Linux File Management Commands

Questions and Answers

Which command is used to remove a file in Linux?

• rmdir
• rm (correct)
• mv
• mkdir

What is the primary function of the locate command in Linux?

• To search for executable files in directories listed in the PATH variable.
• To recursively search for files starting from a specified directory.
• To display BASH shell aliases.
• To search for files using a premade indexed database. (correct)

When using the find command, how do you ensure that wildcard metacharacters are interpreted by the find command itself?

• By preceding the command with `sudo`.
• By placing wildcards in quotation marks. (correct)
• By exporting the wildcard as an environment variable.
• By using the `-regex` option followed by the wildcard pattern.

Which command would you use to identify the location of an executable file by searching directories listed in the PATH variable?

which (D)

You need to copy a directory named 'project' including all of its contents, to a new location. Which command would accomplish this?

cp -r project new_location (C)

What is the crucial difference between using rmdir directory_name and rm -r directory_name?

rmdir can only remove empty directories, while rm -r can remove directories and their contents. (B)

Consider a scenario where you have modified the PATH variable in your current shell session. Predict the outcome if you then execute the updatedb command immediately followed by locate some_file to find a file that should now be discoverable due to the updated PATH.

locate will likely not find some_file because updatedb typically requires system-wide permissions and might not reflect user-specific PATH changes immediately. (B)

What distinguishes a symbolic link from its target file in a Linux filesystem?

Symbolic links have independent inodes and data blocks, storing only the target's pathname. (B)

What is contained within the data blocks of a symbolic link file?

A pathname to the target file. (C)

What command is used to create a symbolic link in Linux?

ln -s (D)

What command is used to view both hard and symbolic links?

ls -l (A)

What determines a user's access to resources on a Linux system?

Username and group membership alongside required permissions. (A)

When a new file is created, what determines the initial owner and group owner of the file?

The creating user's username and primary group become the owner and group owner. (C)

Which command displays the current user's username?

whoami (A)

What command displays a user's group memberships and primary group?

groups (D)

A user named Alice creates a symbolic link named mylink pointing to a file named originalfile. Subsequently, originalfile is deleted. What happens when Alice tries to access mylink?

mylink remains but becomes a dangling link, serving no function and returning an error if accessed. (C)

Which command is used to display the Access Control List (ACL) entries for a file or directory?

getfacl (C)

What is the primary function of the chattr command?

Add or remove filesystem attributes. (D)

When using setfacl, which option removes all extra ACL assignments from a file or directory, reverting to default permissions?

-b (A)

A user attempts to modify a file, but receives a 'permission denied' error, despite having appropriate user permissions. Which file attribute, if set, would be the cause?

Immutable (i) (B)

A security administrator needs to ensure that a critical system configuration file can never be altered, even by the root user. What combination of commands would achieve this, and how could the action be reversed if absolutely necessary?

chattr +i <file>; reversible by booting from an alternate medium, mounting the filesystem, then chattr -i <file>. (D)

What default permissions are typically assigned to new files in a Linux system?

rw-rw-rw- (C)

What is the primary function of the umask variable in Linux?

To take away permissions from new files and directories. (A)

Which command is used to display the current umask value?

umask (A)

What is the effect of setting the SUID bit on an executable file?

It causes the file to execute with the user ID of the file owner. (A)

On which type of files is the SUID permission applicable?

Binary compiled programs (A)

What is the primary effect of the SGID special permission when applied to a directory?

Files created in the directory inherit the group ownership of the directory. (A)

Which command is used to change the owner of a file or directory in Linux?

chown (A)

What is the function of the sticky bit when set on a directory?

It allows only the owner of a file within the directory, the directory owner, and the root user to delete or rename the file. (A)

Given a umask value of 027, what permissions will a newly created file receive if the default is 666 (rw-rw-rw-)?

rw-r--r-- (B)

What does the -R option do when used with the chown command?

Changes permissions recursively throughout the directory tree. (C)

A user executes a binary file with SUID set. If the file is owned by root, which user's permissions are used during the execution of the file?

The root user. (C)

Which command is used to change the group owner of a file or directory?

chgrp (B)

Consider a scenario where a directory has both the SGID and sticky bit set. A user, Alice, who is not the owner of a file within this directory but belongs to the directory's group, attempts to delete a file owned by another user, Bob. What will happen?

