Untitled Document

Chapter - 10  More File Attribures

Apart from file permissions - UNIX file has several other attributes , In this chapter we will look for the remaining Ones .Its important to know how these fie attributes are interpreted when applied to a directory or a device .This chapter also introduces the concept of a file system. It also looks at the inode , the lookup table that contains almost all file attributes .

File Systems and Inodes -  

We know that UNIX/ Linux organized the files for their own system . So far, we have been refering to the UNIX file heirarachy as a "file system" as if all files and directories are helld together in one big superstructre. That is not the case with large systems , the hard disk is split into distinct partitions , with a seperate partitions in each slice .

Every file system has a directory structure headed by root . If we have three file systems on one hard disks , then they will have three separate root directories . when the system is up, we see only a single file system with a single root directory . Out of all these 3 file system there is to be main UNIX/Linux file system that contains all the essentials of UNIX /Linux fsystem .This is the root file system , its also the root directory of the combined UNIX/Linux system , creating the illusion of a single file system to the user .

Every file is associated with a table that contains all that you could possibly need to know about a file -except its name and contents . This table is called the inode ( shortened from index node) and is accessed by the inode number .The inode contains the following attributes of a file .

  • File type ( regular , directory . devices etc )
  • File Permissions ( nine permissions and three more )
  • Number of links ( the number of aliases the file has )
  • The UID of the owner
  • The GID of the group owner
  • File size in bytes
  • Date and time of last modification
  • Date and time of last access
  • Date and time of last change of the inode
  • An array of pointers that keep track of all disk blocks used by the file .

You must have seen that neither the name of the file nor the inode number is stored in the inode .Its a directory that stores the inode number anlong with the filename. When you use a command with a filename as argument , the kernel first locates the inode number of the file from the directory and then reads the inode of each data relevant to the file .

Every file system has a separate portion set aside for storing inodes, where they are laid out in a contiguous manner . This area is accessible only to the kernel .Since UNIX/Linux has multiple file system , we can conclude that the inode number for a file is unique in a single file system .

Hard Links -

We didn't store the filename in the inode table , why ? So that a file can have multiple filenames .When that happens we can say file has more than one link . We can then access the file by any of its link .All the filenames have one thing common , they all have the same inode number .

Lets run the ls command in our script directory and see the listsing of files , we can see that files << copy example >>have link count more than 1

ls -l shell_progs <<<<Copy the rsult of command>>>

All attributes are same , but its the link count that seems to suggest that the files are "linked" to each other . But this can only be confirmed by using the -i option to ls

ls -li shell_progs <<<<Copy the rsult of command>>>

Both files have same inode number , so there is actually only one file with a single copy on disk . We can't really refer them as two files , but only as two filenames .There are two entries for this file in the directory , both having the same inode number .

Creating Hard Links : ln -

A file can be linked with the ln (link) command , which takes two filenames as argument . The command can create both a hard link and a soft link . The following command (hard) links test.txt with test

ln test.txt test <<<<Copy the rsult of command>>>

To confirm the links lets run the ls command with -i option , the files should have same inode number

ls -li test.txt test <<<<Copy the rsult of command>>>

We can link multiple files , but then the destination filename must be a directory . Here is how we can create links for all the test files to a directory logs_dir .

ln test* logs_dir <<<<Copy the rsult of command>>>

When we run rm command to remove a file from the directory , the link count is reduced by one . A file is considered to be completely removed from the system when its link count drops to zero .

ln returns an error when the destination file exists . Use the -f option to force the removal of the existing link before creation of the new one .

Where to use Hard Links : ln -

Think of below 3 sceanrios and you will see the intresting feature of Links .s

1. Lets consider that you have written a program that read a file test.txt in your $HOME/test_data . Later , we have reorganized our directory structure and moved test.txt to $HOME/data instead. What happens to the program that look for test.txt at its original location ? Simple , just link test.txt to the directory data

ln test_data/test.txt data <<<<Copy the rsult of command>>> -- creates link in directory data

2.Links provide some protection against accidental deletion , especially when they exist in different directories .Refering to the previous application , even though there is only single file test.txt on disk , you have effectively made a backup of this file . If you accidently delete test_data/test.txt , one link will still be available in data/test.txt , so our file is not gone yet .

3. Because of links , we don't need to maintain two programs as two separate disk files if there is very little difference between them. A single file with two links can have its program logic make it behave in two different ways depending on the name by which it is called .

Symbolic Links -

We have seen how we can link multiple names for a file . These links are often called hard links , and have two limitations :

  • You can't have two linked filenames in two file systems . In other words , you can't link a filename in the /usr file system to another in the /home file system .
  • You can't link a directory even within the same file system .

