Q6. Explain file system in linux. For starters, there is only a single hierarchal directory structure.

Everything starts from the root directory, represented by '/', and then expands into sub-directories. Where DOS/Windows had various partitions and then directories under those partitions, Linux places all the partitions under the root directory by 'mounting' them under specific directories. Closest to root under Windows would be c:\. Under Windows, the various partitions are detected at boot and assigned a drive letter. Under Linux, unless you mount a partition or a device, the system does not know of the existence of that partition or device. This might not seem to be the easiest way to provide access to your partitions or devices but it offers great flexibility. This kind of layout, known as the unified filesystem, does offer several advantages over the approach that Windows uses. Let's take the example of the /usr directory. This directory off the root directory contains most of the system executables. With the Linux filesystem, you can choose to mount it off another partition or even off another machine over the network. The underlying system will not know the difference because /usr appears to be a local directory that is part of the local directory structure! How many times have you wished to move around executables and data under Windows, only to run into registry and system errors? Try moving c:\windows\system to another partition or drive. Another point likely to confuse newbies is the use of the frontslash '/' instead of the backslash '\' as in DOS/Windows. So c:\windows\system would be /c/windows/system. Well, Linux is not going against convention here. Unix has been around a lot longer than Windows and was the standard a lot before Windows was. Rather, DOS took the different path, using '/' for command-line options and '\' as the directory separator. To liven up matters even more, Linux also chooses to be case sensitive. What this means that the case, whether in capitals or not, of the characters becomes very important. So this is not the same as This or This for that matter. This one feature probably causes the most problems for newbies. We now move on to the layout or the directory structure of the Linux filesystem. Given below is the result of a 'ls -p' in the root directory. bin/ dev/ home/ lost+found/ proc/ sbin/ usr/ boot/ etc/ lib/ mnt/ root/ tmp/ var//sbin - This directory contains all the binaries that are essential to the working of the system. These include system administration as well as maintenance and hardware configuration programs. Find lilo, fdisk, init, ifconfig etc here. These are the essential programs that are required by all the users. Another directory that contains system binaries is /usr/sbin. This directory contains other binaries of use to the system administrator. This is where you will find the network daemons for your system along with other binaries that only the system administrator has access to, but which are not required for system maintenance, repair etc. /bin - In contrast to /sbin, the bin directory contains several useful commands that are used by both the system administrator as well as non privileged users. This directory usually contains the shells like bash, csh etc. as well as much used commands like cp, mv, rm, cat, ls. There also is /usr/bin, which contains other user binaries. These binaries on the other hand are not essential for the user.

The binaries in /bin however, a user cannot do without. /boot - This directory contains the system.map file as well as the Linux kernel. Lilo places the boot sector backups in this directory. /dev - This is a very interesting directory that highlights one important characteristic of the Linux filesystem - everything is a file or a directory. Look through this directory and you should see hda1, hda2 etc, which represent the various partitions on the first master drive of the system. /dev/cdrom and /dev/fd0 represent your CDROM drive and your floppy drive. This may seem strange but it will make sense if you compare the characteristics of files to that of your hardware. Both can be read from and written to. Take /dev/dsp, for instance. This file represents your speaker device. So any data written to this file will be re-directed to your speaker. Try 'cat /etc/lilo.conf > /dev/dsp' and you should hear some sound on the speaker. That's the sound of your lilo.conf file! Similarly, sending data to and reading from /dev/ttyS0 ( COM 1 ) will allow you to communicate with a device attached there - your modem. /etc - This directory contains all the configuration files for your system. Your lilo.conf file lies in this directory as does hosts, resolv.conf and fstab. Under this directory will be X11 sub-directory which contains the configuration files for X. More importantly, the /etc/rc.d directory contains the system startup scripts. This is a good directory to backup often. It will definitely save you a lot of re-configuration later if you re-install or lose your current installation. /home - Linux is a multi-user environment so each user is also assigned a specific directory which is accessible only to them and the system administrator. These are the user home directories, which can be found under /home/username. This directory also contains the user specific settings for programs like IRC, X etc. /lib - This contains all the shared libraries that are required by system programs. Windows equivalent to a shared library would be a DLL file. /lost+found Linux should always go through a proper shutdown. Sometimes your system might crash or a power failure might take the machine down. Either way, at the next boot, a lengthy filesystem check using fsck will be done. Fsck will go through the system and try to recover any corrupt files that it finds. The result of this recovery operation will be placed in this directory. The files recovered are not likely to be complete or make much sense but there always is a chance that something worthwhile is recovered. /mnt - This is a generic mount point under which you mount your filesystems or devices. Mounting is the process by which you make a filesystem available to the system. After mounting your files will be accessible under the mount-point. This directory usually contains mount points or sub-directories where you mount your floppy and your CD. You can also create additional mount-points here if you want. There is no limitation to creating a mount-point anywhere on your system but convention says that you do not litter your file system with mount-points. /opt - This directory contains all the software and add-on packages that are not part of the default installation. Generally you will find KDE and StarOffice here. Again, this directory is not used very often as it's mostly a standard in Unix installations. /proc - This is a special directory on your system. We have a more detailed article on this one here. /root - We talked about user home directories earlier and well this one is the home directory of the user root.

