Permissions Strings
Interpreting permissions strings is a complex issue because UNIX has a sophisticated security model for individual files. Security revolves around three different types of user: the owner of the file, the group of which that the file is a part, and everyone else.
The first character of the permissions string, identified in Figure 4.1 as access permissions, indicates the kind of file. The two most common values are d for directories and - for regular files. Be aware that there are many other file types that you'll rarely, if ever, see.
The following nine characters in the permissions string indicate what type of access is allowed for different users. From left to right, these characters show what access is allowed for the owner of the file, the group that owns the file, and everyone else.
Figure 4.2 shows how to break down the permissions string for the LISTS file into individual components.
Figure 4.2. Reading access permissions for LISTS.
Each permissions string is identically composed of three components—permission for reading, writing, and execution—as shown in Figure 4.3.
Figure 4.3. Elements of a permissions string.
Armed with this information—specifically, knowing that a - character means that the specific permission is denied—you can see that ls shows that the owner of the file, taylor as illustrated in Figure 4.1, has read and write permission. Nobody else either in taylor's group or in any other group has permission to view, edit, or run the file.
Earlier you learned that just about everything in UNIX ends up as a file in the file system, whether it's an application, a device driver, or a directory. The system keeps track of whether a file is executable because that's one way it knows whether LISTS is the name of a file or the name of an application.
Task 4.8: Long Listing Format for Directories in ls
 | The long form of a directory listing is almost identical to a file listing, but the permissions string is interpreted in a very different manner. |
Here is an example of a long directory listing:% ls -l -d Example drwxr-x--- 2 taylor 1024 Sep 30 10:50 Example/Remember that you must have both read and execute permission for a directory. If you have either read or execute permission but not both, the directory will not be usable (as though you had neither permission). Write permission, of course, enables the user to alter the contents of the directory or add new files to the directory.
The Example directory breaks down for interpretation as shown in Figure 4.4.
Figure 4.4. Elements of directory permissions.
Now try using the -l flag yourself. Move to your home directory, and enter ls -l as shown here:
% ls -l total 403 drwx------ 2 taylor 512 Sep 30 10:38 Archives/ drwx------ 3 taylor 512 Oct 1 08:23 InfoWorld/ -rw------- 1 taylor 106020 Oct 8 15:17 LISTS drwx------ 2 taylor 1024 Sep 30 10:50 Mail/ drwx------ 2 taylor 512 Oct 6 09:36 News/ drwx------ 2 taylor 512 Sep 30 10:51 OWL/ -rw------- 1 taylor 4643 Sep 20 10:49 RUMORS.18Sept drwx------ 2 taylor 512 Oct 1 09:53 bin/ -rw------- 1 taylor 3843 Oct 6 18:02 iecc.list -rw-rw---- 1 taylor 280232 Oct 6 09:57 mailing.lists -rw-rw---- 1 taylor 1031 Oct 7 15:44 newlists drwx------ 2 taylor 512 Sep 14 22:14 src/The size of a directory is usually in increments of 512 bytes. The second field, the “link,” is an interesting and little-known value when a directory is being listed. Instead of counting up the number of other files that point to the file, (that is, the number of files that have a link to the current file), the second field indicates the number of directories that are contained in that specific directory. Remember, all directories have dot and dot-dot, so the minimum value is always 2.
Consider the following example of a directory listing:
% ls -Fa ./ .gopherrc .oldnewsrc .sig OWL/ ../ .history* .plan Archives/ RUMORS.18Sept .Agenda .info .pnewsexpert Cancelled.mail bin/ .aconfigrc .letter .report InfoWorld/ iecc.list .article .login .rm-timestamp LISTS mailing.lists .cshrc .mailrc .rnlast Mail/ newlists .elm/ .newsrc .rnsoft News/ src/ % ls -ld . drwx------ 10 taylor 1024 Oct 10 16:00 ./
Try entering ls -ld. and see whether it correctly identifies the number of directories in your home directory. Move to other directories and see whether the listing agrees with your own count of directories.
 | The output from the ls -l command is unquestionably complex and packed with information. Interpretation of permissions strings is an important part of understanding and being able to use UNIX, and more explanation is offered in subsequent hours. |
Table 4.3 summarizes the many different command flags for ls that you have learned in this hour.
Without a doubt, ls is one of the most powerful and, therefore, also one of the most confusing commands in UNIX. The best way for you to learn how all the flags work together is to experiment with different combinations.
