|
UNIX FILE
SYSTEM
Perhaps the most important
thing to obtain a grasp of when dealing with web development,
is the prevalence of the UNIX style file system in almost
everything you will be doing. The benefits of the unix style
file system and directory layout are apparent once you have
utilized them for some time, but on first introduction it
can be a confusing, arcane system. While it is not compulsory
to fully understand how the unix file system works to use
your MediaHostNet account, many problems you may encounter
will find their cause in issues surrounding your knowledge
of the file system. This document is intended as an extended
guide and reference - we recommended you familiarize yourself
with it for consultation at a later time.
Especially if the DOS/windows file system is your only prior
file system experience.
There is one factor that can
ease your grasp of Unix file system concepts - this is that
if you have ever used HTTP or FTP (web browsing or file transfers),
you will have already encountered a good deal of unix file
system concepts. Much of your knowledge of how URL's (web
addresses) are written will apply to the unix file system,
as URL's take their format from the same source.
To illustrate this - consider
the URL.
http://www.some-server.com/Magazine/articles/june98.html
Retrieves this file from the
server's hard drive:
/home/www/Magazine/articles/june98.html
You'll see during this chapter
how the relation between these two addresses is interpreted.
Differences
The unix file system differs
from the DOS style in several notable ways that make it considerably
more powerful and configurable than dos [and windows]. These
same features can also provide numerous headaches for the
unprepared.
Names are different:
Take note that windows and macintosh systems, in their
goal of being user friendly, change the established name of
things to a more 'friendly' name. Hence, what would be called
a 'folder' under windows, will be called by its true name
of 'Directory' in the context of this manual. Other terms
will be explained as they are encountered.
Reversed Slash: The
\ slash used to separate directories under windows, is not
present in unix. Just as URL's (web addresses) use the /
slash between directories, so does Unix; this is related
to the creation of the web and the URL system on Unix systems
initially.
Unix is case sensitive:
Firstly, and perhaps most important to remember: the
file system is case sensitive - consider the following:
file1.text
File1.TEXT
FILE1.text
These three names are three
individual files, each could exist together in the same
directory. Under windows, these would all refer to the same
file, as DOS-FAT is a case INsensitive file system.
Directories ['folders'] are also case sensitive.
While the debate over which
is better [case sensitive or insensitive] may well continue
for years, the immediate point is to always remember to
check the case of the letters in a filename. 95 percent
of commonly encountered problems in web development come
down to a case of trying to access a a file or directory
with the wrong case letters in the name.
The Root Directory: The
other major fundamental difference between unix and the
DOS style file systems , is the absence of 'drive letter'.
Instead of C: D: , etc. partitions and extra drives are
mounted in sub directories under the 'root' file system
Thus, if drive C: is the
'root' file system , drives D: and E: could be [for example]
mounted under /mnt/data and /mnt/databases.
This means the user need not concern
themselves over which drive a file is on, as the entire system
appears to be one contiguous file system, starting from the
root directory [ '/' ] and descending from there in a higharchial
fashion. All files on a unix file system are accessed in the
following format -> /dir/dir/dir/.../file
e.g.
/usr/bin/pico
/home/jason/projects/report.txt
/usr/local/share/Windowmaker/menu.pl
Features
+ Concepts
The most important concepts
when dealing with a Unix file system are detailed here.
Current Working
Directory: As you navigate from place to place in the
unix file system, , the 'place' you are currently at is referred
to as the current working directory, or cwd for short. important
to note this when using relative directories [see down]
Path: There are two
meanings for path in the unix file system, depending on
context the first usage of 'path' means the 'address' of
a file, expressed as a list of directories the file is in
e.g. /home/jason/projects/paper.txt the second usage of
'path' refers to the list of directories that will be looked
in to find commands entered at the system command line interface.
e.g. /bin /usr/bin/ /usr/sbin this is more accurately referred
to as the 'working path'.
Absolute Paths:
Always start with a leading / to indicate they start in
the root directory. e.g. this is an absolute path /usr/bin/pico
this is not bin/pico [this would look for a file named pico
in the sub directory 'bin' of where ever the current working
directly [cwd] is.]
Relative Paths:
A relative path has no leading / and it relative to the
current working directory [cwd] e.g. if the current working
directory is /home/jason projects/paper.txt would refer
to the file [as absolute path] /home/jason/projects/paper.txt
there are a pair of 'special directories' that indicate
certain directories in relative paths:
|
./
|
'The current
working directory' |
|
../
|
'The parent
directory' [the one above the current dir] |
|
~/
|
When a
path begins with this 'your home directory' |
|
some examples of
using these special dirs in a path.
|
|
./configure
|
'The
file configure, in the current directory' [e.g. as
opposed to the configure from /usr/bin] |
|
../paper.txt
|
'The file
paper.txt, in the directory above this one' |
|
../backups/oldpaper.txt
|
'Go up
a directory, then down into the directory "backups"
and get oldpaper.txt" |
|
~/projects/paper.txt
|
'The file
paper.txt from the directory 'projects', in my home
directory' |
Hard Links: Files may
by linked, that is to say, a file may appear in two different
directories on a file system, yet still be only the one file
[the duplicates of the file are not copies, they take up no
extra disk space. Changes made to the file in one location
will affect it in all locations, and a file will not be deleted
until all links to it and the original have been deleted.