This is not to be confused with the system root, which is directory at the highest level in the filesystem. /tmp - This directory contains mostly files that are required temporarily. Many programs use this to create lock files and for temporary storage of data. On some systems, this directory is cleared out at boot or at shutdown. /usr - This is one of the most important directories in the system as it contains all the user binaries. X and its supporting libraries can be found here. User programs like telnet, ftp etc are also placed here. /usr/doc contains useful system documentation. /usr/src/linux contains the source code for the Linux kernel. /var - This directory contains spooling data like mail and also the output from the printer daemon. The system logs are also kept here in /var/log/messages. You will also find the database for BIND in /var/named and for NIS in /var/yp. This was a short and basic look at the Linux filesystem.

Q7 Basic file attributes and file permissions. Linux Files and File Permission
Linux files are setup so access to them is controlled. There are three types of access: 1. read 2. write 3. execute Each file belongs to a specific user and group. Access to the files is controlled by user, group, and what is called other. The term, other, is used to refer to someone who is not the user (owner) of the file, nor is the person a member of the group the file belongs to. When talking about setting permissions for "other" users to use, it is commonly referred to as setting the world execute, read, or write bit since anyone in the world will be able to perform the operation if the permission is set in the other category.

File names and permission characters

File names can be up to 256 characters long with "-", "_", and "." characters along with letters and numbers. When a long file listing is done, there are 10 characters that are shown on the left that indicate type and permissions of the file. File permissions are shown according to the following syntax example: drwerwerwe There are a total of 10 characters in this example, as in all Linux files. The first character indicates the type of file, and the next three indicate read, write, and execute permission for each of the three user types, user, group and other. Since there are three types of permission for three users, there are a total of nine permission bits. The table below shows the syntax: 1 2 3 4 5 6 7 8 9 10 File User Permissions Group Permissions Other Permissions Type Read Write Execute Read Write Execute Read Write Execute d r w e r w e r w e

Character 1 is the type of file: - is ordinary, d is directory, l is link.

Characters 2-4 show owner permissions. Character 2 indicates read permission, character 3 indicates write permission, and character 4 indicates execute permission. Characters 5-7 show group permissions. Character 5=read, 6=write, 7=execute Characters 8-10 show permissions for all other users. Character 8=read, 9=write, 10=execute

There are 5 possible characters in the permission fields. They are:

r = read - This is only found in the read field. w = write - This is only found in the write field. x = execute - This is only found in the execute field. s = setuid - This is only found in the execute field. If there is a "-" in a particular location, there is no permission. This may be found in any field whether read, write, or execute field.

Examples
Type "ls -l" and a listing like the following is displayed: total 10 drwxrwxrwx 4 george team1 122 Dec 12 18:02 Projects -rw-rw-rw- 1 george team1 1873 Aug 23 08:34 test -rw-rw-rw- 1 george team1 1234 Sep 12 11:13 datafile Which means the following: Type and # of Files's File's Size in Date of last Filename Permission field Links Owner Group Bytes modification | | | | | | | drwxrwxrwx 4 george team1 122 Dec 12 18:02 Projects The fields are as follows: 1. Type field: The first character in the field indicates a file type of one of the following: o d = directory o l = symbolic link o s = socket o p = named pipe o - = regular file o c= character (unbuffered) device file special o b=block (buffered) device file special 2. Permissions are explained above.

3. Links: The number of directory entries that refer to the file. In our example, there are four. 4. The file's owner in our example is George. 5. The group the file belongs to. In our example, the group is team1. 6. The size of the file in bytes 7. The last modification date. If the file is recent, the date and time is shown. If the file is not in the current year, the year is shown rather than time. 8. The name of the file.

