# Lab: Rootly Powers.

### Step3: The File System.

• To do this step:
• You should have a running version of the RootlyPowers virtual machine, set up.
• You should understand the basics of becoming other users.
• If you have not completed the first two steps, please return to this step after you have done so.
• Start a terminal.
• Change to the step3 directory by typing cd step3
• Remember to keep notes on the commands introduced.
• ls
• The ls command is used to show files on a system.
• man ls will display an extremely large manual entry
• ls has many flags
• Check this out.
• type ls
• Notice that three files and three folders, or directories, are listed.
• type ls -l
• This lists the files in long format.
• This shows
• File permissions.
• The number of "links" to the file.
• The owner of the file
• The group associated with the file
• The size of the file
• The date and time the file was last changed
• The name of the file.
• We will be back to this soon.
• type ls -al
• Notice two additional directories, . and .. , were displayed.
• These files are not "hidden", but files starting with a . are not displayed by ls by default.
• The -a flag says to list them.
• Try ls -lrt
• Notice the date/time is increasing.
• Look at the man page and figure out what the -t and -r flags do.
• In general  ls -alrt is an effective tool for monitoring the system.
• It displays all files.
• But sorted by time.
• So the most recently changed files will be listed last.
• This allows you to see recent changes.
• touch
• Unfortunately file time stamps are not reliable.
• Read the manual page for touch
• Try
1.  touch newFile
• Using ls, what did this do?
• How big is newFile?
• When was newFile created?
• date will tell you the system current time.
2.  touch -d "Jan 1 2022 00:00:00" oldFile
• Using ls -l, what did this command do?
• Can you trust file time stamps when performing a system audit?
• more (and less)
• The command more filename will show you the contents of a file.
• Try more open
• There is a more powerful version of more installed on most *nix computers called less which can be used in place of more.
• Use more to examine the contents of the files group, closed and open
• You can use less anywhere you use more
• Both come installed on most *nix systems.
• less at one time was an addtion.
• Other commands like more/less
• More and less are pagers, or commands that will show you a file one page at a time.
• cat will just dump the entire file to the screen.
• head will show you the first few lines of a file.
• tail will show you the last few lines of a file.
• Take a moment to:
• Record all five of these in your command list.
• Read the man page on each of these.
• Try each on the file charge.txt in the step3 directory.
• File Permissions
• Once again list the files in long format
• Note the contents and dates of files will change from the screen shot to the time you work through this lab.
• Notice the first part of each line is a collection 10 characters.
• drwxr-x---
• The first letter indicates the file type.
• A "-" (dash) indicates a regular file.
• A "d" indicates a directory.
• We will encounter more of these in the lab.
• The next three sets of three indicate permissions.
• The first set is for the file owner or the "user"
• The second set is for the file group.
• The third set is for everyone else on the system.
• Each group can be interpret as follows for files:
• The first letter is either "r" or "-"
• If it is an r, the user, group or other can read the file.
• If it is an -, the user group or other can not read the file.
• Notice that bob has r for all of the files in this directory, and bob is the user (third field), so bob can read all of these files.
• The second letter is either "w" or "-"
• This tells us if the user, group, or other has write permission.
• Or permission to change the file.
• The final letter is an "x"
• This indicates execute permission.
• Notice the file hello has execute permission.
• You can run this program by typing ./hello
• Exploring File Permissions
• Start another terminal
• Become user alice ( su alice , password alice)
• Use  id and note that alice is a member of the shared group.
• Based on this what files will alice be able to read?
• Use a file reading command (more, less, ...) to try to read the files in Bob's directory as Alice. Was your prediction correct?
• What files should you be able to change as Alice?
• Use  touch filename to try to change the files in this directory. Was your prediction correct?
• Type exit to resume working as Bob.
• Become the user john (su john, password john)
• Notice that john is not in group shared.
• Repeat the steps above.
• Become root ( sudo -i)
• When you do this, you will change directories. You will need to change to bob's step3 directory.
• Do this with  cd ~bob/step3
• Note that root is not in the shared group.
• Try all of the steps above.
• Do file permissions apply to root?
• Directory permissions
• Use the accounts of alice and john, and the folders closedDir, groupDir and openDir to determine what read and execute permissions for directories do.
• Try the commands ls and cd.
• System configuration files
• Many of the system configuration files are stored in the directory /etc
• For example /etc/passwd and /etc/shadow.
• We will discuss both of these in future labs.
• But they are very important to the security of the system.
• Do a long ls on each of these files to see the permissions.
• As bob, try to edit /etc/passwd
• vi or vim works fine ( vi /etc/passwd
• nano and joe are also installed.
• Or as bob,  sudo leafpad and browse to the file (places -> filesystem ->etc -> passwd)
• In any case, try to write this file. What happens?
• Repeat the experiment with /etc/shadow
• Other files.
• For this last experiment, you will need two terminals.
• In one, be logged in as bob.
• In the second be logged in as alice.
• Start a terminal as bob, su to alice.
• A pseudo-terminal "acts like a terminal"
• They interact with the os via a file.
• In alice's window type tty
• This will tell us the file alice is using for her pseudo terminal.
• In my case it was /dev/pts/1
• Use ls to examine the owner and permission on the pseudo terminal.
• Bob owns this terminal, so bob can write to it.
• In the terminal as bob (unused so far)
• type  cat > /dev/pts/1
• then type some message
• End with ctrl-d (the control key held down and a d)
• Observe alice's terminal. What is happening?
• Try
•  cat /dev/pts/1
• When you are finished, type ctrl-c in bob's terminal.
• type in alice's terminal.
• What is happening now?
• We now need alice to have a new pseudo terminal so
• In the alice window type  ssh alice@RootlyPowers