Home Page The Club Computers News Links Glossary EYAWTK
Before Amiga Background ICS OCS ECS AGA ??? PPC
U-Boot SLB Linux Amiga OS Dual Boot Motherboards Peripherals Other
Initialisation Installation Upgd Kernel About Linux Networking Printing MOL UAE
Introduction Security File System Editing Files Commands Miscellaneous

AmigaOne - Linux - About Linux - File System

This section introduces the Linux File System and why you have to be aware of how it works.

Files and Directories
Linux, like all other computer operating systems, maintains files within directories, but the hierachy is probably more structured than other operating systems and is rigidly enforced.

Files and directories can be categorised as static or dynamic. The contents of static files and directories rarely change, except when patching or installing the operating system or applications. Executable files, libraries, and system start-up utilities are all considered to be static. Dynamic files and directories change frequently. They are stored in a separate portion of the file system. Configuration, temporary, and user files are all considered to be dynamic.

General definitions for these directories are:

Directory Definition
/bin Operating System user commands.
/boot Operating System boot files (including kernel).
/dev Device files.
/etc System configuration files, such as fstab.
/home User directories.
/lib Library files and directories.
/mnt Local mounts.
/opt Applications.
/proc Operating System procedure files.
/sbin Minimum commands needed to boot the system and mount other file systems.
/tmp Operating System temporary files.
/usr Shareable operating system commands, libraries and documentation.
/var Dynamic information such as logs and spooler files.

Files and Directory Security
With Linux, all directories and the files within them have three levels of operation and three levels of access:
Operation Access
Read (r) Owner
Write (w) Group
Execute (x) Everyone Else

The default depends on other environment variables but starts off as Read and Write for Owner and possibly Read for the Group. This means that the security flags for a folder or file must be set correctly before you will be allowed to access them. If you use the ls -l command you will see a list of files for the current directory, where each line begins with a collection of -, d, l, r, x or w values, which are the security rules for each file. Apart from the first character, the others are arranged in group of three pertaining to the owner, the group and everyone else.

For example:

 -rwxrw-r--     1 wally    users     175 November 25 2004 example.txt
  • the first "-" indicates that it is a file; if this value was a "d" then it would be a directory (or folder)
  • the next three characters "rwx" indicate that the owner, i.e. the name shown just to the right (wally), has read, write and execute/search privileges on the file
  • the next three characters "rw-" indicate that the group, i.e. the name shown to the right of owner (users) has read and write privileges only on the file
  • the last three characters "r--" indicate that everyone else has read only privileges
  • the next value (number 1 in the above example) is the number of files - more meaningful for folders
  • the next value (wally in this example) is the owner of the file as previously mentioned
  • the next value (users in this example) is the group associated with the file
  • the next value (175 in this example) is the size of the file in bytes
  • the next value (November 25 2004 in this example) is the last modified date
  • the last value (example.txt in this example) is the directory (folder) or file name
Changing Permissions on Folders and Files
In order for users to gain access to various folders and files not created by them, it will be necessary to log on as that user to change the permissions or simply use the root user to change them. For this you can use the chmod command, which takes a little bit of understanding irrespective of how you use it. Probably the best way to understand it is to follow through some command sequences using the above example.txt file.
  • Let's say we wanted to give the group execute access then we could type
    chmod g+x example.txt
    this says to add (+) execute (x) to the group (g) for file example.txt

  • Let's try again, this time we want to remove read access from everyone else, in which case we would type
    chmod o-r example.txt
    this says to remove (-) read (r) from other (o) for file example.txt

  • Or irrespective of what the value is at present, give read, write and execute access to the owner we could use
    chmod u=rwx example.txt
  • Finally to give each level the same value, we could use
    chmod a=rw example.txt
So in summary, - the first character indicates "who"
    where u is the owner, g is the group, o is everyone else and a is used for all,
- the second character is "the action required"
    where + says add, - says remove and = says make it,
- the next group of characters can be one or more of the following,
    r for read access, w for write access and x for execute/search,
- the last value is the file name or wild card name to which this applies.
There will be those out there who may prefer to use a different method which is considered to be obsolete but is still supported, in which case it might be worth understanding that variant too. Here the various combinations of security options are represented by a binary value made up as follows:
    0400  (= u=r)  Read by owner
    0200  (= u=w)  Write by owner
    0100  (= u=x)  Execute (search in directory) by owner
    0040  (= g=r)  Read by group
    0020  (= g=w)  Write by group
    0010  (= g=x)  Execute/search by group
    0004  (= o=r)  Read by others
    0002  (= o=w)  Write by others
    0001  (= o=x)  Execute/search by others
    
Simply add the values in each column to get the required value, for example Read by owner and Write by Owner = 4 + 2 in the second column above, while Read by others and Execute/search by others = 4 + 1 in the fourth column. The total value for the second, third and fourth columns is then used to express the required value, i.e. 605 in this example. If we wanted to repeat the previous steps we type the following:
  • Instead of chmod g+x example.txt we could use chmod 774 example.txt - this effectively sets all of the values for file example.txt in one hit, so it is important to get it right.
  • Similarly, instead of chmod o-r example.txt we could use chmod 760 example.txt
  • Again, instead of chmod u=rwx example.txt we could use chmod 764 example.txt
  • Finally, instead of chmod a=rw example.txt we could use chmod 666 example.txt

There MUST be an easier way!
Now that you know about all of the gory details, you need to know that there is an easier way. Probably the easier way to manipulate files and folders is to use Konqueror, which is a file browser installed with KDE, and can be run from the menu within KDE (Debian Menu > Apps > System > Konqueror. This can be run from any user, but you may need to enter the root password to use the program. When the program runs you will be greeted by a screen with a single icon labelled Desktop. If you click on one of the icons there using the right mouse button you will see "Properties" at the bottom of the menu. If you select this using the left mouse button another window will appear. The General tab is displayed which shows the file or folder name, it's size and location etc. If you click on the Permissions tab, you will see a matrix of boxes, some of which will have x's in them corresponding to the rwx values for each level as previously discussed. If you have the necessary permissions you can simply click on a box to turn the option on or off, and click on OK when you have finished. There are some boxes there you probably don't understand at present, so don't fiddle with them until you do. You have been warned! One extra box that is worth explaining though is the box at the bottom labelled "Apply changes to all subdirectories and their contents" - this does exactly what it says and can be very useful.

More to it than Meets the Eye!
As well as this structured approach to file and folder access, Linux holds a few Aces up its sleeve, in that some folders are restricted to root only, irrespective of what security options they have set, and these cannot be changed. Moreover some of the more powerful commands are stored in such directories so that they can only be accessed by the root user. This means that there are going to be times when you have to log in as the root user to execute such commands etc, for example anything stored in an sbin directory is restricted to the root user irrespective of where it lives, although they can be executed by other users using a pseudo login which requires the root password to be used as with kuser and konqueror above, but even then they will not necessarily have full rights.

The next aspect we need to understand are the Text Editors.

Disclaimer: Amiga Auckland have prepared the above information for the use of its members based on our experiences and as such is subject to revision at any time. Amiga Auckland cannot guarantee any of the information and cannot be held accountable for any issues that may result from using it.


Copyright 2005 Amiga Auckland Inc. All rights reserved.
Revised: September 25, 2005.