MODULE 6

Managing Linux File System and File

Security
 Managing Linux File System and File Security
 Linux File Management
 Linux File System Description
 Common File System Tasks
 Viewing Text File Contents
 Using Removable Media
 Mounting and Unmounting Storage Devices
 Creating new file systems
 Testing and repairing file systems
 Searching within the File System
 File Security
• Password-based Protection
• Encryption-based Protection
 Protection-based on Permission
• Types of Users
• Types of File Operations/Access Permission
Linux File Management

While using a computer system, a user is constantly performing file-related operations:

creating, reading,writing/modifying, or executing files. Therefore, the user needs to
understand
 what a file is in Linux,
 how files can be organized and managed,
 how they are represented inside the operating system, and
 how they are stored on the disk.
In this course a simple presentation on file description and storage is made.
In Linux, a file is a sequence of bytes. Thus, everything, including a network interface card,
a disk drive, a Universal Serial Bus (USB) flash drive, a keyboard, a printer, a simple/ordinary
(text, executable, etc.) file, or a directory, is treated as a file.
Linux File System Description
• ext2, ext3 and reiser file systems discussed in previous slide are more
properly termed disk file systems.
• disk file systems are used to define how data is stored on your Linux
system’s hard disk drive.
• A disk file system is a specific implementation of a file system in general.
• There are other implementations of file systems in addition to disk file
systems, including: database file systems and network file systems, such
as the Network File System (NFS) or the Server Message Block (SMB) file
system.
 The Role of the Linux File
System
• So what exactly is the role of the file system in general on a Linux system (or
any other operating system, for that matter)? We’re talking about a system
that stores information on a storage device in such a manner that:
• The data is organized and can be easily located.
• The data can be easily retrieved at any later point in time.
• The integrity of the data is preserved.

In other words, if you save a file to a storage device, you should be able to find it
later on and retrieve it, assured that its contents will be exactly the same as
when it was saved
 Types of Files
Linux supports seven types of files:
• Simple/ordinary file
• Directory
• Symbolic (soft) link
• Character special file
• Block special file
• Named pipe (also called FIFO)
• Socket
You can use the ls –l command to display the type of a file.

Simple/ordinary files are used to store information and data on a secondary

storage device, typically a disk.
An ordinary file may contain any of the following:
• Unstructured text
• Source code (or script) in a programming language such as C, C++,
Java, Ruby, Python, LISP,and Bash
• An executable program that you have created by compiling (and
linking) a source program
• Applications such as compilers, database tools, desktop publishing
tools, and graphing software
• PostScript code
• Pictures
• Video
• Audio
• Graphics
• Etc.
 The Hierarchical Structure of the Linux File System
• The file system used by Linux uses a hierarchical structure to organize and
store data. That is treelike, but upside down, with the root at the top.
• The topmost directory in the structure is the / directory, also called the root
directory.
• This has nothing to do with your root user account. It simply specifies that this
directory is the root of your hierarchical file system tree.
• Beneath the root directory are a series of subdirectories.
• Specifications for how these directories are to be named are contained in the
File system Hierarchy Standard (FHS)
• The FHS provides Linux software developers and system administrators with a
standard directory structure for the file system, ensuring consistency between
systems and distributions.
A file or directory in a hierarchical file system is specified by a pathname. Simply
put, a pathname is the full name of a file. Most Linux systems place all home
directories under /home. The following figure shows diagramatic description of
the structure
 The Hierarchical Structure of the Linux File System
The FHS defines the directories that should appear under the root directory (/) as well as the
directories that should appear under the /usr and /var directories. These include the following:
• /bin This directory contains executable files necessary to manage and run the Linux system,
including shells (such as bash) and file system management utilities such as cp and rm.
• /boot This directory contains your bootloader files, which are required to boot your system.
• /dev This directory contains special files that are used to represent the various hardware
devices installed in the system. Remember when we installed Linux? We said that the first
SCSI hard disk drive in your system was called sda and the first IDE hard drive in your system
was called hda. The files that represent these devices are stored in /dev, Other hardware
devices are also represented by files in /dev
• /etc This directory contains text-based configuration files used by the system as well as
services running on the system. You can edit these files with a text editor to customize how
Linux behaves.
• /home This directory contains subdirectories that serve as home directories for each user
account on your Linux system.
• /lib This directory contains code libraries used by programs in /bin and /sbin.
Your kernel modules are also stored in the modules subdirectory of /lib.
• /media This directory is used by some Linux distributions (such as SUSE Linux)
to mount external devices, including CD drives, DVD drives, and floppy drives.
This is done using a series of subdirectories.
• /mnt This directory is used by some Linux distributions (such as Fedora or Red
Hat) to mount external devices, including CD drives, DVD drives, and floppy
drives. As with the /media directory on a SUSE system, a series of
subdirectories are used to do this.
• /opt This directory contains files for some programs you install on the system.
• /proc This directory is a little different from the other directories in this list.
/proc doesn’t actually exist in the file system. Instead, it’s a pseudo file system
that is dynamically created whenever it is accessed. It’s used to access process
information from the Linux kernel.
 Common File System tasks: Navigating the File System

