UNIX Advanced Environment Programming (4) files and Directories-umask, chmod, file system organizational structure and links

Source: Internet
Author: User

This article mainly introduces some functions commonly used in file and file system, the organization structure of file system and the hard link, symbolic link.

By understanding this knowledge, you can have a more comprehensive understanding of the Linux file system.

?

1 umask function

Before we learned about the 9 bits (bit) of each file's permissions, let's now look at the file permissions that are set by default when each process creates a file (the file mode creation mask).

The Umask function sets the default permission mask (the file mode creation mask) for creating files, and returns the previous permission mask value.

#include <sys/stat.h>

mode_t umask (mode_t cmask);

The file mode creation mask functions: When the process creates a new file, the files are created based on the mask value, the bits opened in the mask value, and the permission bits of the corresponding new files are closed.

The function of Umask is simply to block out the permission bits that the user does not want to take into effect when creating a new file.

Example:

#include "Apue.h"

#include <fcntl.h>

?

#define RWRWRW (s_irusr| s_iwusr| s_irgrp| s_iwgrp| s_iroth| S_iwoth)

?

Int

Main (void)

{

? ? Umask (0);

? ? if (Creat ("foo", RWRWRW) < 0)

????? Err_sys ("creat error for foo");

? ? Umask (S_irgrp | S_iwgrp | S_iroth | S_iwoth);

? ? if (Creat ("Bar", RWRWRW) < 0)

???? ? Err_sys ("creat error for Bar");

? ? Exit (0);

}

Run:

Result Description:

The Shell's umask command displays the current file creation permission mask.

0022 represents the new file created, and the group user and other users do not have permission to write the file.

In the program, first with the default permission settings to create the file foo, its permission bit 666, as to why the current user does not have permission to execute, I have not figured out, leave a pit @suzhou.

The Umask value is then modified to 0077, which masks the read and write permission bits of the group user and other users, so the new file bar is created, and its permission bit is 600.

?

2 chmod, Fchmod, and Fchmodat functions

Function: Modifies the permission bit of an existing file.

function declaration:

#include <sys/stat.h>

int chmod (const char *pathname, mode_t mode);

int fchmod (int fd, mode_t mode);

int fchmodeat (int fd, const char *pathname, mode_t mode, int flag);

Difference

    • chmod: Acting on a specified file
    • Fchmod: Action on a specified file that is already open
    • Fchmodat: Similar to the previous function, when pathname is an absolute path, or FD takes a value of AT_FDCWD and pathname is a relative path, the Fchmodat function is the same as chmod; The working directory for FD Specifies the parent directory path plus pathname as the parent directory subdirectory. The parameter flag is used to specify the behavior of the Fchmodeat: When the value is At_symlink_nofollow, the permission modification does not track the symbolic link and only modifies the permissions of the symbolic link file.

Permission requirements: To modify the permissions of a file, the effective user ID of the current process needs to be the same as the owner ID of the file, or the process has superuser privileges.

The constants that represent the individual permission bits are shown in the following table:

Example:

Modify the permissions of the two files Foo and bar created in the example above.

#include "Apue.h"

?

Int

Main (void)

{

? ? struct stat?? Statbuf;

?

? ? /* Turn on Set-group-id and turn off Group-execute */

?

? ? if (Stat ("foo", &statbuf) < 0)

????? Err_sys ("Stat error for foo");

? ? if (Chmod ("foo", (Statbuf.st_mode & ~S_IXGRP) | S_isgid) < 0)

????? Err_sys ("chmod error for foo");

?

? ? /* Set Absolute mode to "rw-r--r--" */

?

? ? if (chmod ("Bar", S_IRUSR | S_IWUSR | S_irgrp | S_iroth) < 0)

???? ? Err_sys ("chmod error for Bar");

?

? ? Exit (0);

}

Operation Result:

Result Description:

    • Before executing the program, Foo has a permission of 666, the program first uses the STAT function to obtain the file information exists in Statbuf, the set user execution bit (S_IXGRP) is 0, and the bit is S (s_isgid).
    • Before executing the program, bar's permission bit 600, the program set the file of the group users and other users have Read permission, after the successful setting, you can see the bar's file permission bit 644.

Advanced Permissions (Suid/sgid/sticky Bit) file special permission Description:

    • SUID (Set UID): Will make the permission of S, the permission number is 4. This permission can only be used for executables, not for directories, nor for Shell script. Enables a general consumer to temporarily have permission to the owner of the file while executing the file.
    • SGID (Set GID): Make the S permission, the permission number is 2. This permission can be used for directories and files. When acting on a directory, the group of all files and directories created under that directory is the group of that directory, and when the file is applied, the active group (effective group) will become the group owner of the program, regardless of who the user is executing it (group ID )。
    • Sticky Bit: Make the T permission, the permission number is 1. This permission can only be used for directories. In the directory where this permission is used, if the user has w,x permissions, then the files and directories that he creates can only be deleted by the owner and root of the file.
    • Note: When a character represents a permission, S and T are in the position of X, meaning that they are meaningful in executable files and directories. If the file or directory itself you, G, or o does not have executable permissions, then it is in the permission group that appears s or T, meaning empty. The use of numbers to express permission, that is, in front of the RWX plus 4, 2, 1 is the combination, such as 1777.

