / -type f -perm +4000 –print
—————————————————————————————————————————————-
Sticky Bit
The most common use of the sticky bit today is on directories. When the sticky bit is set, only the item’s owner, the directory’s owner, or the superuser can rename or delete files. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of owner. Eg /tmp