Debian GNU/Linux: Guide to Installation and Usage" by John Goerzen and Ossama Othman is part of the HackerNoon Books Series. You can jump to any chapter in this book here. More on Files
In section 5.2 on page [*], we covered moving and renaming files with mv, copying them with cp, removing them with rm, removing directories with rmdir, and creating directories with mkdir. This chapter will cover some more aspects of working with files.
GNU and Unix systems are set up to allow many people to use the same computer, while keeping certain files private or keeping certain people from modifying certain files. You can verify this for yourself. Log in as yourself, i.e. NOT as root.
whoami
This verifies that you are not root. Then enter the following command:
rm /etc/resolv.conf
You should be told Permission denied. /etc/resolv.conf is an essential system configuration file; you aren’t allowed to change or remove it unless you’re root. This keeps you from accidentally messing up the system, and if the computer is a public one (such as at an office or school), it keeps users from messing up the system on purpose.
Now type ls -l /etc/resolv.conf.
This will give you output that looks something like this:
-rw-r-r- 1 root root 119 Feb 23 1997 /etc/resolv.conf
The -l option to ls requests all that additional information. The info on the right is easy: The size of the file is 119 bytes; the date the file was last changed is February 23, 1997; and the file’s name is /etc/resolv.conf. On the left side of the screen, things are a little more complicated.
First, the brief, technical explanation: The -rw-r-r- is the mode of the file, the 1 is the number of hard links to this file (or the number of files in a directory), and the two roots are the user and group owning the file, respectively.
So that was cryptic. Let’s go through it slowly.
Every file has two owners: a user and a group. The above case is a little confusing because there’s a group called root in addition to the root user. Groups are just collections of users who are collectively permitted access to some part of the system. A good example is a games group. Just to be mean, you might create a group called games on your computer and then set up your system so that only people in a games group are allowed to play games.
Here’s a more practical example. Consider a case in which you’re setting up a computer for a school. You might want certain files to be accessible only to teachers, not students, so you put all the teachers in a single group. Then you can tell the system that certain files belong to members of the group teachers, and that no one else can access those files.
Let’s explore groups on the system. First, you can use the groups command at the shell prompt. This will show you a list of the groups to which you belong. Here’s an example:
$ groups
system-wide configuration!permissions!file
ownershipusername dialout cdrom floppy audio
It’s likely that you’re a member of only one group, which is identical to your username. However, root can add you to other groups. The above example shows a person that is a member of five groups.
less /etc/group
This file lists the groups that exist on your system. Notice the root group (the only member of this group is the root user), and the group that corresponds to your username. There are also groups like dialout (users who are allowed to dial out on the modem) and floppy (users who can use the floppy drive). However, your system is probably not configured to make use of these groups. It’s likely that only root can use the floppy or the modem right now. For details about this file, try reading man group.
ls -l /home
This command shows you that every user’s directory is owned by that user and that user’s personal group.
Tip: If you just installed Debian, you may be the only user. You can use the adduser command to add more users to the system.
In addition to being owned by one user and one group, every file and directory also has a mode, which determines who’s allowed to read, write, and execute the file (and run it, if it’s a program). There are a few other things also determined by the mode, but they’re advanced topics so we’ll skip them for now.
The mode looks like this in the ls output: -rw-r-r-. For now, we’ll consider nine of these parts: those that control read, write, and execute permissions for the user owning the file, the group owning the file, and others (everyone on the system, sometimes called world).
In the mode line, the first “element” gives the file type. The - in this case means it’s a regular file. If it was d, we’d be looking at a directory. There are also other possibilities too complex to go into here; for details, see section 13.2.2 on page [*].
The remaining nine elements are used to display the file’s mode. The basic 9 bits (read, write, and execute for user, group, and other) are displayed as three blocks of rwx.
So if all permissions are turned on and this is a regular file, the mode will look like this: -rwxrwxrwx. If it was a directory with all permissions turned off for others and full permissions for user and group, it would be drwxrwx--.
Table 7.1: Permissions in Linux
+------------------------------------------------------------------------------+
| Code | Name | Allows for Files | Allows for Directories |
|------+---------+--------------------------+----------------------------------|
| r | read | Examine contents of file | List contents of directory |
|------+---------+--------------------------+----------------------------------|
| w | write | Modify file | Add or remove files in directory |
|------+---------+--------------------------+----------------------------------|
| x | execute | Run as a command | Access files in directory |
+------------------------------------------------------------------------------+
Table 7.1 describes the meaning of the read, write, and execute permissions for both files and directories.
Directory modes can be a little confusing, so here are some examples of the effects of various combinations:
r-
The user, group, or other with these permissions may list the contents of the directory, but can do nothing else. The files in the directory can’t be read, changed, deleted, or manipulated in any way. The only permitted action is reading the directory itself, that is, seeing what files it contains.
rw-
Write permission has no effect in the absence of execute permission, so this mode behaves just like the above mode.
r-x
This mode permits the files in a directory to be listed and permits access to those files. However, files can’t be created or deleted. Access means that you can view, change, or execute the files as permitted by the files’ own permissions.