Task 4.9: Creating Files with the touch Command
 | At this point, you have various UNIX tools that help you move through the file system and learn about specific files. The touch command is the first command that helps you create new files on the system, independent of any program other than the shell itself. This can prove very helpful for organizing a new collection of files, for example. |
The main reason that touch is used in UNIX is to force the last-modified time of a file to be updated, as the following example demonstrates:
% ls -l iecc.list -rw------- 1 taylor 3843 Oct 6 18:02 iecc.list % touch iecc.list % ls -l iecc.list -rw------- 1 taylor 3843 Oct 10 16:22 iecc.list
Because the touch command changes modification times of files, anything that sorts files based on modification time will, of course, alter the position of that file when the file is altered by touch.
Consider the following output:% ls -t mailing.lists LISTS News/ OWL/ src/ Cancelled.mail newlists bin/ Mail/ RUMORS.18Sept iecc.list InfoWorld/ Archives/ % touch iecc.list % ls -t iecc.list RUMORS.18Sept News/ OWL/ src/ mailing.lists LISTS bin/ Mail/ Cancelled.mail newlists InfoWorld/ Archives/
You probably will not use touch for this purpose very often.
If you try to use the touch command on a file that doesn't exist, the program creates the file:
% ls Archives/ LISTS OWL/ iecc.list src/ Cancelled.mail Mail/ RUMORS.18Sept mailing.lists InfoWorld/ News/ bin/ newlists % touch new.file % ls Archives/ LISTS OWL/ iecc.list newlists Cancelled.mail Mail/ RUMORS.18Sept mailing.lists src/ InfoWorld/ News/ bin/ new.file % ls -l new.file -rw-rw---- 1 taylor 0 Oct 10 16:28 new.file
The new file has zero bytes, as can be seen by the ls -l output. Notice that by default the files are created with read and write permission for the user and anyone in the user's group. You learn in another hour how to determine, by using the umask command, your own default permission for files.
 | You won't need touch very often, but it's valuable to know. |
Task 4.10: Checking Disk Space Usage with du
 | One advantage that Windows and Macintosh systems have over UNIX is they make it easy to find out how much disk space you're using and how much remains available. On a Macintosh, viewing folders by size shows disk space used, and the top of any Finder window shows available space. And in DOS it's even easier; both items are listed at the end of the output from a DIR command: |
C> DIR .BAT
Volume in drive C is MS-DOS_5
Volume Serial Number is 197A-A8D7
Directory of C:
AUTOEXEC BAT 142 02-28-96 8:19p
CSH BAT 36 12-22-97 3:01p
2 file(s) 178 bytes
5120000 bytes free
In this DOS example, you can see that the files listed take up 178 bytes, and that there are 5,120,000 bytes (about 5 megabytes, or 5MB) available on the hard drive.
Like a close-mouthed police informant, UNIX never volunteers any information, so you need to learn two new commands. The du, disk usage, command is used to find out how much disk space is used; the df, disk free, command is used to find out how much space is available.
The du command lists the size, in kilobytes, of all directories at or below the current point in the file system.% du 11 ./OWL 38 ./.elm 20 ./Archives 14 ./InfoWorld/PIMS 28 ./InfoWorld 710 ./Mail 191 ./News 25 ./bin 35 ./src 1627 .Notice that du went two levels deep to find the InfoWorld/PIMS subdirectory, adding its size to the size indicated for the InfoWorld directory. At the very end, it lists 1,627 kilobytes as the size of the dot directory—the current directory. As you know, 1,024 kilobytes is a megabyte. Through division, you'll find that this directory is taking up 1.5MB of disk space.
If you are interested in only the grand total, you can use the -s flag to output just a summary of the information.
% du -s 1627 .Of course, you can look anywhere on the file system, but the more subdirectories there are, the longer it takes.
Error messages with du are possible:
% du -s /etc /etc/shadow: Permission denied 4417 /etcIn this example, one of the directories within the /etc directory has a permissions set denying access:
% ls -ld /etc/shadow drwx------ 2 root 512 Oct 10 16:34 /etc/shadow/The du command summarizes disk usage only for the files it can read, so regardless of the size of the shadow directory, I'd still have the 4,417 kilobytes size indicated.
Although by default du lists only the sizes of directories, it also computes the size of all files. If you're interested in that information, you can, by adding the -a flag, have the program list it for all files.
% cd InfoWorld % du -a 9 ./PIM.review.Z 5 ./Expert.opinion.Z 4 ./PIMS/proposal.txt.Z 1 ./PIMS/task1.txt.Z 2 ./PIMS/task2.txt.Z 2 ./PIMS/task3.txt.Z 2 ./PIMS/task4.txt.Z 2 ./PIMS/task5.txt.Z 2 ./PIMS/task6.txt.Z 1 ./PIMS/contact.info.Z 14 ./PIMS 28 .
