Skills accumulated in Linux over the past five years (1) -- file attributes

Source: Internet
Author: User
Skills accumulated over the past five years in Linux (1) -- File attributes this article mainly describes the hidden attributes and special permissions of files. a script has a SUID-like skill, there is also a solution to mp3 file garbled characters. Www.2cto.com author JHGao from... information & nbs skills accumulated in Linux over the past five years (1) -- File attributes this article describes the hidden attributes and special permissions of a file. a script has a SUID-like skill, there is also a solution to mp3 file garbled characters. Author: JH Gao www.2cto.com It has been five years since I first came into contact with Linux. like everyone else, I have to deal with it. Once in a while, I will record the method. now I will briefly summarize it. Therefore, the command function can be used by man. I only list what I think is commonly used. 1. file hiding attribute www.2cto.com lsattr: lists the hidden attributes of a file. chattr: modifies the hidden attributes of a file. [plain] [root @ www ~] # Chattr [+-=] [ASacdistu] FileName +: Add one attribute-: Remove one attribute =: Set to be the only attributes that the files have important option "": only the content of the file can be appended, but the content cannot be modified or deleted. "I": the file cannot be deleted, renamed, or created a link pointing to it, but cannot be written to the file. 2. file special permissions SUID/SGID/Sticky Bit if a SUID or SGID Bit is set for an executable file, the file owner (SUID set) will be owned when the file is executed) or the group (with SGID set) permission. For example, a common user cannot enable the httpd service because the httpd service requires port 80, while a Port lower than 1024 can only be used by the root user. If we set the httpd executable file owner to root and set the SUID bit, normal users can also enable the httpd service. If Sticky is set for a directory, only the owner of the file can delete the file. In Linux, the/tmp directory sets this bit by default: [plain] drwxrwxrwt 12 root 16384 Mar 6 tmp/The main usage is as follows: [plain] SUID for files: run directory with the permission of the FILE owner: SUID cannot be set for directory SUID: chmod u + s FILE chmod 4755 file sgid for FILE: run directory with the permission of the FILE group: the files in the directory inherit the attributes of the directory to set SGID: chmod g + s FILE/DIR chmod 2771 FILE/DIR Sticky for files: Cannot set Sticky for files: only the owner of files in this directory can delete them. Set Sticky: chmod o + t DIR chmod 1777 DIR to set special permissions with letters: u + s g + s o + t to indicate special permissions with numbers, then: 4 for SUID 2 for SGID 1 for Sticky note that SUID bits cannot be set in shell, python, perl, and other script files, because they are actually interpreted and run by bash, python, and perl interpreters. To make the script file have features similar to SUID, you need to do some tricks. To put it simply, we need a shell. the SUID/SGID bit can be set for this layer of shell, and the script actually works in the shell. For example, we have a script/home/scripts/bin/myscript. sh: The owner is a common user, but the operation in the script requires the root permission. now we use the C language to write this shell named transeuid. c: [cpp]/* author: JH Gao # Create Date: 2012-06-05 # Function: transmit euid and egid to other scripts # since shell/python /... scripts can't get suid permission in Linux #****************************** ***************************************/ # include # Include # Include # Define BUFFSIZE 1024/** usually euid is the uid who run the program * but when stick is setted to the program * euid is the uid or the program's owner */int main (int argc, char * argv []) {char * cmd = "/home/logs/bin/myscript. sh "; char * pars [] = {"/home/logs/bin/myscript. sh "," par1 "," par2 "}; // set uid and gid to euid and egid setuid (geteuid (); setgid (getegid ()); if (execvp (cmd, pars) {printf ("e Rror "); free (cmd); exit (1);} free (cmd);} compile this program, set the desired user for this program, and then set suid, then you can use this user's permission to execute the script or command: [plain] $ gcc-t transeuid. c $ sudo chown root transeuid $ sudo chmod + s transeuid $. /transeuid ...... do something, of course, can be obtained from external sources for specific scripts and parameters to be executed. for details, refer to the previous article "pass euid and egid to the script so that the script has special user permissions". Below:

-------------------------------------------------------
Pass euid and egid to the script, so that the script has special user permissions so that the script implementation is similar to setting the stick bit effect www.2cto.com author: Gao Peng Shell, python, perl, and other scripts and programs cannot obtain suid, because these script programs need to be executed by the interpreter-/bin/bash,/usr/bin/python, etc, these interpreters are neither suid nor convenient to set suid. In this case, you can use c to write a shell, set suid for this shell, and pass its uid and gid to the script that actually executes the task in the c program. (This method is to read the Roc Zhou (Learned when writing the tool) the program www.2cto.com c is as follows: C code/* # ScriptName: transeuid. c # Author: JH Gao # Create Date: 2012-06-05 # Function: transmit euid and egid to other scripts # since shell/python /... scripts can't get suid permission in Linux # usage: transeuid xxx. sh par1 par2 par3 # xxx. sh will get the euid and egid from transeuid #****************************** ***************************************/ # include # Include # Include # Define BUFFSIZE 1024/** usually euid is the uid who run the program * but when stick is setted to the program * euid is the uid or the program's owner */int main (int argc, char * argv []) {char * cmd = malloc (BUFFSIZE); // set uid and gid to euid and egid setuid (geteuid (); setgid (getegid ()); cmd = argv [1]; int I = 0; for (I = 0; I <argc-1; I ++) {argv [I] = argv [I + 1];} argv [argc-1] = NULL // search $ PATH find this cmd and run it with pars: argv if (execvp (cmd, argv) {printf ("error"); free (cmd); exit (1) ;}free (cmd) ;}compile this program, set suid for the user to be obtained for the program, and then run the script or command with the user's permission: Shell code $ gcc-t transeuid. c $ sudo chown root transeuid $ sudo chmod + s transeuid $. /transeuid ls/root/home :... data. directory gp_old using jh_old lost + found/root :.... bash_history. bashrc. cache. invalid. profile. pulse. pulse-cookie. viminfo

However, it is important to note that such tricks pose great security risks. 3. Finally, the command to solve mp3 file garbled characters in Linux is: [plain] find. iname "*. mp3"-execdir mid3iconv-e gbk -- remove-v1 {}\;

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.