LINUX ENVIRONMENT

Redirection, Pipes, File Security

STANDARD INPUT & OUTPUT
• stdin, stdout and stderr are three standard streams that are
established when a Linux command is executed. In computing, a
stream is something that can transfer data, where data is the text.
Standard Input is the keyboard, abstracted as a file to make it easier
to write shell scripts.
• Standard Output is the shell window or the terminal from which the
script runs, abstracted as a file to again make writing scripts &
program easier
• Standard error is the same as standard output, the shell window or
terminal from which the script runs.
STREAMS AS FILES
• Every process in Linux is provided with three open files ( usually called
file descriptor). These files are the standard input, output and error
files.
• Each file associated with a process is allocated a unique number to
identify it. This is known as the file descriptor. Whenever an action is
required to be performed on a file, the file descriptor is used to
identify the file.
• 0 - stdin, 1 - stdout & 2 – stderr are always the values used for the
files
REDIRECTION
• Redirection is a feature in Linux such that when executing a
command, the standard input/output devices can be changed.
• The output redirection is that after executing the command, all will be
redirected to a file, “>” symbol is used for this redirection.
For ex : ls –al > filedata.txt - the output of ls –al is redirected to
a file “filedata.txt” instead of displaying on screen.
• The input redirection also redirects wherein file contents can be
printed onto the terminal screen or to a file. “<“ symbol is used.
For ex : cat < newfile.txt
• Error redirection is to direct the error messages to a file.
PIPES
• The Pipe is a command in Linux that lets two or more commands to
be used such that output of one command serves as input to the
next.
• In short, the output of each process directs as input to the next one
like a pipeline. The symbol ‘|' denotes a pipe.
For ex : cat filedata.txt | less
wc filedata.txt | |
tee COMMAND
• The ‘tee’ command reads standard input (stdin) and writes it to both
standard output (stdout) and one or more files.
• tee command is usually part of a pipeline, and any number of
commands can precede or follow it.
Syntax : command | tee options <filename>
echo “creating multiple files” | f1.txt f2.txt
FILE SECURITY
• Linux file security is quite simplistic in design, yet quite effective in
controlling access to files and directories.
• The Linux security model is based on the one used on UNIX systems, and is
as rigid as the UNIX security model.
• On a Linux system, every file is owned by a user and a group user. There is
also a third category of users, those that are not the user owner and don't
belong to the group owning the file.
• For each category of users, read, write and execute permissions can be
granted or denied.
• In Linux, every file and every directory are owned by a single user on that
system.
• Each file and directory also has a security group associated with it that has
access rights to the file or directory.
PERMISSION GROUPS
• Owner - The Owner permissions apply only the owner of the file or
directory, they will not impact the actions of other users.
• Group - The Group permissions apply only to the group that has been
assigned to the file or directory, they will not affect the actions of
other users.
• All users - The All Users permissions apply to all other users on the
system.
PERMISSION TYPES
• Read - The Read permission refers to a user's capability to read the
contents of the file.
• Write - The Write permissions refer to a user's capability to write or
modify a file or directory.
• Execute - The Execute permission affects a user's capability to execute
a file or view the contents of a directory.
NOTE : Using the ls –l command, file permissions for the 3 user
categories will be displayed, they are indicated by the 9 characters that
follow the first character – which is the file type indicator .
FILE PERMISSION BASICS
$ ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark authors 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt
1. Type of file (1st character)
2. The file’s access permissions (next 9 characters)
3. The number of links to the file
4. The name of the owner of the file (usually the person who created the file)
5. The name of the group the file is associated with
6. The size of the file in characters(bytes)
7. The date and time the file was created or last modified
8. The name of the file
CHANGING FILE/DIRECTORY PERMISSIONS
• The command used for changing permissions is chmod – which
stands for change mode. Using the command, permissions can be set
on a file/directory for the owner, group and others.
Syntax : chmod permissions filename
• There are 2 methods to use the command –
(i) Absolute(Numeric) mode
(ii) Symbolic mode
NUMERIC MODE
• In this mode, file permissions are represented as a 3-digit octal number.
Ex : chmod 764 datafile Number Permission Type Symbol
764 indicates 0 No permission ---
Owner can read, write 1 Execute --x
and execute, group can read and 2 Write -w-
write, others can only read 3 Execute + Write -wx
4 Read r--
5 Read+Execute r_x
6 Read +Write rw_
7 Read + Write + rwx
Execute
SYMBOLIC MODE
• In this mode, permissions of a specific category can be modified.
Ex : chmod o=rwx datafile
Setting permissions to “Others” Operator Description
users. + Adds a permission to a file
Ex : chmod g+x datafile or directory
- Removes the permission
Adding execute permission to the
Group user. = Sets the permission and
overrides the permissions
Ex : chmod u+x datafile set earlier.
Adding execute permission to the user.
Ex : chmod g=w,o=rw newfile
Note : u – user/owner g – group , o – other, a - all
CHANGING USER FILE AND GROUP
• To change the file ownership, chown command is to be used.
Syntax : chown [user_name] [file_name]
To change the group ownership type, chgrp command is to be used.
Syntax : chgrp [group_name] [file_name]
DEFAULT PERMISSIONS & umask
• When a user creates a file, that file has default ownership and
permissions. The default owner is the user who created the file
• The default group is the user’s primary group.
• Umask(User mask or User file creation Mask) command in linux is
used to set the default permissions for files and directories. Every
time a new file/directory is created certain permission are assigned to
it by the system on its own.
• Most of the Linux distributions give 022 as default Umask. In other
words, it is a system default permissions for newly created
file/folders. If default permissions are not required then umask
command is used to change them.
UMASK
Syntax : umask [mode]
Where mode signifies the desired set of permissions. Using umask without
the mode will show the existing set of permissions.
Example : umask 015
Will assign all permissions to user, read and write to group and only write to
others on files and directories that will be created after using this command.
It will not affect the existing files and directories.
Note : Working of umask is opposite to chmod.
Example : umask 025
Will assign all permissions to user, read and execute for group and only write
for others.
SOFT LINK & HARD LINK
• A symbolic or soft link is an actual link to the original file. If the
original file is deleted, the soft link has no value, because it points to a
non-existent file.
• A hard link is a mirror copy of the original file. Even if the original file
is deleted, the hard link will still has the data of the original file.
Because hard link acts as a mirror copy of the original file.
DIFFERENCES
SOFT LINK
• can cross the file system
• allows to link between
directories
• has different inode number and
file permissions than original file
• permissions will not be updated
• has only the path of the original
file, not the contents.
HARD LINK
• can't cross the file system boundaries
(i.e. A hardlink can only work on the
same filesystem),
• can't link directories,
• has the same inode number and
permissions of original file
• permissions will be updated if the
permissions of source file is changed.
• has the actual contents of original file
can view the contents, even if the
original file is moved or removed.
CREATING SOFT LINK & HARD LINK
• ln –s source.txt slink.txt
• ln source.t hlink.txt
Difference between hard link and normal copied file.
Creating a hard link to a file is different than copying it. If a file is
copied , it will just duplicate the content. So if the content is modified
of a one file (either original or hard link), it has no effect on the other
one. However if a hard link is created to a file and change the content
of either of the files, the change will be seen on both.