Lab: Rootly Powers.
Step3: The File System.
- To do this step:
- You should have a running version of the RootlyPowers virtual machine, set up.
- You should understand the basics of becoming other users.
- If you have not completed the first two steps, please return to this step after you have done so.
- Log into the guest machine for this lab as bob.
- Start a terminal.
- Change to the step3 directory by typing
- Remember to keep notes on the commands introduced.
ls command is used to show files on a system.
man ls will display an extremely large manual entry
- ls has many flags
- Check this out.
- Notice that three files and three folders, or directories, are listed.
- This lists the files in long format.
- This shows
- File permissions.
- The number of "links" to the file.
- The owner of the file
- The group associated with the file
- The size of the file
- The date and time the file was last changed
- The name of the file.
- We will be back to this soon.
- Notice two additional directories, . and .. , were displayed.
- These files are not "hidden", but files starting with a . are not displayed by ls by default.
- The -a flag says to list them.
- Notice the date/time is increasing.
- Look at the man page and figure out what the -t and -r flags do.
- In general
ls -alrt is an effective tool for monitoring the system.
- It displays all files.
- But sorted by time.
- So the most recently changed files will be listed last.
- This allows you to see recent changes.
- Unfortunately file time stamps are not reliable.
- Read the manual page for
- Using ls, what did this do?
- How big is newFile?
- When was newFile created?
date will tell you the system current time.
touch -d "Jan 1 2022 00:00:00" oldFile
ls -l, what did this command do?
- Can you trust file time stamps when performing a system audit?
- The command
more filename will show you the contents of a file.
- There is a more powerful version of more installed on most *nix computers called
less which can be used in place of more.
more to examine the contents of the files group, closed and open
- You can use
less anywhere you use
- Both come installed on most *nix systems.
- less at one time was an addtion.
- Other commands like more/less
- More and less are pagers, or commands that will show you a file one page at a time.
cat will just dump the entire file to the screen.
head will show you the first few lines of a file.
tail will show you the last few lines of a file.
- Take a moment to:
- Record all five of these in your command list.
- Read the man page on each of these.
- Try each on the file charge.txt in the step3 directory.
- File Permissions
- Once again list the files in long format
- Note the contents and dates of files will change from the screen shot to the time you work through this lab.
- Notice the first part of each line is a collection 10 characters.
- The first letter indicates the file type.
- A "-" (dash) indicates a regular file.
- A "d" indicates a directory.
- We will encounter more of these in the lab.
- The next three sets of three indicate permissions.
- The first set is for the file owner or the "user"
- The second set is for the file group.
- The third set is for everyone else on the system.
- Each group can be interpret as follows for files:
- The first letter is either "r" or "-"
- If it is an r, the user, group or other can read the file.
- If it is an -, the user group or other can not read the file.
- Notice that bob has r for all of the files in this directory, and bob is the user (third field), so bob can read all of these files.
- The second letter is either "w" or "-"
- This tells us if the user, group, or other has write permission.
- Or permission to change the file.
- The final letter is an "x"
- This indicates execute permission.
- Notice the file
hello has execute permission.
- You can run this program by typing
- Exploring File Permissions
- Start another terminal
- Become user alice (
su alice , password alice)
id and note that alice is a member of the shared group.
- Based on this what files will alice be able to read?
- Use a file reading command (more, less, ...) to try to read the files in Bob's directory as Alice. Was your prediction correct?
- What files should you be able to change as Alice?
touch filename to try to change the files in this directory. Was your prediction correct?
exit to resume working as Bob.
- Become the user john (
su john, password john)
- Notice that john is not in group shared.
- Repeat the steps above.
- Become root (
- When you do this, you will change directories. You will need to change to bob's step3 directory.
- Do this with
- Note that root is not in the shared group.
- Try all of the steps above.
- Do file permissions apply to root?
- Directory permissions
- Use the accounts of alice and john, and the folders closedDir, groupDir and openDir to determine what read and execute permissions for directories do.
- Try the commands
- System configuration files
- Many of the system configuration files are stored in the directory
- For example /etc/passwd and /etc/shadow.
- We will discuss both of these in future labs.
- But they are very important to the security of the system.
- Do a long ls on each of these files to see the permissions.
- As bob, try to edit /etc/passwd
- vi or vim works fine (
- nano and joe are also installed.
- Or as bob,
sudo leafpad and browse to the file
(places -> filesystem ->etc -> passwd)
- In any case, try to write this file. What happens?
- Repeat the experiment with /etc/shadow
- Other files.
- For this last experiment, you will need two terminals.
- In one, be logged in as bob.
- In the second be logged in as alice.
- Start a terminal as bob, su to alice.
- A pseudo-terminal "acts like a terminal"
- They interact with the os via a file.
- In alice's window type
- This will tell us the file alice is using for her pseudo terminal.
- In my case it was /dev/pts/1
- Use ls to examine the owner and permission on the pseudo terminal.
- Bob owns this terminal, so bob can write to it.
- In the terminal as bob (unused so far)
cat > /dev/pts/1
- then type some message
- End with ctrl-d (the control key held down and a d)
- Observe alice's terminal. What is happening?
- When you are finished, type ctrl-c in bob's terminal.
- type in alice's terminal.
- What is happening now?
- We now need alice to have a new pseudo terminal so
- In the alice window type
- Log in with password alice.
- Repeat the above experiment,
- A second power of root is that they can
- Read or write any file on the system.
- This includes configuration files.
- This includes files that are interfaces to hardware devices.
- Access any directory on the system.