Parsing Linux special files _unix Linux

Linux can use the LS–L command to determine the file type, as shown in the figure above. Can be judged by the 10 characters in the first column.
-rw-r-r-indicates that the 1.txt file is a normal file, and that both 1.txt and myprog04 files are normal files. The "-" starts with a normal file, and a directory file begins with "D".
The brw-rw----indicates that/DEV/SDA1 is a block Device file. Files that start with "B" are block device files. •
CRW-RW----Indicates that/dev/lp0 is a character device (Chartacter Device) file, and files that start with "C" are character device files.
srwxrwxrwx indicates that the/var/lib/mysql/mysql.sock is a socket file. Files that start with "" are socket files.
prwxr-r--pointed out that mypipe is a pipe file. One of the properties of the piping file is "P".
lrwxrwxrwx indicates that softlinkof1.txt is a soft link file (or symbolic link file), which points to 1.txt. A file that starts with "L" is a soft link file.
The hard_link_of_1.txt at the beginning of-rw-r-r-looks like a normal file, but it's actually a hard link file.
-rwsr-xr-x indicates that MYPROG01 is a setuid executable file, which is judged by the fourth character "S".
-rwxr-sr-x indicates that myprog03 is a setgid executable file, which is judged by "s" in the seventh character.
-rwsr-sr-x indicates that MYPROG02 is a setuid and Setgid executable, which is judged by "s" in the fourth and seventh characters.
The first "D" in DRWXRWXRWT indicates that the TMP file is a directory, and the last character "T" indicates that the directory is set to a sticky bit.

First, equipment files

There is a large number of device files in the/dev directory under Linux. It is primarily a block device file and a character device file.

Block device files

In the past, when new disks were added, it was often necessary to manually increase the block device files. Now usually we do not need to manually add block device files, run the service kudzu start, the system will automatically configure the appropriate device for you. The main feature of block device is that it can read and write randomly, and the most common block device is disk, such as/DEV/HDA1,/dev/sda2,/dev/fd0, etc.

Character device files

Like block devices, we can generally use the service kudzu Start command to automatically add, remove, or modify character devices. The most common character devices are printers and terminals, and they can accept character streams.

/dev/null is a very useful character device file, and everything that feeds into this device is ignored. If you redirect the output of any program to/dev/null, you will not see any output information. Even, you can point a user's shell to/dev/null to prevent it from landing.

Piping device Files

Pipe device files are sometimes called FIFO files (FIFO is the first out of the meaning), literally, the pipe device file is flowing from one end to the other. Usually we will do some work in it, in order to achieve our "eat is the grass, squeeze out the milk" purpose, the pipeline document also has its magical use.

Previously, Unix systems had a 2GB limit on the maximum amount of files used, although the new version of Linux, Solaris, FreeBSD, and so on are no longer available, but the need to handle large files still exists, assuming you want to back up a partition with a capacity of 20GB partitions in the form of a mirror (DD command) will produce a 20GB file, depending on the actual use of your disk, this file after compression may be only a few MB to several GB, we can create a pipeline file to automatically implement this compression process.

[root@linux236 root]# Mknod mypipe p
[root@linux236 root]# ls-l Mypipe
prw-r--r--1 Root 0 Aug 5 23:27 mypipe
[root@linux236 root]#

Here, we set up a pipe file called Mypipe, with the ls-l command you can see that its properties are prw-r--r--, with the following combination of commands to achieve mirroring and compression:

[root@linux236 root]# Compress < mypipe > Sda6.img.z &
[root@linux236 root]# DD If=/dev/sda6 of=mypipe
[root@linux236 root]# ls sda6.img.z
Sda6.img.z

The first command causes the files that flow out of the mypipe pipe to be compressed into sda.img.z files, noting that the "&" symbol must be used at the end of this command. The second command/dev/sda6 the data in the partition into the pipe file mypipe, in other words, the data in the/dev/sda6 partition enters the pipeline, and the compressed file Sda6.img.z files flow out of the pipe.

When exporting large databases such as Oracle, DB2, and so on, often generating large files, skilled database administrators tend to choose how to compress through pipelines, and for Oracle databases, we can use the following combination command:

This will compress the contents of the Oracle export directly into the Expdat.dmp.z file.

Compress < Mypipe > Expdat.dmp.z &
Exp Userid=system File=mypipe Owner=scott

Chapter II Link File

Linked files are somewhat similar to Windows's so-called shortcuts, but not exactly the same. Links are available in two ways, soft links and hard links.

Soft link File

A soft link is also called a symbolic link, which contains the path name of another file. can be any file or directory, you can link files of different file systems. Linked files can even link nonexistent files, which produces what is commonly called a "broken chain" problem (or "phenomenon"), linked files can even be linked to the loop itself. Similar to recursion in a programming language.

[yaoyao@linux236 yaoyao]$ Ls-l
Total 0
lrwxrwxrwx 1 Yaoyao Yaoyao 5 Aug 6 17:39 1.txt-> 3.txt
lrwxrwxrwx 1 Yaoyao Yaoyao 5 Aug 6 17:38 2.txt-> 1.txt
lrwxrwxrwx 1 Yaoyao Yaoyao 5 Aug 6 17:39 3.txt-> 2.txt

The three files above form a recursive, essentially without any effect. System administrators should avoid broken chains or circular links in the system.

A soft connection can be generated with the Ln-s command, as follows:

[root@linux236 test]# ln-s source_file softlink_file

When you read or write a symbol file, the system automatically converts the action to the source file, but when you delete the linked file, the system simply deletes the linked file without deleting the source file itself.

