Linux Programming Learning notes----file type and attribute management under Linux

Source: Internet
Author: User
Tags lstat modifier readable ide hard drive

Reprint Please specify source: http://blog.csdn.net/suool/article/details/38318225

Part of the content is organized from the network, here thank you to the great God.


Linux file types and permissions Data Representation

The file property stores the member variable i_mode of the struct inode, which stores the file type and permission information for the file. The variable is of type short int.

Each bit function of this 16-bit variable is divided into:

    • 第0-8位 is the permission bit, read R write W and execute x permissions for the corresponding owner (user), other users (group) and other users (other).
    • 第9-11位 is a permission modifier bit, including setting a valid ID (setuid) bit, setting a valid user group ID (setgid), and pasting bits (sticky).
    • 第12-15位 is a file type bit.

Here's an example:

Drwxr-xr-x 5 root root 03:27 Desktop

The first, third, and fourth domains are associated with file permissions. The third domain is the owner of the file, the fourth domain is the group that owns the file, and the first domain restricts access to the file. In this example, the owner of the file is root, the group that belongs to is root, and the file access is drwxr-xr-x. For files and directories, each file and directory has a set of permission flags that are combined with them, in the above example, the contents of the first domain. Here's a closer look at the meanings of each symbol in this field:

The field consists of 10 characters, which can be divided into four groups, with the following meanings:

D rwx R-x R-x

File type Owner permission Flag Group permission flag other user rights flag


which

File type: first character.

Since the Linux system treats devices, directories, and files as files, this character indicates the type of the file, and the meaning of the character corresponds to the following table:

File Flag File Type example

  • -Normal file data files, ASCII Plain text files, programs
  • Catalogue d/bin
  • B-Block device/dev/hda (first IDE hard drive)
  • C-Character device/dev/ttys1 (equivalent to serial 2 of the DOS type)
  • S socket/dev/log
  • P Named pipe/dev/initctl (with "|" Equivalent
  • L Symbolic Link/dev/modem->/dev/ttys1
Permission Flags

There are 4 different types of users for each file or directory. Each class of users has a set of access rights to read, write, and execute (search) files, which are 4 types of users:

    • Root: System privileged User class, UID = 0 user.
    • Owner: The user who owns the file.
    • Group: The user group name of the user class that shares the groups access permissions for the file.
    • World: All other users who do not belong to the above 3 classes.


As root, they automatically have full read, write, and search permissions for all files and directories, so it is not necessary to explicitly specify their permissions. Other three types of users can authorize or revoke permissions on the basis of a delay in the file or directory. Therefore, for the other three categories of users, a total of 9 permission bits correspond to, divided into 3 groups, each group of 3, respectively, with R, W, x, respectively, corresponding to the owner, group, World.

Permission bits are slightly different from the meaning of files and directories.

Each group of 3 characters corresponds to a left-to-right order, for a file : Read the contents of the file (r), write the data to a file (W), and execute the file as a command (x).

for a directory , read the file name (R) contained in the directory, write the message to the directory (add and delete the connection to the index point), search the directory (you can use the directory name as the pathname to access the files or subdirectories it contains).

Specifically, it is:

1. A user with read-only permission cannot enter the directory with a CD, and must have execute permissions to enter it.

2. Users with Execute permissions can access files in the directory only if they know the file name and have read permission for the file.

3. You must have read and Execute permissions to use LS to list directory listings, or to use CDs to enter the directory.

4. If the user has write permissions to the directory, you can create, delete, or modify any file or subdirectory under the directory, both of which belong to another user.

========================================================================================================

Modify File Permissions

First, modify the ownership of the file, using the chown and CHGRP commands :

Chown new_user file or directory: Modifies the owner of the files or directories.

CHGRP new_group file or directory: Modifies the owning group of the files or directories.


It is important to note that ordinary users cannot take ownership of files or directories with others, only Root has this permission. However, a normal user has the right to change the owning group of a file or directory .

