3.26. File AttributesNow that I've introduced you to some of the common file-oriented utilities, it's time to look at the various file attributes. I used ls to obtain a long listing of "heart.final," and got the following output: $ ls -lsF heart.final 1 -rw-r--r-- 1 glass cs 213 Jan 31 00:12 heart.final $ _ Each field is the value of a file attribute, described by the Figure 3-33.
The next few sections describe the meaning of the individual fields, in increasing order of difficulty. 3.26.1. File StorageThe number of blocks of physical storage is shown in field 1 and is useful if you want to know how much actual disk space a file is using. It's possible to create sparse files that seem to be very large in terms of field 6 but actually take up very little physical storage. Sparse files are discussed in detail in Chapter 12, "Systems Programming." 3.26.2. FilenamesThe name of the file is shown in field 8. A Linux filename may be up to 255 characters in length. You may use any printable[2] characters you want in a filename except the slash (/), although I recommend that you avoid the use of any character that is special to a shell (like <, >, *, ?, or the tab) as these can confuse both the user and the shell. Unlike some operating systems, there's no requirement that a file end in an extension such as ".c" and ".h," although many GNU utilities, such as the C compiler, will only accept files that end with a particular suffix. Thus, the filenames "heart" and "heart.final" are both perfectly legal. The only filenames that you definitely can't choose are "." and "..", as these are predefined filenames that correspond to your current working directory and its parent directory, respectively.
3.26.3. File Modification TimeField 7 shows the time that the file was last modified, and is used by several utilities. For example, the make utility, described in Chapter 11, "C Programming Tools," uses the last modification time of files to control its dependency checker. The find utility, described in Chapter 4, "GNU Utilities for Power Users," may be used to find files based on their last modification time. 3.26.4. File OwnerField 4 tells you the owner of the file. Every Linux process has an owner, which is typically the same as the username of the person who started it. For example, my login shell is owned by "glass," which is my username. Whenever a process creates a file, the file's owner is set to the process's owner. This means that every file that I create from my shell is owned by "glass," the owner of the shell itself. Chapter 12, "Systems Programming," contains more information on processes and ownership. Note that while the text string known as the username is typically how we refer to a user, internally Linux represents this as an integer known as the user ID. The username is easier for humans to understand than a numeric ID. Therefore I will refer to the textual name as username while using user ID to refer to the numeric value itself. 3.26.5. File GroupField 5 shows the file's group. Every Linux user is also a member of a group. This membership is initially assigned by the system administrator, and is used as part of the Linux security mechanism. For example, my group name is "cs." Every Linux process also belongs to a specific group, usually the same as that of the user that started the process. My login shell belongs to the group name "cs." Because a file created by a process is assigned to the same group as that of the creating process, this means that every file that I create from my shell has the group name "cs." Chapter 12, "Systems Programming," contains more information on processes and groups. The use of groups in relation to the Linux security mechanism is described in the next few sections. As with the user ID, the group is usually referenced by the text string name, but is represented internally as an integer value called the group ID. Therefore I will refer to the textual name as group name while using group ID when referring to the numeric value itself. 3.26.6. File TypesField 2 describes the file's type and permission settings. In the previous ls example: 1 -rw-r--r-- 1 glass cs 213 Jan 31 00:12 heart.final the first character of field 2 indicates the type of the file, which is encoded as shown in Figure 3-34.
In the example, the type of "heart.final" is indicated as a regular file. You'll encounter symbolic links in Chapter 4, "GNU Utilities for Power Users," pipes and sockets in Chapter 12, "Systems Programming," and buffered/unbuffered special files in Chapter 13, "Linux Internals." A file's type can often be determined by using the file utility (Figure 3-35).
For example, when I ran file on "heart.final," I saw this: $ file heart.final ...determine the file type. heart.final: ascii text $ _ 3.26.7. File PermissionsThe next nine characters of field 2 indicate the file's permission settings. In the current example, the permission settings are "rw-r--r--": 1 -rw-r--r-- 1 glass cs 213 Jan 31 00:12 heart.final These nine characters should be thought of as being arranged in three groups of three characters, as in Figure 3-36.
If a dash occurs instead of a letter, then the permission is denied. The meaning of the read, write, and execute permissions depends on the type of the file (Figure 3-37).
When a process executes, it has four values related to file permissions:
When you log in, your login shell process has its real and effective user IDs set to your own user ID, and its real and effective group IDs set to your group ID. When a process runs, the file permissions apply as follows:
The permission system is therefore a three-tier arrangement that allows you to protect your files from general users but at the same time allows access by certain groups. Later in this chapter I'll illustrate the use of permission settings to good effect and describe the utilities that are used to alter them. Note that only a process's effective user and group IDs affect its permissions, its real user and group IDs are only used for accounting purposes. Note also that a process's access rights depend ordinarily on who executes the process, and not on who owns the executable. There are some occasions where this is undesirable (e.g., in a game that maintains a file of the best scores of previous players). Obviously, the game program itself must have permission to alter this file when it is executing, but the player that executes the game program should not. This seems impossible, based on the permission rules that I just described. To get around this problem, Linux provides two special file permissions called "set user ID" and "set group ID." When an executable with "set user ID" permission is exec'ed, the process's effective user ID becomes that of the executable. Similarly, when an executable with "set group ID" permission is exec'ed, the process's effective group ID is copied from the executable. In both cases, the real user/group ID is unaffected. In the case of our game, the executable and the score file are both owned by a different user, and the program executable has "set user ID" permission. The score file only has write permission for its owner, thus protecting general users from modifying it. When a player executes the game program, the process executes with the effective user ID of the game, and thus is able to modify the score file. "Set user ID" and "set group ID" permissions are indicated by an "s" instead of an "x" in the user and group clusters, respectively. They may be set using the chmod utility, described shortly, and by the chmod () system call, described in Chapter 12, "Systems Programming." Here are a few other notes relating to file permissions:
3.26.8. Hard Link CountField 3 of the output from the ls command shows the file's hard link count, which indicates how many labels in the hierarchy are pointing to the same physical file. Hard links are rather advanced, and are discussed in conjunction with the ln utility in Chapter 4, "GNU Utilities for Power Users" |