CS469 - Linux and Unix Administration and Networking

Files and Paths

One of the Unix philosophies is that everything should present as a "file", including devices, wherever possible.

File/directory-names likely limited to 255 characters (depends on file-system being used.) File-names may not contain '/' (the path component separator character) or the null byte('\0') (likely a limitation of the kernel being written in C.)

Path length are likely limited to 4096 bytes (depends on file-system)

/ The root of the file-system directory (not the root account)
. The current directory
.. The parent directory
.* A "hidden" file (not normally listed unless -a option used.)

Path components are separated by forward slashes:


/x/../y/.    ⟶    /y

Files - Reading and writing:

> cat [-n] [<files...>]

  • Concatenate files

> more [<files...>]
> less [<files...>]

  • Paginate (display only one page of text at a time) output of files

> head [-n <lines>] [<file>]

  • Print first 10 lines in a file.

> tail [-n <lines>] [-f] [<file>]

  • Print last 10 lines in a file.

> grep <pattern> [<files...>]

  • Search for (a regular expression) pattern in files

> zcat / zgrep / gzip

  • Performs operations on gzipped (compressed) files (files ending with a .gz extension)

> file <file>

  • Identifies the type of a file file is.


The first file-system mounted on the system is the root file-system as is always mounted at /. Drives/partitions are then mapped onto the root file-system or sub mounted file-system at their "mount point" with the mount(8) command. Mounted file-systems are removed using the umount(8) command.


# mount /dev/sda1 /mnt

  • Mounts the device /dev/sda1 at /mnt

# umount /mnt

  • Removes the file-system mounted at /mnt


> df [-h] [-i]

  • Displays mounted file-systems and information about them.
    -h = Display sizes in human readable units
    -i = Display number of inodes available.

Path resolution:

  • Reading: man 7 path_resolution

Path resolution is the process by which a path-name (a slash separated list of directorys terminating with an optional file name) resolves to a specific file or directory.

A slash (/) at the beginning of a path means that the path is an absolute path beginning from the root of the file-system (/). If the path does not begin with the a slash then it is a relative path, one that is relative to the current working directory, as if the absolute path of the current working directory were prefixed to the path and then path resolution is performed.

A file is accessible if:

  1. All the parent directories (all the way to the root (/) directory) allow search permissions for that user.

  2. If the user owns the file, the owner permission bits are used to determine access, otherwise if the user is a member of the group of the file, then the group perms are used, otherwise the "other" permissions are used.

Meta/Inode file information

  • Reading: man 2 stat

An inode represents an actual file, its meta data and data. Files in directories merely point to an inode. A file pointer to an inode is a "hard link", and increases the inodes hard link count. When the hard link count drops to zero, the inode (and the file data) is freed. The file information might not actually be deleted, just un-referenced, so it is sometimes possible to recover the deleted data if file-system is immediately unmounted (or set to read-only) and special recovery programs are used to recover the data.

Inodes contain the following meta data:

  • Owner UID (User ID) and GID (Group ID) (unsigned 32 bit integers)

  • Mode (file permissions bits, shown here in octal):

Mode What Description
4000 setuid Allows the setuid() (change effective user id) system calls to work. setuid() is restricted to the uid of the owner of the file (unrestricted if that owner is uid 0 (i.e. root))
2000 setgid Allow setgid()/setegid(), same as with setuid above.
1000 sticky bit(t) On directories it sets a restricted delete mode which prevents users from removing/renaming files/dirs not owned by them. Used on /tmp for example.
0x00 Owner bits Permissions used when the user owns the file
00x0 Group bits Permissions used if the user is a group member
000x Other bits Permissions used if neither user or group permissions apply
Permission bit values
x= 4 read (r) / list files in directory
x= 2 write (w) / add/remove entries in a directory
x= 1 execute (x) / search (cd into) a directory
  • Size (bytes and blocks) (32 or 64 bits)

  • Times (nominally times in seconds since the epoch (Jan 1 1970) (time_t)):

atime Last access time (last time read)
mtime Last modification time (last time file modified)
ctime Last status change (meta information changed)
btime File creation (birth) time. Some file-systems support btime, but is not generally accessible via normal system calls (i.e. only via statx())
  • Inode & device numbers - Internally in the kernel all file-system objects are uniquely identified by the combination of these two numbers.

