Chapter 3 - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Chapter 3

Description:

Chapter 3 &4 Even more additional notes... User mask (umask) in the book ... readable by romeo and juliet. writable by juliet. Flexible ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 13
Provided by: kendra6
Category:
Tags: chapter | juliet

less

Transcript and Presenter's Notes

Title: Chapter 3


1
Chapter 3 4 Even more additional notes
  • User mask (umask)
  • in the book
  • Access control lists (ACLs)
  • more advanced, not in the book

2
Chapter 3 4 Even more additional notes
  • User mask (umask)
  • When you create a file it has a default
    permission setting
  • For example
  • cs1/temp ls -l
  • total 0
  • cs1/temp touch new_file
  • cs1/temp ls -l
  • total 0
  • -rw------- 1 kcooper cs 0 Sep 18
    1528 new_file
  • cs1/temp mkdir new_directory
  • cs1/temp ls -l
  • total 2
  • drwx--x--x 2 kcooper cs 512 Sep 18
    1529 new_directory
  • -rw------- 1 kcooper cs 0 Sep 18
    1528 new_file

600
711
3
Chapter 3 4 Even more additional notes
  • umask (built in shell command)
  • View and change the mask setting
  • View the mask?
  • cs1/temp umask
  • 0066
  • 0066 is the mask setting (octal).
  • Question What is the actual, system default
    value?
  • 666-066 600 // file calculation

4
Chapter 3 4 Even more additional notes
  • Set the mask?
  • cs1/temp umask 022
  • cs1/temp ls -l
  • total 2
  • drwx--x--x 2 kcooper cs 512 Sep 18
    1529 new_directory
  • -rw------- 1 kcooper cs 0 Sep 18
    1528 new_file
  • cs1/temp touch another_new_file
  • cs1/temp ls -l
  • total 2
  • -rw-r--r-- 1 kcooper cs 0 Sep 18
    1553 another_new_file
  • drwx--x--x 2 kcooper cs 512 Sep 18
    1529 new_directory
  • -rw------- 1 kcooper cs 0 Sep 18
    1528 new_file
  • cs1/temp mkdir another_new_directory
  • cs1/temp ls -l
  • total 4
  • drwxr-xr-x 2 kcooper cs 512 Sep 18
    1554 another_new_directory
  • -rw-r--r-- 1 kcooper cs 0 Sep 18
    1553 another_new_file

5
Chapter 3 4 Even more additional notes
  • Convenient table summarizing the umask value,
    default file permission and default directory
    permission in the book (Table 4.3)

6
Chapter 3 4 Even more additional notes
  • Access control list (ACL)
  • Grant file/directory permissions on a
    user-by-user basis
  • Example
  • create a file that is
  • readable by romeo and juliet
  • writable by juliet
  • Flexible
  • ACLs provide a much higher degree of control over
    permissions
  • Convenient
  • ACLs are under the control of the owner of the
    file
  • You don't need the system administrator to
    create and maintain ACLs you can do it yourself.

7
  • You can use the ls -l command to see which files
    or directories have an ACL entry.
  • If a file has one or more ACL entries, then a
    plus () sign appears at the end of the
    permission field.
  • The disappears when the last ACL entry is
    removed.
  • Two unix commands setfacl and getfacl
  • setfacl
  • Sets, adds, modifies, and deletes ACL entries 
  • getfacl
  • Displays ACL entries
  • The information is displayed even if the file
    does not have an ACL

8
  • cs1/temp touch acl_test_file
  • cs1/temp ls -l
  • total 4
  • -rw-r--r-- 1 kcooper cs 0 Sep 18
    1607 acl_test_file
  • drwxr-xr-x 2 kcooper cs 512 Sep 18
    1554 another_new_directory
  • -rw-r--r-- 1 kcooper cs 0 Sep 18
    1553 another_new_file
  • drwx--x--x 2 kcooper cs 512 Sep 18
    1529 new_directory
  • -rw------- 1 kcooper cs 0 Sep 18
    1528 new_file
  • cs1/temp getfacl acl_test_file
  • file acl_test_file
  • owner kcooper
  • group cs
  • userrw-
  • groupr-- effectiver--
  • maskr--
  • otherr--

Effective? what a user, other than the owner,
will see when they try to access the file
Mask? highest permission available to 'other' and
'group'
9
  • Some basic setfacl options are
  • -s Sets the ACL for the file, removing all old
    entries and replacing them with the newly
    specified ACL.
  • -m Adds one or more new ACL entries to the file
    or modifies one or more existing ACL entries for
    the file. If an entry already exists, the
    specified permissions replace the current
    permissions. If no entry exists, a new entry is
    created.
  • -d Deletes one or more entries from the file.
  • (see man page for other options)

10
  • For example
  • cs1/temp setfacl -m userweiminmarw-
    acl_test_file
  • cs1/temp ls -l acl_test_file
  • -rw-r--r-- 1 kcooper cs 0 Sep 18
    1607 acl_test_file
  • cs1/temp getfacl acl_test_file
  • file acl_test_file
  • owner kcooper
  • group cs
  • userrw-
  • userweiminmarw- effectiver--
  • groupr-- effectiver--
  • maskr--
  • otherr--

? Not right, yet
11
  • cs1/temp setfacl -m maskrw- acl_test_file
  • cs1/temp getfacl acl_test_file
  • file acl_test_file
  • owner kcooper
  • group cs
  • userrw-
  • userweiminmarw- effectiverw-
  • groupr-- effectiver--
  • maskrw-
  • otherr--
  • Homework
  • Look up and try the basic options for setfacl
  • Look up and try access control lists for
    directories

Now, weiminma has read and write access
12
  • Some good websites for ACL information
  • http//www.softpanorama.org/Solaris/ACL/index.shtm
    l
  • http//www.cs.indiana.edu/Facilities/FAQ/General/A
    CL.html
  • http//www.securityfocus.com/infocus/1489
  • Also, check more advanced unix books.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Chapter 3" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!