Hard link file

The Info ln command tells you that a hard link is another name for a pre-existing file (A "Hard link" is another name to an existing file), which is somewhat confusing. The Hard connection command is

ln-d Existfile NewFile

Hard link file has two restrictions

1, not allowed to create a hard link to the directory;
2. Links can only be created between files in the same file system.

The results are the same as soft links when read and write to hard linked files. However, if we delete the source file of the hard link file, the hard link file still exists, and the content is reserved. At this point, the system "forgot" it used to be a hard link file. and regard him as an ordinary document.

Three, SetUid, setgid files and directory files with sticky bits

Under Linux/unix, an executable file is setuid, which allows any consumer to bind the permissions of the file owner when executing the file. It's like a file with a sword. setuid files are typically used to elevate the user's permissions. The most representative Su command. Ordinary users can perform this command to upgrade themselves to root. The use of the setuid command is:

chmod 4755 Your_program

The SetGid file is very similar to the setuid file, which makes it possible for any user to bind the permissions of all groups of files when the file is executed. Individual setGid files are rarely used, usually setuid and setGid. But it may be a little different from what you suspect. Setuid+setgid is not typically used to elevate permissions, but to bind special permissions for a particular user and its groups, such as QMail's perimeter software Vpopmail, uses a setuid+setgid program VCHKPW to validate user names and passwords. This is the same reason that Apache often runs as a nobody user. The goal is to be more secure.

The use of the SetGid command is
chmod 2755 Your_program

Usually use commands
chmod 6755 Yourprogram

To enable an executable program to setuid and Setgid simultaneously.

The almighty root user can certainly arbitrarily setuid and setgid. But sword can not be used to fake the decree, ordinary users can only give their own files to configure setuid or Setgid. Because setuid or setgid files enable ordinary users to elevate their privileges, prudent system administrators will often be aware of changes in the system that have setuid or setgid files. Reduce security risks.

Under Linux,/tmp is a directory that holds temporary files, requiring that all users be writable. However, each user can only delete files that they own. In this case, you can add a sticky bit to the table of contents.

[Root@yaoyao/]# ls-l |grep tmp
DRWSRWSRWT 9 root 4096 August 7 10:50 tmp

Note that the first is a character "T", which represents that the directory is set to a sticky bit.

We set up a catalogue of ABC to have the same characteristics AS/tmp

CHMOD 777 ABC
chmod +t ABC

The above two command combinations are equivalent to one of the following commands:

chmod 1777 ABC

The attributes of the ABC directory with LS–L are as follows:

[Root@yaoyao test]# Ls-l

Total Dosage 4

DRWSRWSRWT 2 root 4096 August 7 11:32 ABC

The same requirements as the/tmp directory often exist in the FTP server's upload directory. Can be handled in the same way.

Four, Socket file

The socket file is similar to a pipe, but it works on the network. You go to the computer to rely on it to do network processing. You may have heard of "Winsock", which is a Windows socket. We're not going to go into the socket here, because if you don't write the program, you won't use it, but if you see a file type in your system that is s, you know what it is.

For example, when MySQL is running, it usually produces a socket file.

[Root@yaoyao tmp]# ls-l/tmp/mysql.sock

srwxrwxrwx 1 mysql MySQL August 7 10:03 mysql.sock

The/tmp directory also has some socket files, most of which are run xwindows.

V. Difficult and incurable diseases--delete files that are not removed

"Why do some files have filenames that start with a nasty minus sign ("-") and can't be erased anyway?, you may have heard the yell of a novice at your table and hope that the same thing won't happen to you, this is very easy to solve, you can remove them with a path-only method, Assuming that a file name is "-ABC", you can use:

Rm./-abc or
Rm/home/yaoyao/-abc

commands to easily remove them, and you can use VI or other tools to modify them in the same way.

Other files may appear to be all normal, but when you try to delete, you will also complain, as follows:

[root@linux236 root]# ls-l 1.txt
-rw-r--r--1 Root 0 Aug 5 23:00 1.txt
[root@linux236 root]# RM-RF 1.txt
Rm:cannot unlink ' 1.txt ': Operation not permitted

You are the almighty root user, incredibly the system tells you the operation is not allowed, is Linux crazy? Of course not, if you use the lsattr command, the problem has an answer.

[root@linux236 root]# lsattr
---i----------./1.txt
--------------./weiqi.ldif
--------------./qi.schema

The secret was finally revealed, under the Lsattr command, this 1.txt file has an "I" attribute, so it cannot be deleted. You can now use a series of commands below:

[root@linux236 root]# lsattr 1.txt
---i----------1.txt
[root@linux236 root]# chattr-i 1.txt
[root@linux236 root]# RM-RF 1.txt
[root@linux236 root]#

Successful, this property is specifically designed to protect important files from being deleted, and usually the system administrator who knows how to use these commands is able to determine if the file can be deleted. If you want to add more protection to a file, you can use the following command:

chattr +i filename

command, this will take one more step to delete the file. At the same time, such a file can not be edited and modified. Only the root user can use the chattr command. This command can be used on a Linux ext2 or ext3 system.

Similar to DOS and Windows file systems, files that can't be deleted are mostly justified, even if you know how to delete them, you should think twice.

Summarize

Linux/unix System Management is a complex work, and mastering and understanding Linux/unix file types is one of the essential foundations. There are no shortcuts to learning Linux/unix, it is necessary to learn through a lot of practice and hard work.