Alice will not be able to delete Bob's file because of the sticky bit, regardless of her group membership or directory permissions. (A)

Where are file permissions stored in a Linux system?

In the inode (A)

Which of the following is NOT a regular permission that can be assigned to a user in Linux?

Delete (D)

In the context of file permissions, what does 'other' refer to?

All users on the system. (D)

How does the Linux system determine which set of permissions to apply if a user belongs to both the file's owner and group?

It assigns the first set of permissions that are matched in the mode order: user, group, then other. (D)

Why is it generally discouraged to assign permissions only to 'other' in Linux?

It can lead to unintended access and security vulnerabilities. (A)

Suppose a file has the following permissions: rw-r-----. A user is not the owner but is a member of the file's group. Can this user write to the file?

No, because the group does not have write permissions. (D)

Insanely difficult: Consider a scenario where a user, Alice, is both the owner of a file and a member of the file's group. The file has permissions set as rwxr-----. Alice attempts to execute a script within this file, but it fails. Hypothesize the most probable reason for this failure, assuming the script itself is syntactically correct and executable.

The file system on which the file resides is mounted with the noexec option, globally disabling execution of binaries. (D)

Flashcards

mkdir

Creates new directories.

rmdir

Removes empty directories.

mv

Moves or renames files and directories.

cp -r

Copies files and directories (including their contents, recursively).

alias

Displays BASH shell aliases.

rm -r

Removes files and directories (including their contents, recursively).

locate

Search for files in an indexed database.

Access Control List (ACL)

A list of users/groups with assigned permissions.

setfacl command

Modifies ACL entries for files/directories.

getfacl command

Lists additional ACL entries.

lsattr command

Lists filesystem attributes.

Immutable attribute (i)

Prevents a file from being modified.

chown command

Changes the owner of a file or directory.

chgrp command

Changes the group owner of a file or directory.

chown/chgrp -R option

Applies changes to all files and subdirectories within a directory.

Mode

A section in the inode that stores permissions for a file or directory.

User Permissions

Permissions for the owner of the file.

Group Permissions

Permissions for the group that owns the file.

Other Permissions

Permissions for everyone else on the system.

Read Permission

Allows viewing the file's contents.

Write Permission

Allows modifying the file's contents.

Execute Permission

Allows executing the file (if it's a program).

What is a Symbolic Link?

A type of link that acts as a pointer to another file. It contains the path to the target file, not the actual data.

How do symbolic links behave?

Symbolic links point to pathnames. Editing the link edits the original, deleting the original renders the link useless.

What command creates symbolic links?

The command used to create symbolic links in Linux.

Can symbolic links span filesystems?

Symbolic links can point across different filesystems, hard links cannot.

User Login Requirement

Every user on a Linux system must log in with a username and a password.

Resource Access

Access to files and directories depends on a user's username and group memberships and the required permissions.

File Creation

When a file or directory is created, the creating user becomes the owner and their primary group becomes the group owner.

What does whoami do?

This command displays the current logged-in user's username.

What does the groups command show?

The groups command displays the groups a user belongs to, including their primary group.

Numeric Mode

Represents file permissions as a single numeric value (e.g., 777).

umask variable

Special variable determining default permissions for new files and directories by masking certain permissions.

umask command

Command used to view or modify the current umask value.

SUID (Set User ID)

Optional special permission; when set on an executable, the user executing the file temporarily assumes the file owner's privileges.

SGID (Set Group ID)

Optional special permission similar to SUID, but applies to the group ownership of the file.

Sticky Bit

Optional special permission that restricts file deletion within a directory to the file owner, directory owner, and root user.

SUID effect on file

When SUID is set on a file, the user executing the file effectively becomes the file's owner for the duration of the execution.

SUID effect on directory

SUID has no special function when applied to a directory.

SUID application

SUID is only applicable to binary compiled programs and cannot be used effectively on shell scripts.

Default Permissions

By default, new files are given rw-rw-rw- permissions.