This limitation was overcome when symbolic links made entry . Until now , we have divided files into three categories ( ordinary , directory and device ) . The symbolic lik is fourth file type considered in this text . Unlike the hard link , a symbolic link doesn't have the file's contents , but simply provides the pathname of the file that actually has the contents . being more flexible , a symbolic link is also known as a soft link .

The ln command creates symbolic link , also except that you have to use the -s options . This time the listing tells you a different story :

   ln -s note note.syn (Copy the rsult of command) -- 
   ls -li note note.sym

You can identify symbolic links by character l (el) seen in the permission field . The pointer notation --> note suggests that note.sym contains pathname for the filename note . It's note, and not note.sym , that actually contains the data. When you use cat note.sym , you don't actually open the symbolic link , note.sym but the file the link option to . Observe that the size of the symbolic link is 4 ; this is the length of the pathname it contains (note).

Removing note.sym won't affect us much because we can easily recreate the link . But if we remove note, we would lose the file containing the data.In that case, note.sym would point to a non existent file and become a dangling symbolic link .

The Directory -

We have seen the File permission in chpater - 6 . there we have discussed file attribute in details and permissions about directories , here we will discuss about directory permissions in detail . A directory also has its own permissions,owners and links.The significance of the file attributes change a great deal when it applied to a directory .e.g size of the directory is no way related to the file size that exists in a directory , but rather than the number of files housed by it .The higher the number , the greater is the directory .

Directory permissions accuire different meaning when they are applied to it . Before we discuss further lets see the default directory permissions,on our system.

ls -l -d shell_progs <<<<Copy the rsult of command>>>

The permissions of a directory also impact the security of its files . To understand what is the impact of it , lets understand the each permission applied on directory and what it really means .

Read Permission -

Read permissions for a directory means that a user can access all the files stored in the that directory . Since the directory has a read permission ls command will work and displays the filename . If we remove the read permission ls won't work .

   ls -l -d shell_progs ( Copy the result of command )  
   chmod -r shell_progs ; ls shell_progs ( copy the result of command ) 

As we have removed read permission on directory , execution of ls has thrown the error message .However this doesn't prevent us from reading the files seperately if we know its name.

Write Permission -

Write permissions for a directory says that a user can create or remove files in that directory . To understand this lets remove the write permission of the directory and will try to copy a file into it .To try that out , restore the read permission and remove the write permission from the directory before you try to copy a file into it .

   chmod 555 shell_progs ; ls -ld shell_progs  ( Copy the rsult of command )  
   cp mangep.txt shell_progs ( copy the result of command ) 

The directory doesn't have write permission and hence we can't copy ,create or delete a file from it . But can we modify the existing files .? Most of us always get confused with this , to answer this below lines will provide you the explanation for it :

  • Write permisiions to a directory determines whether you can create or remove the files from it because these actions modify the directory
  • Write permission to file - gives you the permission to modify the file contents which doesn't modify the directory contents or entry any way
The term "Write protected has limited meaning in Unix / Linux system .A write protected file can't be written , but it can be removed if the directory has write permission .

Execute Permission -

What does the execute permission exactly does on the directory ? The answer is , a user can "Go Through" the directory in searching for sub-directories. When you run a command to go to the respective location or Path you need the execute permission .

cd /v/lenovo/mangep/shell_progs

You need to have execute permission in each of the directory given in path to reach to the destination.If a single directory in the pathname doesn't have the execute permission , then it can't be searched for the name of the next directory . That's why execute permission on directory is often refered to as the search permission.

cd command won't work if you don't have execute permission on all the searched directories . lets see an example on what message we get if we remove the execute permission of one of the directory in searched path -

   chmod 666 shell_progs ; ls -ld shell_progs  ( copy the result )  
   cd /v/lenovo/mangep/shell_progs (copy the result) 

umask : Default file and directory permissions 

When you create a file or a directory Unix/Linux assigns them some default permissions on them . These permissions are system dependent . The Unix/linux system has following default permissions for all the files and directories

  • rw-rw-rw- (octal 666) for regular files .
  • rwxrwxrwx (octal 777 ) for directories .

when you create a file or a directory you won't see these permissions. This default setting is set by subtracting the user mask from it to remove one or more permissions. To understand this lets run the umask without any argument

umask ( Copy the result of the command )

The number which we have got after running the command is the octal value which we need to subtract from the actual default , to understand what exactly the permissions are set by the system for file and directory creation .So (666 - 022 ) becomes 644 which will be the permissions for the ordinary files and for directories (777 - 022) becomes 755 . So when you create a file the file will have rw-r--r--default permissions . Similarly for directories rwxr-xr-x will be th default permissions.

umask is a shell built in command , though it can be used as an external command . A user can use this to set a new default . Here is an example :

umask 000 -------------- will set all the permission for all the users .