The problems of the -a flag for du are similar to those for the -R flag for ls. There may be more files in a directory than you care to view.
Task 4.11: Checking Available Disk Space with df
 | Figuring out how much disk space is available on the overall UNIX system is difficult for everyone except experts. The df command is used for this task, but it doesn't summarize its results—the user must add the column of numbers. |
This is the system's response to the df command:% df Filesystem kbytes used avail capacity Mounted /dev/zd0a 17259 14514 1019 93% / /dev/zd8d 185379 143995 22846 86% /userf /dev/zd7d 185379 12984 153857 8% /tmp /dev/zd3f 385689 307148 39971 88% /users /dev/zd3g 367635 232468 98403 70% /userc /dev/zd2f 385689 306189 40931 88% /usere /dev/zd2g 367635 207234 123637 63% /userb /dev/zd1g 301823 223027 48613 82% /usera /dev/zd5c 371507 314532 19824 94% /usr /dev/zd0h 236820 159641 53497 75% /usr/src /dev/zd0g 254987 36844 192644 16% /varYou end up with lots of information, but it's not easily added quickly to find the total space available. Nonetheless, the output offers quite a bit of information.
Because I know that my home directory is on the disk /users, I can simply look for that directory in the rightmost column to find out that I'm using the hard disk /dev/zd3f. I can see that there are 385,689 kilobytes on the disk, and 88% of the disk is used, which means that 307,148 kilobytes are used and 39,971 kilobytes, or only about 38MB, are unused.
Some UNIX systems have relatively few separate computer disks hooked up, making the df output more readable. The df output is explained in Figure 4.5.
% df Filesystem kbytes used avail capacity Mounted /dev/sd0a 55735 37414 12748 75% / /dev/sd2b 187195 153569 14907 91% /usr /dev/sd1a 55688 43089 7031 86% /utilsFigure 4.5. Understanding df output.
You can add the columns to find that the system has a total of about 300MB of disk space (55,735 + 187,195 + 55,688), of which 230MB are used. The remaining space is therefore 33MB, or 16% of the total disk size.
 | Try using the du and df commands on your system to figure out how much disk space is available on both the overall system and the disk you're using for your home directory. Then use du to identify how much space your files and directories are occupying. |
Task 4.12: Shrinking Big Files with the compress Program
 | Now that you can figure out how much space you're using with the files in your directory, you're ready to learn how to save space without removing any files. UNIX has a built-in program—the compress program—that offers this capability. |
In this simple example, the compress program is given a list of filenames and then compresses each of the files, renaming them with a .Z suffix, which indicates that they are compressed.% ls -l LISTS -rw------- 1 taylor 106020 Oct 10 13:47 LISTS % compress LISTS % ls -l LISTS.Z -rw------- 1 taylor 44103 Oct 10 13:47 LISTS.Z
Compressing the LISTS file has reduced its size from 106 kilobytes to a little more than 44 kilobytes (a savings of almost 60% in disk space). If you expect to have large files on your system that you won't access very often, using the compress program can save lots of disk space.
Using compress on bigger files can show even greater savings:
% ls -l huge.file -rwxrwxrwx 1 root 3727360 Sep 27 14:03 huge.file % compress huge.file % ls -l huge.file.Z -rwxrwxrwx 1 taylor 2121950 Sep 27 14:03 huge.file.Z
In this example, it took a powerful Sun computer with no other users exactly 20 seconds to compress huge.file. This single command was able to free over 1.5MB of disk space. If you're using a PC to run UNIX, or if you are on a system with many users (which you can easily ascertain by using the w command), it might take a significant amount of time to compress files.
To reverse the operation, use the companion command uncompress, and specify either the current name of the file (that is, with the .Z suffix) or the name of the file before it was compressed (that is, without the .Z suffix).
% uncompress LISTS % ls -l LISTS -rw------- 1 taylor 106020 Oct 10 13:47 LISTS
 | Why would you compress files? You would do so to save file space. Before you use any of the compressed files, though, you must uncompress them, so the compress utility is best used with large files you won't need for a while. |
For information on how well the compress program shrank your files, you can add a -v flag to the program for verbose output:
% compress -v huge.file huge.file: Compression: 43.15% -- replaced with huge.file.Z
 | Try using the compress program on some of the files in your directory, being careful not to compress any files (particularly preference or dot files) that might be required to run programs. |