Because the permissions of each class of users are made up of rwx three bits, you can use three octal numbers to represent access to a file. An octal number can be represented by three binary digits, then corresponds to a bit corresponding to r with a weight of 4, a bit corresponding to a weighted value of 2 W, and a bit corresponding to X for a weight of 1. For a class of users, by multiplying the three bits with their corresponding weights, you can derive access to that type of user.

the command to change file access is chmod, in the following format:

chmod permission file_name

For example, chmod 764 a.txt, which indicates that for the owner of a file, has permission to read, write, and execute the file. For the user of the group to which the file belongs, have read and write permissions. For other users, only Read permissions.


chmod is a command that sets file permissions under Linux, followed by a number that represents the permissions of different users or groups of users .

It is usually three digits:
The first number indicates the permissions of the file owner
The second number indicates the permissions of other users who belong to the same user group as the file owner
The third number represents the permissions of the other user groups.

Permissions are divided into three types: read (r=4), write (w=2), execute (x=1) . The combination also has a readable executable (rx=5=4+1), a readable writable (rw=6=4+2), and a readable writable executable (rwx=7=4+2+1).

Therefore, chmod 755 sets the user's permissions to:

1. File owner readable writable executable
2. Other user-readable executables that belong to the same user group as the file owner
3. Other user groups can read the executable

The difference between chmod 4755 and chmod 755 is that it starts with a bit more, and this 4 means that other users have the same permissions as the owner when they execute the file .

For example: The root user has created an Internet authentication program Netlogin, if other users want to use the Internet access to the program, it requires the root user to run chmod 755 netlogin command to enable other users to run Netlogin.

However, Netlogin may need access to some files that only the root user has access to, and other users may not be able to access the Internet because they do not have enough permissions to perform netlogin.

In this case, you can use the chmod 4755 Netlogin to set up other users in the execution netlogin also have root user rights, so that the internet smoothly.

PS: Invalid for shell script settings! Valid only for Applications!


It is important to note that: the creator of the file is the only normal user who can modify the access to the file, and the other user who can modify the file access is root.

There is also a way to express, is to use a string to set the file access permissions。 Where read with R, write with W, execution is represented by X, the owner is represented by U, the group user is represented by G, the other user is represented by O, and all users are represented by a. So the example above is written as follows:

chmod a+r,u+w,u+x,g+w A.txt


======================================================================================

permission modifier bits

suid meaning : This bit of the file is set to 1, when the file is executed, the file will run as the owner, that is, whoever executes the file, he has the privileges of the owner of the file, if the owner is root, then the executor has superuser privileges, This is the bit that will become a security vulnerability, so do not set that bit easily.

sgid meaning : The runner will have permissions for all groups of files.

sticky Bonding bit : Requires the operating system is not only after the executable program exits, still want to keep the image of the program in memory, in order to save the startup time of large programs, but will occupy the system resources, so set this bit, rather than write the program.

setuid; setgid;sticky bit difference

Each file has the owner and group number, set UID, set GID can change the user's permissions to the file: Write and execute.

SETUID: Has the permission of the file owner at execution time.
Setgid: Sets the directory. A directory is marked with the Setgid bit, and the files created under this directory inherit the properties of the directory.
Sticky bit: This bit can be understood as an anti-delete bit. After you set the sticky bit, the user can only add files and not delete files, even if they have write access to the directory.

How to set

The operation of these flags is the same as the command to manipulate the file permissions, both of which are chmod. There are two ways to do this,

1) chmod U+s Temp--add setuid flag to temp file. (setuid only valid for files, u= users)
chmod g+s tempdir--add setgid flag for TempDir directory (setgid only valid for directory, g= group name)
chmod o+t Temp--Adds a sticky flag to the temp file (sticky only works on the file)

2) Adopt Octal method. The meaning of this set of octal digits three bits is as follows,
Abc
The A-SETUID bit, if the bit is 1, indicates the setting setuid
The B-setgid bit, if the bit is 1, indicates the setting setgid
The C-sticky bit, if the bit is 1, indicates the setting sticky


Once set, you can use Ls-l to view it. If there is an X on that bit, these special flags appear as lowercase letters (s, s, T). Otherwise, it is shown in uppercase letters (s, S, T)
Such as:

rwsrw-r--indicates a setuid flag (rwxrw-r--:rwsrw-r--)
rwxrwsrw-indicates a setgid flag (rwxrwxrw-:rwxrwsrw-)
RWXRW-RWT indicates a sticky flag (RWXRW-RWX:RWXRW-RWT)

==============================================================================================================

Executable file under Inux/unix:

is set to Setuid, when a program once set the tag, the process using the executable will have the permission of the owner of the executable file, can promote the user's permissions, ordinary users can perform the change command, to upgrade themselves to root .