ls -l output decoded:

    -rw-r--r-- 1 user group   283 Jan 13 18:52 file
    │╲ ╱╲ ╱╲ ╱ │ │        │ └File┘└────┬─────┘  └─── File-name
    │ U  G  O  │ └───┬────┘  Size      └──────────── Last modified time
    │  perms   │     └────────────────────────────── User and Group owners (user first)
    │          └──────────────────────────────────── Hard link count
    └─────────────────────────────────────────────── File type
  • File types:
- Regular file
d Directory
l Symbolic link
p Pipe (FIFO)
c Character Special (typically serial data)
b Block Special (typically disks)
s Socket file (Unix domain sockets)
? Unknown (very bad)


> chmod [-R] <mode> <file...>

  • Set permissions on file or files. has two possible forms, octal or ascii: <[ugoa]+><[+-=]><[rwxts]+>
    -R = recursively set permissions on all files/directories in a directory.

  • Example: chmod -R u+x,g=r,o-rwx /tmp/foo

# chown [-R] <owner>[:<group>] <file...>

  • Set ownership on files.
  • Example: chown -R sbaker:users /tmp/foo

> chgrp [-R] <group> <file...>

  • Set group ownership on files.
  • Example: chgrp -R users /tmp/foo

> touch <file..>

  • Updates last access and modification times of files, creating new files if necessary.
  • Example: touch foo bar baz

> umask [<octal #>]

  • Set/show the default file/directory permissions creation mask. default permissions are & ~umask where defmode = 0777 for directories and 0666 for files.
  • Example: umask 022

Access Control Lists (ACL's):

  • Reading: man 5 acl

Some file-systems may support ACL (Access Control List) permissions which if present on a file supersede the regular permissions.

ACLs are viewed with getfacl and set with setfacl.

ACL's are composed of a list of tags of the following types:

ACL_USER_OBJ Access rights for the file owner.
ACL_GROUP_OBJ Access rights for the file group.
ACL_USER Access rights for users identified by the entry's qualifier.
ACL_GROUP Access rights for groups identified by the entry's qualifier.
ACL_MASK The maximum access rights that can be granted by entries of type ACL_USER, ACL_GROUP_OBJ, or ACL_GROUP.
ACL_OTHER Access rights for processes that do not match any other entry in the ACL.

An ACL contains at least one of ACL_USER_OBJ, ACL_GROUP_OBJ and ACL_OTHER, and zero or more of ACL_USER and ACL_GROUP, if either are present, then exactly one ACL_MASK tag must also be present.

A default ACL on a directory is inherited by any children created within it.

> getfacl <file>

> setfacl [-m|-x] <acl-list> <file(s)>

-m = modify
-x = remove
-b = remove all ACLs

[d:][u:]uid[:perms] Permissions of a named user, or of the file owner if uid is empty.
[d:]g:gid[:perms] Permissions of a named group, or owning group if gid is empty.
[d:]m[:][:perms] Effective rights mask
[d:]o[:][:perms] Permissions of others.
d = default (and may be spelled out as default)
u = user (also may be spelled out as user)
g = group (also may be spelled out)
o = other (also may be spelled out)
m = mask (specifies maximum permissions for other)


getfacl dir

  • Displays the set ACL's on dir.

setfacl -m d:u:sbaker:r-x,u:sbaker:r-x dir

  • Sets both a default ACL and user ACL (for sbaker) on the directory dir. Note that there are no spaces in the acl-list.

setfacl -m default:user:sbaker:r-x,user:sbaker:r-x dir

  • Same as above, but spelled out.

setfacl -R -b dir

  • Recursively removes all ACL's on dir and all its contents.

Links: (man 7 symlink)

There are two types of links, hard and symbolic:

Hard linked files are essentially the same file (share the same inode and data), just have different directory entries to the same inode. Hard links cannot cross a mount-point (i.e. they are limited to the same device and file-system) for obvious reasons.

Symbolic links are text values that may or may not point to an existing object.

  • Read man 7 symlink for more about them.

> ln [-s] <target> [<name>|<directory>]

  • Make links between files. -s for symbolic links.

> readlink <symbolic link>

  • Print the value of a symbolic link.

> realpath <path>

  • Print the real resolved path from the path given.