Symbolic links both directories and files may be symbolically
linked.
Symlinks: [as they
are more often referred to as] Are really just pointers
to another file or directory, much in the way a windows
shortcut or a macOS alias is. Unlike a windows shortcut
however, a symlink is , for most intents and purposes, effectively
the file/directory it points to, however, it differs slightly
from a [hard] link in certain ways when it is copied , archived,
deleted etc. for example, a symbolic link may point to a
destination that does not exist, where with hard linking,
so long as one link remains, the file will always be found.
Absolute paths An absolute path is a way of entering the
location of a file/directory, that is relative only to the
root directory, not the current working directory, hence,
it is an absolute 'path' the the file.
Access Permissions:
File and directories have two other important properties:
owner and permissions. a file or directory has three major
pieces of information relating to its access permissions.
The user that owns the file, the usergroup that owns the file,
and the access permissions relating to the owner, the group,
and the rest of the system.
permissions are
of the form 'rwxrwxrwx' where rwx stands for 'read' , '
write' and 'execute' respectively
the three sets of 'rwx' relate to 'owner' 'group' and 'world'
respectively.
rwx rwx rwx
[user] [group] [world]
The own of the file has
the first set of permissions, then the usergroup of the
file, and then anyone not in this group e.g. a file owned
by user 'jason' and the group 'users', with the permissions
'rw-r----' this reads as jason has read and write permissions
anyone in the group 'users' has read access anyone else
has no access to the file at all. read and write are self-explanatory,
but the x permission has some special cases. the x permission
in the permissions of a file, determine what users can
execute [run] the file. The x in the permissions of a
directory determine what users can access that directory.
Summary
of Access Permissions
Although not an exhaustive
list of possible file permissions, this list covers all major
permissions for files, and their numeric modes [to use with
the 'chmod' shell command]. Because permissions affect files
and directories differently, they have been separated into
two lists. Unless you have very specific needs, it is recommended
you do not set your files to permissions other than these
listed; doing so may result in security problems on your web
site, or may deny your access to your own files.
Firstly, the terms used below
will be clearly defined.
- Read
- Read access allows
the viewing of the contents of a file. if this file resides
under your public_html or public_ftp folder, this means
it may be accessible over the internet [should other necessary
permissions be set]. Read access to a directory gives the
user the right to retrieve a listing of the files within
that directory.
- Write
- Write access allows the user to add/remove data from a
file, or delete it entirely. Write access to a directory
will allow the user to add new files to that directory.
- Run/Execute
- Execute permissions on a program or script give the user
the ability to active the program on the server [which will
then carry out its intended function]. Execute permissions
on a directory will allow the user to enter (and access
files within) that directory.
| PERMISSION |
MODE
|
GRANTS ACCESS TO:
|
NOTES
|
PROGRAMS/SCRIPTS
|
| rwxrwxrwx |
777
|
Everyone can
read,write and run this program/script |
unless specifically required
by a script, this permissions is generally not recommended
|
| rwxrwxr-x |
775
|
The owner
and owner's group can read,write and execute this program/script.
Everyone else can read and run it |
a good general setting
for programs and scripts.
|
| rwxrwx--- |
770
|
Owner and
group have full access, all others are denied access |
This will prevent any
access to the program/script except for yourself
|
DATA FILES
|
| rw-rw-rw- |
666
|
Everyone can
read and write this file |
this is a common setting
for any data file that must be modified by a cgi program
|
| rw-rw-r-- |
664
|
Owner and
group can read and write, all other may only read |
Recommended settings
for files that must be readable by cgi scripts or the
webserver, but not modified except by yourself.
|
| rw-r----- |
660
|
Owner can
read and write, group can read, all others have no access |
recommended settings
for files you wish to remain private on the server
|
DIRECTORIES
|
| rwxrwxrwx |
777
|
Everyone can
enter this directory, list files therein and add new files |
This permission is needed
for directories that are used by CGI scripts that need
to add/remove data files to a directory in the course
of their operation.
|
| rwxrwxr-x |
775
|
Owner and
group can enter, list and add files, all others can enter
and list files |
The recommended setting
for all directories where only you should have access
to add/remove files therein.
|
| rwxrwx-wx |
773
|
Owner and
group can enter directory, list and add files, others
may enter the directory and add new files , but not list
files already present |
recommended for 'anonymous
upload' directories, where anyone can add new files,
but not access those already within.
|
| rwxrwx--x |
771
|
Owner and
group have full access, all others may enter directory
but not list files contained within. |
This denies access to
the files in this directory to anyone but yourself,
but allows others to access sub-directories contained
within.
|
| rwxr-x--- |
770
|
Full access
to owner and group, all others denied any access |
recommended setting for
directories you wish to keep private
|
|
