1. File Structure inside of Linux
On a Linux system , most everything is files, and if is not a file , then it is a process. Here is a general diagram for file structure in Linux.
- There are certain exceptions in a Linux file system
- Directories : Files that are lists of other files.
- Special file: The mechanism used for input and output. /dev are special files.
- Links : A system to make file or directory visible in multiple parts of the systems.
- Sockets : A special file type, similar to TCP/IP sockets providing inter-process networking.
- Pipes: More or less like sockets; they form a way for process to communicate with each other with out using network socket.
- File types in a long list:
Symbol Meaning – Regular file d Directory l Link c Special file s Socket p Named pipe b Block device
- Subdirectories of the root directory:
Directory Content /bin Common programs, shared by the system, the system administrator, and the users. /boot The startup files and the kernel, vmlinuz. In some recent distributions also grub data. Grub is the GRand Unified Boot loader and is an attempt to get rid of the many different boot-loaders we know today. /dev Contains references to all the CPU peripheral hardware, which are represented as files with special properties. /etc Most important system configuration files are in/etc., this directory contains data similar to those in the Control Panel in Windows /home Home directories of the common users. /initrd (on some distributions) Information for booting. Do not remove! /lib Library files, includes files for all kinds of programs needed by the system and the users. /lost + found Every partition has a lost+found in its upper directory. Files that were saved during failures are here. /misc For miscellaneous purposes. /mnt Standard mount point for external file systems, for example, a CD-ROM or a digital camera /net Standard mount point for entire remote file systems /opt Typically contains extra and third-party software. /proc A virtual file system containing information about system resources. More information about the meaning of the files in proc is obtained by entering the command man proc in a terminal window. The file proc.txt discusses the virtual file system in detail. /root The administrative user’s home directory. Mind the difference between /, the root directory and /root, the home directory of the root user. /sbin Programs for use by the system and the system administrator. /tmp Temporary space for use by the system, cleaned upon reboot, so don’t use this for saving any work! /usr Programs, libraries, documentation, etc., for all user-related programs. /var Storage for all variable files and temporary files created by users, such as log files, the mail queue, the print spooler area, space for temporary storage of files downloaded from the Internet, or to keep an image of a CD before burning it
2. File Permission in Linux
Although there are already a lot of good security features built into Linux-based systems, based upon the need for proper permissions, I will go over the ways to assign permissions and show you some examples where modification may be necessary. Wrong file permission may open a door for attackers in your system.
- Group Permisstion
Owner: The Owner permissions apply only the owner of the file or directory; they will not impact the actions of other users.
Group:The Group permissions apply only to the group that has been assigned to the file or
directory; they will not affect the actions of other users.
All User/other: The All Users permissions apply to all other users on the system; this is the permission group that you want to watch the most.
Each file or directory has three permission types:
Read: The Read permission refers to a user’s capability to read the contents of the file.
Write: The Write permissions refer to a user’s capability to write or modify a file or directory.
Execute: The Execute permission affects a user’s capability to execute a file or view the contents
of a directory.
rw : Owner( f) having read, write permission while group (f) having read permission with file BurpSuiteFree.vmoptions
- Linux Advanced / Special Permission
l : The file or directory is a symbolic link
s: This indicated the setuid/setgid permissions. Represented as a s in the read portion of the owner or group permissions.
t: This indicates the sticky bit permissions. Represented as a t in the executable portion of the
all users permissions
i: chatter Making file unchangeable
There are two more which mostly used by devices
c : character deivce
b: Block device
[email protected]:~#ln -s new /root/link
[email protected]:~#ls -al
lrwxrwxrwx 1 f f 3 Mar 18 08:09 link -> new
link is created for a file name called new (link is symbolic for file name new)
- Suid & Guid Permission
setuid (SUID)—This is used to grant root level access or permissions to users
When an executable is given setuid permissions, normal users **can execute the file with root level or
owner privileges. **Setuid is commonly used to assign temporarily privileges to a user to accomplish
a certain task. For example, changing a user’s password would require higher privileges, and in this
case, setuid can be used.
setgid (SGID)—This is similar to setuid, the only difference being that it’s used in the context of a group, whereas setuid is used in the context of a user.
[email protected]:~#chmod u+s new [email protected]:~#ls -al -rwSr--r-- 1 f f 13 Mar 18 07:54 new Capital S shows Suid for this file. [email protected]:~#chmod g+s guid-demo [email protected]:~#ls -al -rw-r-Sr-- 1 f f 0 Mar 18 09:13 guid-demo
Capital S shows Guid for guid-demo file and capital S is in group section
* Stickybit Permission
This is another type of permission; it is mostly used on directories to prevent anyone other than the “root” or the “owner” from deleting the contents.
[email protected]:~#chmod +t new [email protected]:~#ls -al -rw-r--r-T 1 f f 13 Mar 18 07:54 new
Capital **T **shows that stickybit has been set for other user (only owner or root user can delete files)
* Chatter Permission
[email protected]:~#lsattr ---------------- ./new [email protected]:~#chattr +i new [email protected]:~#lsattr ----i----------- ./new
Small i shows that this file is unchangeable and lsattr is a command to check if there is chattr on file. Before we end up with file permission, let’s have little look about numerical file permission
r = 4
w = 2
x = 1
3. Most Commnon and Important Commands
ls: list directory contents
cd: changes directories
rm: remove files or directories
chmod: change file mode bits, from read to write and vise versa
chown: change ownership of a file
chgrp: change group ownership
screen: screen manager with VT100/ANSI terminal emulation, create background process with terminal emulator.
ssh: secure shell for remote connection
pwd: print name of current/working directory.
cd..: moves up one directory
mkdir: create a new directory
rmdir: remove director
locate: find a file with in directory or system
whereis: find a file with in system
cp: copy file
mv: move file/directory or rename a file or directory
mount: mount device such as cdrom/usb
zip: compress directory/files
umount: umount(eject) the usb
df: list partation table
cat: concatenate the file
ifconfig: show interface details
w: Show who is logged on and what they are doing
top: show system task manager
netstat: show local or remote established connection
nslookup: query Internet name servers interactively
dig: dns utility
touch: create a file
nano: file editor
vi: vim file editor
free -h: check free memoryruns.
Hope this post helpful for everyone , and in the next post I’ll write about linux deeply , maybe with Shell