Study Notes

Linux Filesystem Management

• Linux filesystem management is covered in chapter 4

Objectives

• Find files and directories on the filesystem
• Understand and create linked files
• Explain the function of the Filesystem Hierarchy Standard
• Use standard Linux commands to manage files and directories
• Modify file and directory ownership
• Define and change Linux file and directory permissions
• Identify the default permissions created on files and directories
• Apply special file and directory permissions
• Modify the default access control list (ACL)
• View and set filesystem attributes

The Filesystem Hierarchy Standard

• This is a standard set of directories for Linux and UNIX systems
• It contains standard file and subdirectory contents
• Simplifies finding specific files
• Gives Linux software developers the ability to locate files on any Linux system
• Allows to Create non-distribution-specific software

Managing Files and Directories

• The mkdir (make directory) command creates new directories
• Arguments specify directory's absolute or relative pathname
• The mv (move) command moves files
• Requires a minimum of two arguments
  • Source file/directory
  • Target file/directory
• Pathnames can be absolute or relative
• Wildcards can be used in pathname for multiple files
• Can also be used to rename files
• The cp (copy) command copies files
• Uses the same arguments as the mv command
• Also used to make copies of files
• To copy a directory full of files requires the cp command and the recursive option -r
• This copies files and subdirectories
• The target must be a file that exists, so both the mv and cp commands warn the user that the target file will be overwritten and will ask whether to continue
• This is a feature of the default configuration in Fedora Linux because the BASH shell contains aliases to the cp and mv commands
• To see the aliases present in the current shell, type alias at the prompt
• Interactive mode prompts user before overwriting files, but the -f option (force) will override interactive mode
• The rm (remove) command: removes files
• Arguments are a list of files
• Wildcards can be used
• It is in Interactive mode by default, but the -f option will override this
• The rmdir (remove directory) command removes directories, and only if they are empty

Common Linux file management commands

• mkdir creates directories
• rmdir removes empty directories
• mv Moves/renames files and directories
• cp copies files and directories full of files (with the -r or -R option)
• alias Displays BASH shell aliases
• rm Removes files and directories full of files (with the -r or -R option)
• unlink removes files

Finding Files

• The locate command searches for files in the Linux directory tree
• It looks in a premade indexed database of all files on system
• This database can be updated with the updatedb command
• The information returned by the command may not fit on screen, use more or less commands
• The find command recursively searches for files starting from a specified directory
• It is slower than the locate command, but more versatile
• Format: find -criteria
• Ensure that wildcard metacharacters are interpreted by the find command by placing them in quotation marks
• To reduce search time, specify subdirectory to be searched
• The PATH variable lists directories on system where executable files are located
  • Allows executable files to be run without specifying absolute or relative path
• The which command searches for an executable file, searching the PATH variable
• If the file is not found, it lists the directories that were searched
• Alternatives that could also be used are the type command and whereis command

Linking Files

• Files can be linked to one another
• Symbolic link (symlink) means one file is a pointer or shortcut to another
• Hard link means two files share the same data
• To better understand how files are linked, you must understand how files are stored on a filesystem, with the:
  • Superblock
  • Inode table
  • Data blocks
• The Superblock contains information about the filesystem
  • It includes number of inodes and data blocks, and the size of each data block.
• The inode table consists of several inodes
  • Each Describes a file or directory and contains a unique inode number for identification
  • Stores file size, data block locations, last date modified, permissions, and ownership
• Data blocks: data making up contents of a file
  • Referenced by the inode
• Hard linked files share the same inode and inode number, and must reside on the same filesystem
• To create a hard link, use the In (link) command and specify two arguments
• The existing file to hard-link and the target file that will be created as a hard link to the existing file
• To remove hard linked files, delete one of the linked files, which reduces the link count for the file

Hard vs Symbolic Links

• Symbolic linked files do not share the same inode and data blocks with their target file
• A symbolic linked file is a pointer to the target file
• Data blocks in the linked file only contain a pathname to the target file
• Editing a symbolic linked file actually edits the target file
• If the target file is deleted, the symbolic link serves no function
• To create a symbolic link, use the -s option with the In command
• Arguments can be relative or absolute pathnames, as with hard links
• You can use the Is -I command to view both hard link and symbolic link files
• Symbolic links need not reside on the same filesystem as their target

File and Directory Permissions

• All users must login with a username and password
• Users are identified by username and group memberships
• Access to resources depends on username and group membership
• Must have required permissions

File and Directory Ownership

• During file creation, that user's name and primary group becomes the owner and group owner of the file, which is the same for directory creation
• The whoami command views current user name
• The groups command views group memberships and primary group
• The touch command creates an empty file
• The chown (change owner) command is used to change ownership of a file or directory, with two arguments:
  • New owner
  • File or directory to change
• You can use the -R option to change permissions recursively throughout the directory tree
• The chgrp (change group) command changes the group owner of a file or directory
• Same arguments and options as for chown command