As you work with the Linux file system, one of the most common tasks you will
need to complete is to move around between the different directories on your
hard disks.
Your Linux system provides the following commands that you can use from the
shell prompt to do this:
■ pwd :The pwd command is a relatively simple utility. It simply displays the
current directory on the screen. (pwd stands for Present Working Directory.)
• This utility can be exceptionally useful if your shell profile hasn’t been configured to
display the current directory as a part of the shell prompt.
• To use pwd, simply enter pwd at the shell prompt. The ~ character in the shell prompt is
shorthand that refers to the current user’s home directory.
• At this point, you know how to identify what directory you’re in. More than
likely, you’re going to need to change to a different directory in the file system at
some point. Let’s discuss how to do this next
 Using the cd Command
■ cd
You can also use absolute paths with the cd command. When you use an absolute path, you specify
the full path, starting from /, to the directory you want to change to.
• For example while in /home/Babcock one can issue the cd /var/log command. Because we
specified an absolute path, the cd command knew that the var/log directory didn’t exist in the
current directory. Instead, the path was determined from the root directory (/) and the current
directory was changed to it.
• If you enter cd at the shell prompt without specifying a path, it will automatically change
directories to the home directory of the currently logged-in user.
• You can also use the cd command to move up the file system hierarchy. You can do this by entering
cd .. . This will change the current directory to the next directory higher in the hierarchy. For
example if working at /var/log and the cd .. command is issued, it changes the directory from
/var/log to /var.
 Using the ls Command
■ ls
The ls command is used to list the files and subdirectories that may exist within a
directory.
• If you enter ls at the shell prompt, the contents of the current directory are listed
on the screen.
• As with the cd command, you can also provide an absolute path when using ls.
This will cause ls to display the contents of the directory you specify.
• When working with ls, you can use a variety of options to customize how it
works. Some of these options include the following:
• –a Displays all files, including hidden files.
• –l Displays a long listing of the directory contents. This is a very useful option.
You can use it to see the file names, ownership, permissions, modification date,
and size.
 Creating Files and Directories
• From time to time, you will need to create new files and directories in your Linux
file system.
Creating a new file can be accomplished using the touch command from the shell
prompt.
• To use touch, enter touch followed by the name of the file you want to create
• You can also use shell commands to create new directories.
This is done using the mkdir command.
• As with touch, you can enter mkdir from the shell prompt followed by the name
of the directory you want to create.
Example: $ mkdir mydocs
Create a file inside mydocs: $mydocs touch myfile
 Viewing Text File Contents
• cat The cat filename command will display the specified text file on screen. This
command doesn’t pause the output, so if you use it to view a long file, you may
need to append |more to the command to pause the output a page a time.
• less The less filename command can also be used to display the specified text file
on screen, much like cat. However, the less command automatically pauses a long
text file one page at time. You can use the SPACEBAR, PAGEUP, PAGE DOWN, and
ARROW keys to navigate around in the file.
• head The head filename command is used to display the first couple of lines of a
text file on the screen.
• tail The tail filename command is used to display the last couple of lines of a text
file on screen. The tail command is particularly useful when displaying a log file on
screen. When viewing a log file, you probably only want to see the end of the file.
You probably don’t care about log entries made several days ago. You can use tail
to see just the last log entries added to the end of the file.
 Deleting Files and Directories
■ rmdir This utility can be used to delete an existing directory. To use it, simply
enter rmdir directory_name
For example, rmdir MyFiles. Be aware, however, that rmdir requires that the
directory be empty before it will delete it.
■ rm The rm utility is a more powerful deletion utility that can be used to
delete either a file or a populated directory.
To delete a file,
simply enter rm filename.
To delete a directory,
enter rm –r directory_name.
Deleting Files and
Directories[ctd]
 Copy Files and Directories