Setuid usage is: chmod 4755 program or chmod u+s program (setuid only valid for files)

Setgid is set, so the process that uses the program will have the permissions of all the groups in the program, setgid files are rarely used, usually setuid and setgid, and Setuid,setgid to bind special permissions for a particular user and its group.

Setgid usage is: chmod 2755 dir or chmod g+s dir (setgid only valid for directory)

Also set the usage of Setuid,setgid: chmod 6755 Program

is set to the sticky bit, the usage of the setting is: chmod 1777 file or chmod o+t file (sticky only valid for files)

When a directory is set to "sticky bit" (with chmod a+t), the files in this directory can only be
First, Super admin delete
Second, the owner of the directory is deleted
Third, the owner of the file is deleted
This means that even if the directory is writable by anyone, only the owner of the file can delete the file.

Property Management for Files

1. Read File properties

Using the STAT function, the following example:



The structure of the stat contains the following: see the stat.h header file, the specific interpretation of the document see: http://blog.csdn.net/xuemiao1234/article/details/5544226

The structurestatcontains at least the following members:

struct Stat {    dev_t         St_dev;       The file's device number    ino_t         St_ino;       Node    mode_t        st_mode;      The type of file and access permissions    nlink_t       st_nlink;     The number of hard connections to the file, the newly created file value is 1    uid_t         st_uid;       User ID    gid_t         st_gid;       Group ID    dev_t         st_rdev;      (device type) If this file is a device file, its device number    off_t         st_size;      Number of File bytes (file size)    unsigned long st_blksize;   Block Size (file system I/o buffer size)    unsigned long st_blocks;    Number of blocks    time_t        st_atime;     Last access time    time_t        st_mtime;     Last modified time    time_t        st_ctime;     Last change time (refers to attribute)};

Functions with the same query function have Lstat, see http://pubs.opengroup.org/onlinepubs/7908799/xsh/lstat.html

Query function for opening file: Fstat, see http://pubs.opengroup.org/onlinepubs/7908799/xsh/fstat.html

Also in the Modify command above, for files that have already been opened, use the Fchmod type, plus the F prefix.

The following is an example program that uses the Lstat function to query file properties to print the corresponding prompt based on the type of file.

The code is as follows:

#include <sys/types.h> #include <sys/stat.h> #include <stdlib.h> #include <stdio.h>int main ( int argc, char *argv[]) {int i;struct stat Buf;char *ptr;for (i = 1; i < argc; i++) {printf ("%s:", Argv[i]); if (Lstat (a Rgv[i], &buf) < 0)//obtains information about the File{perror ("Lstat"); continue;}                        if (S_isreg (buf.st_mode)) ptr = "Regular file";                      Regular Fileelse if (S_isdir (buf.st_mode)) ptr = "directory file";              Directory Fileelse if (S_ISCHR (buf.st_mode)) ptr = "character special file";                  Character_special Fileelse if (s_isblk (buf.st_mode)) ptr = "Block special file";                           Block_special Fileelse if (S_isfifo (buf.st_mode)) ptr = "FIFO file";                       Pip File#ifdefs_islnkelse if (S_islnk (buf.st_mode)) ptr = "symbolic link";                              Link File#endif#ifdefs_issockelse if (s_issock (buf.st_mode)) ptr = "socket"; Socket File#endIFELSEPTR = "* * Unknown mode * *"; Unknown fileprintf ("%s\n", PTR); }return 0;}


OK, that's all.

The Next:

Application project implementation of file management

Some important points of knowledge about file management systems:

Inode

Next-generation file management system Btrfs

Hard links, soft connections


Reprint Please specify source: http://blog.csdn.net/suool/article/details/38318225

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.