Managing File and Directory Permissions

• The mode is the inode section that stores permissions and uses:
  • User permissions: owner
  • Group permissions: group owner
  • Other permissions: everyone on system
• There are Three regular permissions that may be assigned to each user:
  • Read
  • Write
  • Execute
• User or owner: refers to users with read, write, and execute permission
• Other: refers to all users on system
• Permissions are not additive, the system assigns the first set of permissions that are matched in the mode order: user, group, other
• Linux permission should not be assigned to other only

Access Control

• Read allows a user to open and read the contents of a file or to list the contents of the directory if the user has also been given execute permission
• Write allows a user to open, read, and edit the contents of a file or to add or remove files to and from the directory if the user has also been given execute permission
• Execute allows a user to execute the file in memory if it is a program file or script, and allows a user to enter the directory and work with directory contents

Changing Permissions

• The chmod (change mode) command changes mode (permissions) with a minimum of at least two arguments
  • Criteria is used to change permissions
  • Filenames to change
• If the permissions to be changed are identical for the user, group, and other categories, you can use the "a" character to refer to all categories
• u (user)
• g (group)
• o (other) -a (all categories)

Operations in chmod table

Operation | Permission

• ------------ | ------------- +(adds a permission) | r (read)
• (removes a permission) | w (write) = (makes a permission equal to)| x (execute)

Default Permissions

• New files are given rw-rw-rw- permissions by default
• The umask variable is a special variable that takes away permissions on new files and directories.
• The umask command displays the umask
• You can change the umask by setting a new umask as an argument to the umask command

Special Permissions

• There are three special permissions for files and directories
• SUID (Set User ID)
• SGID (Set Group ID)
• Sticky bit
• If SUID is set on a file, the user who executes the file becomes the owner of the file during execution
  • No special functionality when set on a directory
  • Only applicable to binary compiled programs
  • It cannot be used on shell scripts
• SGID also applicable to files and directories
  • If set on a file, the user who executes the file becomes a member of the file's group during execution
  • If a user creates a file in a directory with SGID set, the file's group owner is set to be the directory's group owner and not the user's primary group
• Previously the sticky bit locked files in memory, currently it is only applicable to directories
• The sticky bit ensures that a user can only delete his/her own files when given write permissions in a directory
• Special permissions require execute
• They mask the execute permission when displayed by the Is -l command
• May be set even if file or directory does not have execute permission
  • Indicating letter in the mode will be capitalized
• Add special permissions via chmod command

Access Control List

• Access control list (ACL) is a list of users or groups that you can assign permissions
• The setfacl (set file ACL) command modifies ACL entries for a particular Linux file or directory
• Use the -m option to modify the ACL or the -b option to remove all extra ACL assignments on a particular file or directory
• The getfacl (get file ACL) command is used to list all additional entries in the ACL

Managing Filesystem Attributes

• Linux has file attributes that can be set which work outside Linux permissions, and are filesystem-specific
• The lsattr (list attributes) command lists filesystem attributes
• The chattr (change attributes) command adds or removes filesystem attributes
• Immutable attribute (i) prevents the file from being modified in any way

Summary

• the Linux directory tree obeys the Filesystem Hierarchy Standard, which allows system files to be located in standard directories
• Many file management commands exist to create, change the location of, or remove files
• Files can be found using different commands such as: locate, which and find
• Files can be linked two different ways:
  • Symbolic link: a file serves as a pointer to another
  • Hard links: one file is a linked duplicate of another
• Each file and directory has an owner and a group owner
  • the owner can change permissions and grant ownership
• Permissions can be set on the owner of a file, members of the group of the file, and everyone on the system (other)
• There are three regular file and directory permissions (read, write, execute) and three special file and directory permissions (SUID, SGID, sticky bit)
• Permissions can be changed using the chmod command
• New files and directories receive default permissions
• The root user has all permissions to all files and directories on the Linux filesystem
  • The Root user can change the ownership of any file or directory
• The default ACL on a file or directory can be modified to include additional users or groups
• Filesystem attributes can be set on Linux files to provide low-level functionality such as immutability