Loops
Often times you need to run the same task in bash against a number of different arguments. Loops in bash can make this very quick and easy.
One of the simplest ways you can do this in a one liner is as follows
1 2 3 4 5 |
|
You can also predefine an array to use later like this
1 2 3 4 5 |
|
Or, to do this on one line
1 2 3 4 |
|
You can use ranges with seq
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
|
If you need a counter you could do something like this
1 2 3 4 5 6 7 8 9 10 11 12 |
|
File Permissions
There are a few shortcuts that make life easier when working with file and directory permissions. Here are a few.
When you want to recursively change permissions in a directory, you will want to change the file permissions separately from the directory permissions. You can accomplish this by using two different find commands piped to xargs as follows.
1 2 |
|
or
1 2 |
|
Three permission triads
1 2 3 |
|
Each triad
1 2 3 4 5 |
|
References, Operators and Modifiers
Above, you can see that permissions can be changed using u, g, o and a. These represent references to User, Group, Other and All. + (u)ser: + The user is the owner of the files. The user of a file or directory can be changed with the chown [3]. command. + Read, write and execute privileges are individually set for the user with 0400, 0200 and 0100 respectively. Combinations can be applied as necessary eg: 0700 is read, write and execute for the user. + (g)roup: + A group is the set of people that are able to interact with that file. The group set on a file or directory can be changed with the chgrp [4]. command. + Read, write and execute privileges are individually set for the group with 0040, 0020 and 0010 respectively. Combinations can be applied as necessary eg: 0070 is read, write and execute for the group. + (o)ther: + Represents everyone who isn’t an owner or a member of the group associated with that resource. Other is often referred to as “world”, “everyone” etc. + Read, write and execute privileges are individually set for the other with 0004, 0002 and 0001 respectively. Combinations can be applied as necessary eg: 0007 is read, write and execute for other. + (a)ll: + Represents everyone
The operator is what is used to control adding or removing of modifiers + + Add the specified file mode bits to the existing file mode bits of each file + – removes the specified file mode bits to the existing file mode bits of each file + = adds the specified bits and removes unspecified bits, except the setuid and setgid bits set for directories, unless explicitly specified.
Modifiers + r read + w write + x execute (or search for directories) + X execute/search only if the file is a directory or already has execute bit set for some user + s setuid or setgid (depending on the specified references) + S setuid or setgid (depending on the specified references) without the executable bit (or search for directories) set + t restricted deletion flag or sticky bit
Octal
- The read bit adds 4 to its total (in binary 100),
- The write bit adds 2 to its total (in binary 010), and
- The execute bit adds 1 to its total (in binary 001).
These values never produce ambiguous combinations; each sum represents a specific set of permissions. More technically, this is an octal representation of a bit field – each bit references a separate permission, and grouping 3 bits at a time in octal corresponds to grouping these permissions by user, group, and others.
SetUID, SetGID and the Stick Bit
SUID / Set User ID : A program is executed with the file owner’s permissions (rather than with the permissions of the user who executes it).
1 2 |
|
SGID / Set Group ID : Files created in the directory inherit its GID, i.e When a directory is shared between the users , and sgid is implemented on that shared directory , when these users creates directory, then the created directory has the same gid or group owner of its parent directory.
1 2 |
|
Sticky Bit : It is used mainly used on folders in order to avoid deletion of a folder and its content by other user though he/she is having write permissions. If Sticky bit is enabled on a folder, the folder is deleted by only owner of the folder and super user(root). This is a security measure to suppress deletion of critical folders where it is having full permissions by others.
1 2 3 |
|
’S’ = The directory’s setgid bit is set, but the execute bit isn’t set. ’s’ = The directory’s setgid bit is set, and the execute bit is set.
These are represented in the ls -la
(list all files in list format) by the following
1 2 3 4 5 6 7 |
|
Permissions for Multi User Samba Directory
1
|
|