A mask value 000 means that you haven't set any permission .If you subtract these octal from default octal values nothing will be subtracted , all settings will be as it is .The important thing to remember here is that no one - not even the administrator - can use umask to turn on the permission not specified in the systemwide default setting.However , you can always use chmod as and when required. The systemwide unmask setting is placed in one of the machine's startup script , and is auomatically made available to all users.

Modification and Access times -

A Unix/Linux file has three time stapms associated with it .

  • Time of last modification ------- Shown by ls -l
  • Time of last access ------------ Shown by ls -lu
  • Time of last inode modification ---- Shown by ls -lc

Whenever we write something in file , the last modification time is updated in the file's inode. A directory can be modified by changing its entries - by creating,removing or renaming files in directory . Note that changing file contents will change only its last modification time not the directories . You can use ls -l option to see last modification time .

A file also has an access time i.e the file is lastly accessed , someone read, wrote or executed the file .Thi time is definetly different than last modification time - which changes only when the contents of files gets chnaged.For a directory , access time is changed only by read operation , creating or removing files doesn't do that , even cd to a directory doesn't change that . The access time is displayed by ls -lcombined with -u option .

When you add -t option to -l or -lu , the files are actually displayed in order of therespective timestamps .

  • Displays listing in order of their modification time ------- ls -lt
  • Dispalys listing in order of their last access time -------- ls -lut

A system administrator must have a good knowledge of file modifications , which can help them to backup , tar and zip the old files from the system . We can even change the modification time and access time of files using touch command .Lets see how it works on files in our next discussion .

touch: Changing Time Stamps-

As discussed in above topic , sometimes we need to change the file timestamps to a predefined values .The touch command changes the access and modification time of the files , here is the syantax of touch command.

touch options expression filename(s)

when touch is used without options or expression , both the access time and modification time to current time . We can also create file with touch commnand if file doesn't exist.

touch config.csv ------------- creates file if it does't exist

If touch is run wihout options but with expressions , it changes both times. The expression consist of an eight digit number using the format MMDDhhmm (month , day , hour and minute). Optionally you can suffix two-or four-digit year string :

   touch 01132015 config.csv ; ls -l config.csv ---- ( Copy the result of command )  
   ls -lu config.csv ---- ( Copy the result of command ) 

We can even change the two times individually . The -m and -a options changes the modification and access time respectively.

   touch -m 01132015 config.csv ; ls -l config.csv ---- ( Copy the result of command )  
   touch -a 01122015 config.csv ; ls -lu config.csv ---- ( Copy the result of command ) 

During backup process we might need to exclude or include some files based on thier timestaps , in such case administrator use touch command to change the timestamps. The find command can be used to get the files that have been changed by touch command . The next command that we will see now is find command.

find:Locating Files -

find is one of most powerful command in Unix / Linux system . It recursively searches a directory structure for files matching some criteria . It has a very difficult command line however, find is easily understood if you break up its arguments into three components :

find path_list selection_criteria action

Lets see how find works with above syntax - s

  • First, it recursively searches all files in the directories specified in path_list
  • Then, it matches one or more file based on the selection criteria
  • Finally , it takes some action on those selected files .

The path_list can contain one or more subdirectories separated by whitespace.Selection criteria can contain more than one criteria to match a file and multiple actions to get the final result . This makes the find command makes difficult to understand , but if you master this then its make user to select files practically under any condition.

To begin with , lets run a find command which will locate all the add.ksh files from your system .

find / -name add.ksh -print ( copy the results of you command )

The / indicates that search starts from root directory and then it will match it against the selection criteria ( -name add.ksh) , which always consist of an expression in the form of -operator argument.If the expression matches , the file is selected .The third section specifies the action to be taken on the files; in this case (-print) the files will be displayed on terminal.

find in UNIX displays the files only if the -print operator is used.However, Linux dosen't need this option;it prints by default.inux also doen't need path list ;it uses the current directory by default. Linux even prints the entire file list when used without any options whatsoever !

We can also use the relative path names (like .) in the path list and wild cards in selection criteria . Make sure that the wild cards must be quoted to prevent the shell for looking at it :

  find . -name "*.ksh" -print ( copy the results of you command ) prints all the files with extenson .ksh  
  find . -name '[A-Z]*' -print <<< copy the results of you command >> prints all the files whose name begins with upper case  letter

Make sure to use -print option without which Unix wont print your result on terminal , even though the command execution is successful.

-name is not the only parameter used in framing selection criteria there are many more .The actual list is much longer , but for our discussion we will cover up the most required once . Here are few action summarised in below table.

