Archive for November 6th, 2007
chmod, change mode of file
In Linux there’s 4 octal number to define the permission of file:
0 - no permission 1 - execute permission 2 - write permission 4 - read permission
To manipulate permission we can use “chmod” which accept mode of file followed by filename.
Example:
chmod 660 /tmp/x chmod 4755 /tmp/b
The first command will modify permission of /tmp/x to 660, if we give only 3 numbers meaning we define permission for:
1st byte to define file permission for owner of file: 6 = 4 + 2 = can read and write 2nd byte to define file permission for group of user to access the file: 6 = 4 + 2 = can read and write 3rd byte to define file permission for other to access the file: 0 = no permission at all
Meanwhile if define 4 number, the first octal number define the ownership of running process if the file is being executed, or special permission for a directory, or behaviour of a running process:
0 - no setting 1 - save text image 2 - set GID 4 - set UID
octal number 1 is also called “sticky bit” if defined for directory, then we can modify, create, delete file that belong to us only, for example /tmp
drwxrwxrwt 11 root root 11264 Nov 7 03:55 /tmp
See, there’s “t” that indicate this sticky bit, even on /tmp all users has read/write/execute access, but they will not able to remove/modify files not belong to them
# id uid=502(smsc) gid=32005(smsc) groups=32005(smsc),32008(compiler) # ls -l /tmp/PDF-NWiY35.htm -rw-r--r-- 1 nobody nobody 35726 Sep 15 15:05 /tmp/PDF-NWiY35.htm # rm -f /tmp/PDF-NWiY35.htm rm: cannot remove `/tmp/PDF-NWiY35.htm': Operation not permitted
This sticky bit for file define that once the file executed, the text area of process will not removed from swap/memory, so next time the file execute again should be a little bit faster because the text area will not created again.
Back to example, chmod 4755 will make
1. File execution will be “setuid” active or will be executed with effective UID the same with the owner of file
2. Permission for user is 7 = 4 + 2 + 1 = (read+write+execute)
3. Permission for group is 5 = 4 + 1 = (read+execute)
3. Permission for other is 5 = 4 + 1 = (read+execute)
Understanding file /etc/passwd
User management in Linux OS is obviusly simple, all of user in Linux system saved in a file named “/etc/passwd”. This file format is like this
root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin
Each field is separated by “:” (colon), where:
- field 1: login name
- field 2: password value (encrypted) or shadowed
- field 3: user id
- field 4: group id
- field 5: real name
- field 6: home directory
- field 7: shell command for this user
Please note that:
1. To convert from shadowed mode to unshadowed password you can use “pwunconv”
so on /etc/passwd you can see something like this:
root:$1$WZL4Ar01$eqxo7DFNztslTojbhABlV1:0:0:root:/root:/bin/bash
bin:*:1:1:bin:/bin:/sbin/nologin
To rollback again to shadowed mode you can use “pwconv”. This mode off course is more
secure, because user system will not able read the encrypted password. The encrypted password will be put in /etc/shadow which only readable by root
# ls -l /etc/shadow -r-------- 1 root root 2202 Nov 7 03:24 /etc/shadow
And the content of shadow password file is like this
root:$1$WZL4Ar01$eqxo7DFNztslToaKMOlV1:13823:0:99999:7::: bin:*:13823:0:99999:7:::
Format of /etc/shadow is define like this
struct spwd {
char *sp_namp; /* user login name */
char *sp_pwdp; /* encrypted password */
long int sp_lstchg; /* last password change */
long int sp_min; /* days until change allowed. */
long int sp_max; /* days before change required */
long int sp_warn; /* days warning for expiration */
long int sp_inact; /* days before account inactive */
long int sp_expire; /* date when account expires */
unsigned long int sp_flag; /* reserved for future use */
}