?

3 Sticky Bit (S_ISVTX)

The Sticky bit has a lengthy history and is not mentioned here.

Function: If the folder's sticky bit is opened, the file in the folder is deleted or renamed one of the conditions that needs to be met: The current user has write access to the folder, the current user is the owner of the file, the current user is the owner of the folder, and the current user is the superuser.

The typical two folders that open the sticky bit are/tmp and/VAR/TMP, both of which have read-write and Execute permissions for all users, so that all users can create files under the folder, but they cannot delete files owned by other users.

?

4 Chown, Fchown, Fchownat, and Lchown functions

Function: Modify the user ID and group ID of the file, if the parameter owner and group have a value of-1, the corresponding ID value is unchanged.

#include <unistd.h>

int chown (const char* Pathname, uid_t owner, gid_t Group);

int fchown (int fd, uid_t owner, gid_t Group);

int Fchownat (int fd, const char* Pathname, uid_t owner, gid_t grou, int flag);

int Lchown (const char* Pathname, uid_t owner, gid_t Group);

Difference:

When the target file is not a symbolic link, the above four functions are basically the same.

When the destination file is a symbolic link file, and the function Lchown and Fchownat flag are set to At_symlink_nofollow, the two functions modify the owner of the symbolic link file itself, not the file that the symbolic link points to.

The Fchown function modifies the owner of an open file that is represented by FD. Because Fchown operates a file that is already open, it cannot be used to modify the owner of a symbolic link.

Fchownat function Behavior: When the parameter pathname is an absolute path, or the value of the parameter FD is AT_FDCWD and pathname is a relative path, the Fchownat function behaves like chown and lchown; In particular, the flag value At_ Behavior is similar to Lchown when Symlink_nofollow, otherwise behavior is similar to Chown. When FD represents a folder that has been opened, pathname is a relative path, the destination file is a file that is referred to as the parent directory of FD and pathname as a relative subdirectory.

?

5 File size

The member st_size in the stat struct represents the size of the file in bytes.

The fields st_size only to regular files (regular files), directory files (directories), and symbolic link files (symbolic links).

For more details:

    • Normal file size allowed is 0;
    • The size of the catalog file is often an integer, such as 16 or 512;
    • The size of the symbolic link file is the length of the linked file name, such as the symbolic link lib->usr/lib, the size is 7, exactly the string "usr/lib" length, and does not need to be like a C-style string +1.

?

6 Truncation of files (file truncation)

Sometimes we need to truncate the file by discarding the end part of the file.

function declaration:

#include <unistd.h>

int truncate (const char* pathname, off_t length);

ITN ftruncate (int fd, off_t length);

Function: truncates the target file to the length specified by the parameter length.

Parameter: If the value of the parameter length is smaller than the length of the specified file, the portion of the file that is longer than length is unreadable; if the value of length is larger than the length of the specified file, the length of the file is extended to length, and the extended portion is 0 (possibly a hole)

?

7 filesystem (File systems)

To understand file links, we need to have a conceptual understanding of the structure of UNIX file systems.

A disk drive can be divided into multiple partitions (partition), each of which can contain a file system.

The inode is a fixed-length index that contains most of the information for a file.

The memory layout for i-nodes and data blocks is as follows:

Description

    • Two directory Indexes (directory entry) point to the same I-node index (I-node entry). That is, multiple folders contain the same file (possibly through hard links or soft links), and each inode is represented by a field, link count, which contains the number of directory indexes that point to the I-node. only if the value (link count) is 0 o'clock, the file is deleted (releasing the data blocks the file occupies). The function to remove directories described later in the index is not called Delete, but unlink. In the stat data structure, link count corresponds to the field st_nlink. The links mentioned here are hard links.
    • Another link is a symbolic link. The file name of the link to the file is stored in the data block of the symbolic link file (previously mentioned). The value of the file Type field in the corresponding i-node should be S_iflink, which tells the file system that the current file is a symbolic link.
    • I-node contains all the information of the corresponding file: such as file type, pointer to file data block, file permission bit, file size, etc. Most of the fields in the stat data structure are obtained from I-node. There are two field values in the directory index: filename (file name) and I-node (I-node number). The number of I-node corresponds to the data type ino_t.

Let's take a look at the link count field of the catalog file.

When we execute the following command:

mkdir TestDir

? The in-memory data organization structure is as follows:

As you can see, each additional file or folder in the directory, link count will add 1.

The picture shows are very clear, do not do too much to repeat (in fact, I am lazy, haha ...) )

?

8 link, Linkat, unlink, Unlinkat, and remove functions

As you can see from the front, multiple directory indexes can point to the same file, that is, multiple directories can contain the same file.