-x
Files in this directory can be accessed, but the contents of the directory can’t be listed, so you have to know what filename you’re looking for in advance (unless you’re exceptionally good at guessing). Files can’t be created or deleted.
rwx
You can do anything you want with the files in this directory, as long as it’s permitted by the permissions on the files themselves.
Directory write permission determines whether you can delete files in a directory. A read-only file can be deleted if you have permission to write to the directory containing it. You can’t delete a file from a read-only directory even if you’re allowed to make changes to the file.
This also means that if you own a directory you can always delete files from it, even if those files belong to root.
Directory execute permission determines whether you have access to files - and thus whether file permissions come into play. If you have execute permissions to a directory, file permissions for that directory become relevant. Otherwise, file permissions just don’t matter; you can’t access the files anyway.
This section goes through a short example session to demonstrate how permissions are used. To change permissions, we’ll use the chmod command.
cd; touch myfile
There are a couple of new tricks here. First, you can use ; to put two commands on one line. You can type the above as:
$ cd
$ touch myfile
or as:
$ cd; touch myfile
Either way the same thing will end up happening.
Recall that cd by itself returns you to your home directory. touch is normally used to change the modification time of the file to the current time. But it has another interesting feature: If the file doesn’t exist, touch creates the file. So you’re using it to create a file to practice with. Use ls -l to confirm that the file has been created and notice the permissions mode:
$ ls -l
-rw-r-r- 1 user user 0 Nov 18 22:04 myfile
Obviously the time and user/group names will be different when you try it. The size of the file is 0, because touch creates an empty file. -rw-r-r- is the default permissions mode on Debian.
chmod u+x myfile
This command means to add (+) execute (x) permissions for the user (u) who owns the file. Use ls -l to see the effects.
chmod go-r myfile
Here you’ve subtracted (-) read permission (r) from the group (g) owning the file and from everyone else (others, o). Again, use ls -l to verify the effects.
chmod ugo=rx myfile
Here you’ve set (=) user, group, and other permissions to read and execute. This sets permissions to exactly what you’ve specified and unsets any other permissions. So all rx should be set, and all w should be unset. Now, no one can write to the file.
chmod a-x myfile
a is a shortcut for ugo, or “all.” So all the x permissions should now be unset.
rm myfile
With this command, you’re removing the file, but without write permissions. rm will ask if you’re sure by displaying the following message:
rm: remove ‘myfile’, overriding mode 0444?
You should respond by typing y and pressing Enter. This is a feature of rm, not a fact of permissions. Permission to delete a file comes from the directory permissions, and you have write permission in the directory. However, rm tries to be helpful, figuring that if you didn’t want to change the file (and thus remove write permission), you don’t want to delete it either, so it asks you.
What was that 0444 business in the question from rm? The permissions mode is a twelve-digit binary number, like this: 000100100100. 0444 is this binary number represented as an octal (base 8) number, which is the conventional way to write a mode. So you can type chmod 444 myfile instead of chmod ugo=r myfile.
Now that you can navigate the directory tree, let’s take a guided tour of the files and directories you created when you installed Debian. If you’re curious, cd to each directory and type ls to see its contents. If the listing doesn’t fit on the screen, try ls | less, where | is the “pipe” character, generally found on the same key with backslash.
/ As already mentioned, this is the root directory, which contains every other directory.
/root But don’t get /confused with /root! /root is the home directory of the root user, or superuser. It’s a directory called /root, but it isn’t the root directory /.
/home This is where all normal users—that is, all users except root—have their home directories. Each home directory is named after the user who owns it, for example, /home/jane. If you’re using a large system at a school or business, your system administrator may create additional directories to contain home directories: /home1 and /home2 for example. On some other systems, you’ll see an additional level of subdirectories: /home/students/username, /home/staff/username, etc.
Your home directory is where you put all your personal work, e-mail and other documents, and personal configuration preferences. It’s your home on the system.
/bin This directory contains “binaries,” executable files that are essential to the operation of the system. Examples are the shell (bash) and file commands such as cp.
/sbin This directory contains “system binaries,” utilities that the root user or system administrator might want to use, but that you probably won’t want to use in your day-to-day activities.
/usr /usr contains most of the files you’ll be interested in. It has many subdirectories. /usr/bin and /usr/sbin are pretty much like /bin and /sbin, except that the directories in /usr are not considered “essential to the operation of the system.”
While not essential to getting the computer working, /usr does contain the applications you’ll use to get real work done. Also in /usr, you’ll find the /usr/man, /usr/info, and /usr/doc directories. These contain manual pages, info pages, and other documentation, respectively. And don’t forget /usr/games!
/usr/local The Debian system doesn’t install anything in this directory. You should use it if you want to install software that you compile yourself or any software not contained in a Debian package. You can also install software in your home directory if you’ll be the only one using it.
/etc /etc contains all the system-wide configuration files. Whenever you want to change something that affects all users of your computer—such as how you connect to the Internet or what kind of video card you have—you’ll probably have to log on as root and change a file in /etc.