Selection Criteria :

Selection Criteria Function
-inum n Searches the files having inode number n
-type x Files of type x; the files can be an f (ordinar file) , d ( directory) or l (symbolic link)
-type f Searches for an ordinary file
-perm xxx Search files having stated permission in search pattern ( the number should be octal)
-links n Searches for the files having n links
-user unmae Searches file owned by the particular user
-group groupname Searches the files owned or belong to particular group.
-size +x[c] Searches file , having size greater than x blocks
-mtime -x Searches file , if modified in less than x days
-min -x Search files if modified in less than x minutes
-atime +x Searches for the files if it has accessed in more than x days
-amin +x Searches for the files if it has accessed in less than x minutes
-name flname Searches the file names
-inmae flname Same as above , but match is case sensitive
-follow Searches the files owned or belong to particular group.
Action Function
-inum n Searches the files having inode number n
-type x Files of type x; the files can be an f (ordinar file) , d ( directory) or l (symbolic link)
-type f Searches for an ordinary file

Locating files by inode number ( -i num) -

find allows you to locate files by inode number . Use the -inum option to find all filenames that have the same inode number :

find / -inum 1336 -print ( Please paste the result of command )

The find searches all the directories for the files having inode number 1336 . Sometimes find throws error message when it can't change the directory ( paste the error message ) To avoid these messages simply redirect the standard error to /dev/null .

file type and permissions ( -type and -perm) -

The -type option followed by the letter f ,d or l slects files of the ordinary,directory and symbolic link type .Here's how we can locate all directories of our home directory tree.

cd ; find . -type d -print ( Please paste the result of command )

The -perm option specifies the permission to match .For example -perm 666 slects files having read and write permission for all categories of users . Such files are security hazards. You will often want to use two options in combination to restrict the search to only directories .

find $HOME -perm 777 -type d -print ( Please paste the result of command )

find uses an AND condition ( an implied -a operator between -perm and -type ) to select directories that provide all access to everyone . It selects files only if both selection criteris ( -perm and -type ) are fullfilled .

finding unused files ( -mtime and -atime)

Files tend to build up incessantly on disk . Some of them remain unaccessed or unmodified for months - even years .find's options can easily match a file's modification ( -mtime) and access (-atime) times to select them .-mtime helps in backup operations by providing a list of those files that have been modified , say in less than 2 days :

find . -mtime -2 -print ( Please paste the result of command )

-2 here means less than 2 days . To select from the /home directory all files that have not been accessed for more than a year , apositive value has to be used with -atime

find /home -atime +365 -print | mailx mangep ( Please paste the result of command )
+365 means greater than 365 days , -365 means less than 365 days . For specifying exactly 365 , use 365.

The find options ( ! , o and -a ) - 

There are 3 operators that are commonly use with find . The ! option is used before to negate its meaning so .

find . ! -name "*.ksh" -print ( Please paste the result of command )

selects all but the ksh program files . The -o operator which represents an OR condition . We need to use an escaped pair of parentheses here :

find /home \( -name "*.ksh" -o -name "*.pl" \ ) -print ( Please paste the result of command )

The (and) are special characters that are interpreted by the shell to group commands . The same characters are used by find to group expressions using the -o and -a operators , the reason why they need to be escaped.

The -a operator represents the AND condition and is implied by default whenever two selection criteria are placed together .

find options in Action component -  

Displaying he listing (-ls) - The -print option belongs to action component of the find syntax.In real life we often need to take some action not just printing the lines . For instance we may like to view the listing of files with ls command

find . -type f -mtime +2 -mtime -5 -ls  ( Please paste the result of command )

The find here dispalys the list of files that are modifies in more than days but less than five days .

Taking action on selected files ( -exec and -ok )   

The -execc option lets you take any action by running a Unix command on selected files. -exec takes the command to execute as its own argument , followed by { } and finally the rather cryptic symbol \; This is how we can use a prevoius find command quite meaningfully .

find $HOME -type f -atime +365 -exec rm { } \; ( Please paste the result of command )

This will use rm to remove all ordinary files unaccessed for more than a year .This can be risky thing to do so you can consder using rm's -i option . But all commands don't have interactive options , in which case you should use find's -k option

find $HOME -type f -atime +365 -ok mv { } $HOME/safe \; ( Please paste the result of command )

mv return with interactive with -i but only if the destination file exists . Here -ok seeks confirmation for every selected file to be moved to the $HOME/safe directory irrespective of whether the file exists at the destination or not.

The pair of { } is a placeholder for a filename. So, -exec cp { } { }.ksh provides a.ksh extension to all selected files . Don't forget to use the \; symbols at end of every -exec or -ok keyword.
Untitled Document Scroll To Top Untitled Document