Filesystem and permissions
The file system on Unix-based systems like Linux are a collection of directories and files in a hierarchy. It is similar to a tree structure. The root directory is the parent of all other directories and files, and you can navigate from one directory to another. This is different from Microsoft Windows where each drive gets its own root directory and you can navigate from one drive to another.
Most Unix-based systems like Linux are following the Filesystem Hierarchy Standard (FHS) which is a set of guidelines for creating a filesystem. While the FHS is a set of guidelines, it is not a set of rules. The rules are implemented by the system and the guidelines are not and most Linux distributions give their own interpretations to the FHS, but most end-users won’t notice it. The table below gives an overview of where the files and directories are located on the filesystem on the highest level possible.
Directory |
File |
---|---|
/ |
Primary hierarchy root and root directory of the entire file system hierarchy. |
/bin |
Essential command binaries that need to be available in single-user mode, including to bring up the system or repair it, for all users. |
/boot |
Boot loader. |
/dev |
Device files. |
/etc |
Host-specific system-wide configuration files. |
/home |
Users’ home directories, containing saved files, personal settings, etc. |
/lib |
Libraries essential for the binaries in /bin and /sbin. |
/media |
Mount points for removable media such as CD-ROMs. |
/mnt |
Temporarily mounted filesystems. |
/opt |
Add-on application software packages. |
/proc |
Virtual filesystem providing process and kernel information as files. |
/root |
Home directory for the root user. |
/run |
Run-time variable data. |
/sbin |
Essential system binaries. |
/srv |
Site-specific data served by this system. |
/sys |
Contains information about devices, drivers, and some kernel features. |
/tmp |
Directory for temporary files. |
/usr |
Secondary hierarchy for read-only user data; contains the majority of (multi-)user utilities and applications. |
/var |
Variable files. |
Creating and removing files and directories
Navigating the filesystem is the first step to working with files and directories. The second step is to create a file or directory with the command `touch`
or `mkdir`
. In the example below we are creating a file called `test.txt`
in the directory for temporary files, view the contents of the file and delete it with `rm`
command.
$ touch /tmp/test.txt
$ ls -l /tmp
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/test.txt
$ cat /tmp/test.txt
$ rm /tmp/test.txt
Creating and removing directories can be done with the command `mkdir`
or `rmdir`
. In the example below we are creating a directory called `testdir`
in the directory for temporary files and removing it again.
$ mkdir /tmp/testdir
$ ls -l /tmp
drwxr-xr-x 2 user01 user01 0 Jan 1 1970 /tmp/testdir
$ rmdir /tmp/testdir
$ ls -l /tmp/testdir
ls: cannot access '/tmp/testdir': No such file or directory
Creating and removing subdirectories can be done with the command `mkdir -p`
if the parent directory doesn’t exist yet or `rmdir -p`
if the directory only contains empty subdirectories. In the example below we are creating a directory called `testdir/subdir`
in the directory for temporary files and removing it again.
$ mkdir -p /tmp/testdir/subdir
$ ls -l /tmp/testdir
drwxr-xr-x 2 user01 user01 0 Jan 1 1970 /tmp/testdir/subdir
$ rmdir -p /tmp/testdir
$ ls -l /tmp/testdir
ls: cannot access '/tmp/testdir': No such file or directory
Use command `rm -rf`
to remove a directory recursively. In the example below we are creating a directory called `testdir`
in the directory for temporary files and removing it recursively.
$ mkdir -p /tmp/testdir/subdir
$ touch /tmp/testdir/test.txt
$ ls -l /tmp/testdir
drwxr-xr-x 2 user01 user01 0 Jan 1 1970 /tmp/testdir/subdir
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt
$ rm -rf /tmp/testdir
$ ls -l /tmp/testdir
ls: cannot access '/tmp/testdir': No such file or directory
Moving files and directories
Moving a file or directory to another location is done with the command `mv`
. In the example below we are moving the file `test.txt`
to the directory for temporary files.
$ mkdir /tmp/testdir
$ touch /tmp/testdir/test.txt
$ ls -l /tmp/testdir
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt
$ mv /tmp/testdir/test.txt /tmp/testdir/test.txt.bak
$ ls -l /tmp/testdir
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt.bak
$ mkdir /tmp/testdir
$ touch /tmp/testdir/test.txt
$ ls -l /tmp/testdir
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt
$ cp /tmp/testdir/test.txt /tmp/testdir/test.txt.bak
$ ls -l /tmp/testdir
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt.bak
$ mkdir /tmp/testdir
$ touch /tmp/testdir/test.txt
$ ls -l /tmp/testdir
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir/test.txt
$ mv /tmp/testdir /tmp/testdir2
$ ls -l /tmp/testdir2
-rw-rw-r-- 1 user01 user01 0 Jan 1 1970 /tmp/testdir2/test.txt
Using hard and symbolic links
$ ln -s /home/user01/file1 /home/user01/file2
$ ln -s -r /home/user01/file1 /home/user01/file2
$ ln /home/user01/file1 /home/user01/file2
File and directory ownership
$ chown user02 /tmp/test.txt
# chown user02 /tmp/test.txt
$ chgrp group01 /tmp/test.txt
# chgrp root /tmp/test.txt
# chown root:root /tmp/test.txt
Using file and directory permissons
Posix permissions
$ ls -l /etc/ssh/sshd_config
-rw-r--r--. 1 root root 631 Jan 5 2009 /etc/ssh/sshd_config
$ chmod 600 /etc/ssh/sshd_config
$ touch /tmp/test.txt
$ chmod u+x /tmp/test.txt
$ chmod +x /tmp/test.txt
$ chmod a=rw /tmp/test.txt
$ chmod o-w /tmp/test.txt
4 - add read permission
2 - add write permission
1 - add execute permission
$ chmod 750 /tmp/test.txt
$ chmod 4750 /tmp/test.txt
$ chmod u+s /tmp/test.txt
$ chmod g+s /tmp/test.txt
$ chmod +t /tmp/test.txt
Default mask for files: -rw-rw-r--
Default mask for directory: drwxrwxr-x
4 - remove read permission
2 - remove write permission
1 - remove execute permission
$ umask
0022
$ umask 0027
$ umask
0027
Using an Access Control List
$ getfacls /etc/ssh/sshd_config
/etc/ssh/sshd_config:
user::rw-
group::r--
other::---
user:root:rw-
group:root:r--
other:root:---
$ setfacl -m u:johndoe:rwx /etc/ssh/sshd_config