/tmp Here you’ll find temporary files, most of them created by the system. This directory is generally erased on a regular basis or every time you reboot the system. You can create files here if you want, just be aware that they might get deleted automatically.
/var /var contains “variable” files that the system changes automatically. For example, incoming mail is stored here. The system keeps a log of its actions here. There are a number of other automatically generated files here as well. You’ll mostly be interested in the contents of /var/log, where you can find error messages that can help you figure out what you’re system’s up to if something goes wrong.
Clearly there are many more directories on the system—far too many to describe every one.
For changing things, you’ll usually want to confine yourself to your home directory and /etc. On a Debian system, there’s rarely an occasion to change anything else, because everything else is automatically installed for you.
/etc is used to configure the system as a whole. You’ll use your own home directory, a subdirectory of /home, for configuring your own preferences and storing your personal data. The idea is that on a day-to-day basis, you confine yourself to /home/yourname, so there’s no way you can break anything. Occasionally you log in as root to change something in a system-wide directory, but only when it’s absolutely necessary. Of course, if you’re using Debian at a school or business and someone else is the system administrator, you won’t have root access and will be able to change only your home directory and any other directory that you own. This limits what you can do with the system.
Often it would be nice to make a file smaller—say, to download it faster, or so it takes up less space on your disk. The program to do this is called gzip (GNU zip). Here’s how it works:
$ cd; cp /etc/profile ./mysamplefile
This switches to your home directory and copies an arbitrarily chosen file (/etc/profile) to your current directory, in the process renaming it mysamplefile. This gives you a file to play with when using gzip.
$ ls -l
Lists the contents of the current directory. Note the size of mysamplefile.
$ gzip mysamplefile
Compresses mysamplefile.
$ ls -l
Observe the results of this command: mysamplefile is now called mysamplefile.gz . It’s also a good bit smaller.
$ gunzip mysamplefile.gz; ls -l
This uncompresses the file. Observe that mysamplefile has returned to its original state. Notice that to uncompress, one uses gunzip, not gzip.
$ rm mysamplefile
Use this command to remove the file, since it was just to practice with.
There are two different facilities for finding files: find and locate. find searches the actual files in their present state. locate searches an index generated by the system every morning at 6:42 a.m. (this is a cron job, explained elsewhere in this book). locate won’t find any files that were created after the index was generated. However, because locate searches an index, it’s much faster—like using the index of a book rather than looking through the whole thing.
To compare the two ways of finding files, pretend you can’t remember where the X configuration file XF86Config resides.
$ locate XF86Config
This should be pretty fast. You’ll get a list of filenames that contain XF86Config, something like this:
/etc/X11/XF86Config
/usr/X11R6/lib/X11/XF86Config
/usr/X11R6/lib/X11/XF86Config.eg
/usr/X11R6/man/man5/XF86Config.5x.gz
Now try the find command:
$ find / -name XF86Config
You will hear a lot of disk activity, and this will take a lot longer. Results will look something like this:
/etc/X11/XF86Config
/usr/X11R6/lib/X11/XF86Config
find: /var/spool/cron/atjobs: Permission denied
find: /var/spool/cron/atspool: Permission denied
find: /var/lib/xdm/authdir: Permission denied
Notice that find found only files that were named exactly XF86Config, rather than any files containing that string of letters. Also, find actually tried to look in every directory on the system—including some where you didn’t have read permissions. That’s why you got the Permission denied messages.
The syntax is different as well. With find, you had to specify what directory to search in, whereas locate automatically chose the root directory. And you had to specify a search by name using the -name option. You could also have searched for files using many other criteria, such as modification date or owner. To have find search for files whose names match XF86Config, you’d have to use a wildcard:
$ find / -name ’*XF86Config*’
Like most of the command line tools, find accepts wildcards as arguments.
In general, find is a more powerful utility, and locate is faster for everyday quick searches. The full range of possible searches would take a long time to explain; for more details , type info find, which will bring up the very thorough info pages on find and locate.
Debian comes with a utility that can guess at the contents of a file for you. Although it is not 100% accurate, you can use the following command to explore your system:
$ file /bin/cp
You should see something like this:
/bin/cp: ELF 32-bit LSB executable, Intel 386, version 1
Skipping the technical parts, this is an executable file for Intel machines.
$ file /etc/init.d/boot
The preceding command gives this response:
/etc/init.d/boot: Bourne shell script text
meaning that this is a text file containing a Bourne shell script.
About HackerNoon Book Series: We bring you the most important technical, scientific, and insightful public domain books.
This book is part of the public domain. John Goerzen and Ossama Othman (2004). Debian GNU/Linux : Guide to Installation and Usage. Urbana, Illinois: Project Gutenberg. Retrieved https://www.gutenberg.org/cache/epub/6527/pg6527-images.html
This eBook is for the use of anyone anywhere at no cost and with almost no restrictions whatsoever. You may copy it, give it away or re-use it under the terms of the Project Gutenberg License included with this eBook or online at www.gutenberg.org, located at https://www.gutenberg.org/policy/license.html.