The role of link and Linkat is to create a link to a file that already exists.

function declaration:

#include <unistd.h>

int link (const char* existingpath, const char* NewPath);

int Linkat (int efd, const char* existingpath, int nfd, const char* newpath, int flag);

Function Details:

    • The function creates a new directory index NewPath, associated to the existing file Existingpath;
    • If NewPath already exists, returns an error;
    • NewPath only the last file name will be created, the other part of the path must already exist;
    • Linkat the function of the parameters and the previous Xxxat function introduced similar, here no longer repeat;
    • If the linked file is a symbolic link file, the parameter flag is used to control whether the currently created link is associated with the symbolic link (the default behavior) or the file to which the link is directed (At_symlink_follow);
    • In general, it is not possible to expand the file system to create links to prevent hard-link loops between file systems;
Let's look at the unlink function below.

function declaration:

#include <unistd.h>

int unlink (const char* pathname);

int Unlinkat (int fd, const char* pathname, int flag);

Function Details:

    • The function removes the directory index, and the link count of the inode for the file is minus 1, if link count is not 0, then there is another directory index pointing to the file, not deleting the file, or deleting the file;
    • The process must have write permissions and execute permissions on the directory;
    • If pathname is a symbolic link, unlink removes the symbolic link file instead of the entity file that the symbolic link points to. There is no function to directly delete the entity file.

function with unlink similar function remove:

#include <stdio.h>

int remove (const char* pathname);

Function Details:

    • Remove a file is equivalent to calling Unlink,remove a folder equivalent to calling RmDir (described later).

?

9 Rename and Renameat functions

function declaration:

#include <stdio.h>

int rename (const char* oldname, const char* newname);

int renameat (int oldfd, const char* oldname, int newfd, const char* newname);

Function Details:

    • If Oldname is not a directory path, it means that we are renaming a file or symbolic link. Where newname already exists, it cannot be the name of an existing directory. If newname already exists and is not a directory name, delete the existing file newname and rename the Oldname file to NewName. Permission requirements: We must have write access to the directory containing the oldname and newname files.
    • If Oldname is a directory path, we are renaming a directory. If newname already exists, it must be the name of a directory, and the directory must be an empty directory (only. And.. Index). In this case, delete the existing directory NewName and rename the directory Oldname to NewName. It is also important to note that newname cannot contain oldname. For example: You cannot rename the directory/usr/foo to/usr/foo/testdir because/usr/foo is a prefix for the new directory name and cannot be deleted.
    • If Oldname or newname is a symbolic link name, then the symbolic link itself is renamed, not the file that the symbolic link points to.
    • We cannot rename dot (.) and Dot-dot (.. Or, more specifically, these two special names cannot be the last part of the path name.
    • If Oldname and NewName are the same, the function returns successfully without doing anything.

The parameter meaning of the Renameat function is no longer mentioned.

?

10 Symbolic links (Symbolic links)

A symbolic link can be thought of as a non-direct pointer to a file, and a hard link can be seen as a direct pointer to a file because it points directly to the inode of the file.

    • Hard links are usually not cross-file systems;
    • Only super users can create hard links to a directory.

Symbolic links do not have a limit between file systems.

Because of the existence of symbolic links, when we manipulate a file or directory, we always need to know if the file is a symbolic link, and then determine whether the action object of the function is the file that the symbolic link points to or the symbolic link itself.

Summary of some of the common functions are tracking links, for reference only:

Example:

The link situation is as follows:

You can see that a ring appears because of a symbolic link.

Test it again:

We find that this is going to be an infinite loop.

The way to de-cycle is to use unlink to delete the symbolic link. One thing to note is that if the link that appears here is a hard link, it is much more difficult to delete the loop link. Therefore, only Administrator permissions can use the link function to establish a hard link to a file.

Sometimes symbolic links can cause confusing things, if the user is unfamiliar with symbolic links.

As shown below:

Symbolic links can be linked to a nonexistent file, and if the user is unfamiliar with the symbolic link, it is easy to be confused by this situation.

At this point, you can use the "-l" command of LS to see the "--" symbol, or the first bit of the preceding symbol "L" for symbolic links, or with LS "-f" command, the symbolic link file followed by an @ character.

?

11 Creating and reading symbolic links (Symbolic links)

Function: Creating Symbolic Links

function declaration:

#include <unistd.h>

int symlink (const char *actualpath, const char* sympath);

int Symlinkat (const char* actualpath, int fd, const char* sympath);

Parameter description:

    • The function does not require actualpath to exist, as seen in the example above.

Because the Open function opens the actual file that the symbolic link points to, you need a function to open the symbolic link itself.

function declaration:

#include <unistd.h>

ssize_t readlink (const char* Restrict pathname, char* restrict buf, size_t bufsize);

ssize_t readlinkat (int fd, const char* Restrict pathname, char* restrict buf, size_t bufsize);

If the call succeeds, the function reads the BUF long content from the symbolic link.

?

?

Resources:

"Advanced programming in the UNIX envinronment 3rd"

?

UNIX Advanced Environment Programming (4) files and Directories-umask, chmod, file system organizational structure and links

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.