in this file system there are 498784 inodes and so on.'
tune2fs == allows the system adminstrator to adjust various tunable filesystem parameters on linux ext2, ext3, ext4 filesystems.
i only typed less /etc/passwd but when you check out with lsof command with pid there are many files opened , because of dependency.
0u , 1u, 2u is the file descriptor stdin, stdout, stderr , and we have our less command at 4r
Hard Link , Soft Link
unlike hard link if you remove actual file , soft link will be dangling pointer.
Special File Permission (SUID, SGID, STICKY)
SUID
if you use $ chmod u+S file your are giving S bit permission to that file which is executable. it will execute with the power of the owner of that file
if it is so harmful why OS has given this facility of Suid bit?
$ find / -perm /4000 >2 /dev/null
this will tell you who has the suid bit file. ex) /bin/su , /bin/mount , /usr/bin/passwd , /usr/bin/sudo
/usr/bin/passwd is used for changing password inside /etc/shadow.
but /etc/shadow has no permission for other users. but you cannot change other user's password because of passwd checks UID internally even though you have suid bit on.
SGID
$ find / -perm /4000 >2 /dev/null looks for files that have SGID bit
/usr/bin/chage runs power of group which is shadow and also /etc/shadow has group shadow.
for directory if you set SGID bit. and make file there, file will have group permission as other group not self , for example student.
STICKY
$ chmod o+t by using this command you set sticky bit on directory
and only the owner of certain file can delete certain file
$ find / -perm /1000 2>/dev/null
Access Control Model
1. DAC(Discretionary Access Control) == holds the business owner resposnible for deciding which people are allowed in a specific location, pyhsically or digitally
2. MAC(Managed Access Control) == require an elevated emphasis on the confidentiality and classification of data.
3. RBAC(Role-Based Access Control) == used when system administrators need to assign right based on organizational roles instead of individual user accounts within an organization.
Files System ACL(Acess Control List)s
mask is union of all the permission of the file.
with extended attribute you can make file only available for appending.
'Operating System > O.S(Arif Butt)' 카테고리의 다른 글
| Managing Services using systemd (Lec 28) (0) | 2021.03.03 |
|---|---|
| Device Files , Terminal Attributes, Time Management (Lec25,Lec26, Lec27) (0) | 2021.03.01 |
| User Management ,Disk Geometry, Partition ,Formatting,mounting(Lec15,16,17,18,19) (0) | 2021.02.04 |
| /proc directory , software Installation (Lec12,Lec13) (0) | 2021.01.16 |
| Task scheduling (Lec13) (0) | 2021.01.14 |