Set User Identification Attribute

The file permissions bits include an execute permission bit for file owner, group and other. When the execute bit for the owner is set to "s" the set user ID bit is set. This causes any persons or processes that run the file to have access to system resources as though they are the owner of the file. When the execute bit for the group is set to "s", the set group ID bit is set and the user running the program is given access based on access permission for the group the file belongs to. The following command: chmod +s myfile sets the user ID bit on the file "myfile". The command: chmod g+s myfile sets the group ID bit on the file "myfile". The listing below shows a listing of two files that have the group or user ID bit set.
-rws--x--x -rwxr-sr-x 1 root 1 root root mail 14024 Sep 9 1999 chfn 12072 Aug 16 1999 lockfile

The files chfn and lockfile are located in the directory "/usr/bin". The "s" takes the place of the normal location of the execute bit in the file listings above. This special permission mode has no meaning unless the file has execute permission set for either the group or other as well. This means that in the case of the lockfile, if the other users (world execute) bit is not set with permission to execute, then the user ID bit set would be meaningless since only that same group could run the program anyhow. In both files, everyone can execute the binary. The first program, when run is executed as though the program is the root user. The second program is run as though the group "mail" is the user's group. For system security reasons it is not a good idea to set many program's set user or group ID bits any more than necessary, since this can allow an unauthorized user privileges in sensitive system areas. If the program has a flaw that allows the user to break out of the intended use of the program, then the system can be compromised.

Directory Permissions
There are two special bits in the permissions field of directories. They are:

s - Set group ID t - Save text attribute (sticky bit) - The user may delete or modify only those files in the directory that they own or have write permission for.

Save text attribute

The /tmp directory is typically world-writable and looks like this in a listing:
drwxrwxrwt 13 root root 4096 Apr 15 08:05 tmp

Everyone can read, write, and access the directory. The "t'' indicates that only the user (and root, of course) that created a file in this directory can delete that file. To set the sticky bit in a directory, do the following: chmod +t data This option should be used carefully. A possible alternative to this is 1. Create a directory in the user's home directory to which he or she can write temporary files. 2. Set the TMPDIR environment variable using each user's login script. 3. Programs using the tempnam(3) function will look for the TMPDIR variable and use it, instead of writing to the /tmp directory.

Directory Set Group ID

If the setgid bit on a directory entry is set, files in that directory will have the group ownership as the directory, instead of than the group of the user that created the file. This attribute is helpful when several users need access to certain files. If the users work in a directory with the setgid attribute set then any files created in the directory by any of the users will have the permission of the group. For example, the administrator can create a group called spcprj and add the users Kathy and Mark to the group spcprj. The directory spcprjdir can be created with the set GID bit set and Kathy and Mark although in different primary groups can work in the directory and have full access to all files in that directory, but still not be able to access files in each other's primary group. The following command will set the GID bit on a directory: chmod g+s spcprjdir

The directory listing of the directory "spcprjdir": drwxrwsr-x 2 kathy spcprj 1674 Sep 17 1999 spcprjdir The "s'' in place of the execute bit in the group permissions causes all files written to the directory "spcprjdir" to belong to the group "spcprj" . Note: Linux files were displayed with a default tab value of 8 in older Linux versions. That means that file names longer than 8 may not be displayed fully if you are using an old Linux distribution. There is an option associated with the ls command that solves this problem. It is "-T". Ex: "ls al -T 30" to make the tab length 30.

Umask Settings
The umask command is used to set and determine the default file creation permissions on the system. It is the octal complement of the desired file mode for the specific file type. Default permissions are:

777 - Executable files 666 - Text files

These defaults are set allowing all users to execute an executable file and not to execute a text file. The defaults allow all users can read and write the file. The permission for the creation of new executable files is calculated by subtracting the umask value from the default permission value for the file type being created. An example for a text file is shown below with a umask value of 022:
666 Default Permission for text file -022 Minus the umask value ----644 Allowed Permissions

Therefore the umask value is an expression of the permissions the user, group and world will not have as a default with regard to reading, writing, or executing the file. The umask value here means the group the file belongs to and users other than the owner will not be able to write to the file. In this case, when a new text file is created it will have a file permission value of 644, which means the owner can read and write the file, but members of the group the file belongs to, and all others can only read the file. A long directory listing of a file with these permissions set is shown below.
-rw-r--r-1 root textfile.txt workgrp 14233 Apr 24 10:32

A example command to set the umask is: umask 022

The most common umask setting is 022. The /etc/profile script is where the umask command is usually set for all users. Red Hat Linux has a user and group ID creation scheme where there is a group for each user and only that user belongs to that group. If you use this scheme consistently you only need to use 002 for your umask value with normal users.