The cp command copies files or directories. It can be used two different

ways. The following:

cp item1 item2: copies the single file or directory item1 to the file or directory item2.
Whereas
This command:
cp item... Directory: copies multiple items (either files or directories) into a directory
Useful Options and Examples
cp: Examples
mv—Move and Rename Files
The mv command performs both file moving and file renaming, depending on how it is used. In either
case, the original filename no longer exists after the operation.
mv is used in much the same way as cp, as shown here:

mv item1 item2: to move or rename the file or directory item1 to item2. It’s also used as follows

mv item... directory: mv shares many of the same options as cp, as described above
Useful Options and
Examples
File Security
 File Security
• Password-based Protection
• Encryption-based Protection
 Protection-based on Permission
• Types of Users
• Types of File Operations/Access Permission
Objectives
To show the protection and security mechanisms that Linux provides
• To describe the types of users of a Linux file
• To discuss the basic operations that can be performed on a Linux file
• To explain the concept of file access permissions/privileges in Linux
• To discuss how a user can determine access privileges for a file
• To describe how a user can set and change permissions for a file
• To discuss special protection bits, set-user-ID, set-group-ID, and sticky bit, and describe
their purpose
• To cover the following commands and primitives:
Introduction
In a time-sharing system like Linux there are great benefits. However, there is a main
challenge of protecting the hardware and software resources in it. These resources
include the input/ output devices, central processing unit (CPU), main memory, and the
secondary storage devices that store user files.

To protect user files from unauthorized access is to

 Give every user a login name and a password(the most fundamental scheme)
allowing a user to use a system
Protects individual files by converting them to a form that is completely different from
the original version by means of encryption. This technique is used to protect your
most important files, so that the contents of these files cannot be understood even if
someone somehow gains access to them on the system
allows you to protect your files by associating access privileges with them, so that
only a subset of users can access these files for a subset of file operations
Password-Based Protection
The first mechanism that allows you to protect your files from other users is the login
password scheme. Every user of a Linux-based computer system is assigned a login name
(a name by which the user is known to the Linux system) and a password. The following
methods of discovering a user’s password:

1.You, as the owner of an account, inform others of your password.

2. A user guesses (or cracks) another user’s password using several techniques
such as the dictionary, brute force, rainbow table, and spidering attacks.
3. Using phishing to obtain your password.
4. Using social engineering to obtain your password.
5. Using malware or keylogger to obtain your password
 Encryption-Based Protection
In this scheme, a software tool is used to convert a file to a form that is completely
different from its original version. The transformed file is called an encrypted file, and
the process of converting a file to an encrypted file is called encryption.
The Linux commands mcrypt and openssl can be used to encrypt and decrypt your
files. You can learn more about these commands by running the man mcrypt and man
openssl commands