OPS145 Lab 4 Newversion: Difference between revisions
(→Also:) |
|||
Line 48: | Line 48: | ||
== Permissions for files == | == Permissions for files == | ||
The read and write permissions for files are pretty self-explanatory | The read and write permissions for files are pretty self-explanatory: | ||
* If you have '''read''' permission for a '''file''': the operating system kernel will allow you to read the contents of that file. | |||
* If you have '''write''' permission for a '''file''': the OS kernel will allow you to make changes to the contents of that file. | |||
No permission implies any other permission. For example having write permission does not imply you have read permission, even though you might feel that you should. | No permission implies any other permission. For example having write permission does not imply you have read permission, even though you might feel that you should. | ||
Line 61: | Line 64: | ||
The read and write permissions are used to secure access to files. The execute permission is just a convenience. | The read and write permissions are used to secure access to files. The execute permission is just a convenience. | ||
== Permissions for directories == | |||
Read, write, and execute permissions on directories are intuitive for some people, but for everyone they will make more sense if they begin their understanding by thinking of the concept of a file/directory on a filesystem. | |||
Remember that there's a difference between the '''file's records''' (e.g. name, size, modification date, permissions) and the '''file's actual contents'''. | |||
* For a file: its the contents are the bytes representing the text, image, or whatever data is in the file. | |||
* For a directory: its contents are the records of the files/directories contained inside that directory. Not the contents of those files/directories, but only their records. | |||
With that in mind: | |||
* If you have the '''read''' permission on a '''directory''': you will be allowed to read its contents, meaning: see what's inside the directory. | |||
* If you have the '''write''' permission on a '''directory''': you will be allowed to modify its contents, for example by copying a file into that directory, or deleting a file from that directory, or renaming a file in that directory. | |||
As with files, the '''execute''' permission for directories is more complicated. | |||
= Also: = | = Also: = |
Revision as of 12:26, 1 February 2024
!!!THIS PAGE IS NOT READY YET!!!
Binary review
Go back and review the binary stuff we looked at in the course introduction.
This lab is about POSIX permissions, and you need to be completely comfortable with binary-to-decimal and decimal-to-binary conversion from 000 to 111 (decimal 0 to 7).
Here's a summary of the absolute minimum you need to remember from that:
Binary | Decimal |
---|---|
000 | 0+0+0=0 |
001 | 0+0+1=1 |
010 | 0+2+0=2 |
011 | 0+2+1=3 |
100 | 4+0+0=4 |
101 | 4+0+1=5 |
110 | 4+2+0=6 |
111 | 4+2+1=7 |
Read, Write, Execute (rwx) permissions
On a Linux filesystem every file and directory has 9 bits of information allocated for reording basic permissions. Those 9 bits are split into three groups of 3 bits.
Each group of 3 bits records whether the following permissions are granted:
- read permission (most significant bit, on the left, decimal 4)
- write permission (second bit, in the middle, decimal 2)
- execute permission (least significant bit, on the right, decimal 1)
These are usually called "octal" rather than decimal, but I suspect you won't find any value in that extra complication, so you can just think of them as decimal numbers.
Permissions for files
The read and write permissions for files are pretty self-explanatory:
- If you have read permission for a file: the operating system kernel will allow you to read the contents of that file.
- If you have write permission for a file: the OS kernel will allow you to make changes to the contents of that file.
No permission implies any other permission. For example having write permission does not imply you have read permission, even though you might feel that you should.
The execute permission is more complicated.
Remember that on Linux file extensions don't make much difference. In Windows the operating system will attempt to execute anything with an .exe extension that you double-click on. Linux will refuse to execute any file which doesn't have execute permission.
On the surface it seems simple. You either are are are not allowed to execute a file. But the complications are in the details. What exactly does it mean to "execute" a file? Different people will have different answers to that question.
The easiest way to think about the execute permission on a file is as a hint: if this file has execute permissions: it is a program that's intended to be executed. If it doesn't have execute permissions: you are not meant to try to execute it, though if you really wanted to: you probably could figure out how to do it.
The read and write permissions are used to secure access to files. The execute permission is just a convenience.
Permissions for directories
Read, write, and execute permissions on directories are intuitive for some people, but for everyone they will make more sense if they begin their understanding by thinking of the concept of a file/directory on a filesystem.
Remember that there's a difference between the file's records (e.g. name, size, modification date, permissions) and the file's actual contents.
- For a file: its the contents are the bytes representing the text, image, or whatever data is in the file.
- For a directory: its contents are the records of the files/directories contained inside that directory. Not the contents of those files/directories, but only their records.
With that in mind:
- If you have the read permission on a directory: you will be allowed to read its contents, meaning: see what's inside the directory.
- If you have the write permission on a directory: you will be allowed to modify its contents, for example by copying a file into that directory, or deleting a file from that directory, or renaming a file in that directory.
As with files, the execute permission for directories is more complicated.
Also:
- binary review
- read, write, execute permissions
- for files
- for directories
- owner user, owner group, others
- chmod with octal
- quick adduser with id 1145, passwd
- try examples with two users