-
Products
JBoss Enterprise Middleware
Web Server Developer Studio Portfolio Edition JBoss Operations Network FuseSource Integration Products Web Framework Kit Application Platform Data Grid Portal Platform SOA Platform Business Rules Management System (BRMS) Data Services Platform Messaging JBoss Community or JBoss enterprise -
Solutions
By IT challenge
Application development Business process management Enterprise application integration Interoperability Operational efficiency Security VirtualizationMigration Center
Migrate to Red Hat Enterprise Linux Systems management Upgrading to Red Hat Enterprise Linux JBoss Enterprise Middleware IBM AIX to Red Hat Enterprise Linux HP-UX to Red Hat Enterprise Linux Solaris to Red Hat Enterprise Linux UNIX to Red Hat Enterprise Linux Start a conversation with Red Hat Migration services
Issue #14 December 2005
Features
- The making of the Fedora logo
- Making One Laptop per Child a reality
- Open source collaboration meets construction
- Creative Commons runs annual fund-raising drive
- Doing more with... more: Dual-head display
- The virtues of Xen
- Open Invention Network to protect against patent threat
- Music to make code by
- Answers to your top 10 support questions
- Fedora Ambassadors Program takes flight
- Developing database-driven applications on Linux
From the Inside
In each Issue
- Editor's blog
- Red Hat speaks
- Ask Shadowman
- Tips & tricks
- Fedora status report
- Magazine archive
- Contest
Feedback
Ask Shadowman
Shadowman envies his friends in the southern half of the world this time of the year. While Shadowman figures out which fleece goes best with his funky red lid, the Aussies and Brazilians are reminding him that they've got, oh, about a million kilometers of sunny December beachfront to enjoy between them. Ipanema, Copacabana, Bondi. Ah, yes.
But anyway. Winter shall also serve its purpose, and the short, cold, dark days help to focus Shadowman's thoughts on more pressing matters. Like the Creative Commons annual drive for cash! They do great work, they have cool stuff, and they really need your support. Shadowman's got his wallet open; now it's your turn. It's the high holy days, and everybody's in a giving mood, so hey: how about givin' a lil' somethin' somethin' to freedom.
Got a question that you'd like Shadowman to answer? Ask him.
Vishal asked:
Dear Sir, I am a little bit confused from the umask command. Please tell me how to calculate actual value of permissions of the file.
To which Shadowman replies:
"Sir!" That's right! Usually Shadowman only hears "sir" when he's sitting down for a gourmet meal. So we're getting off on the right foot, aren't we? Readers, do you feel the respect and the love? Vishal's momma and daddy clearly raised him right. Take a lesson.
Now. To understand umask, you need to understand how file permissions work in UNIX and Linux. Go to your machine and run "ls -l" -- that means "list files, long format". At the beginning of each file, you'll see a whole string of rs, ws, xs, and dashes. Those indicate the permissions of the file.
For example: Shadowman might have a file that looks something like this:
drwxr-x--- 1 s-man staff 3853 14 Dec 23:32 letters
Note the jumble of letters on the left. The first letter indicates the type of the file -- a directory in this case. The last nine letters indicate the file's permissions -- three different permissions for three different types of user.
The first three letters define the owner's permissions. The owner in this case is s-man, and s-man's permissions to this file are "rwx," or read, write, and execute. Basically, s-man can do anything to this file.
The second three letters define the group's permissions. Since the file is owned by the "staff" group, any user in that group has the same group permissions. In this case, the permissions are "r-x", so "staff" users can read or execute this file.
The last three letters define the permissions for everyone else. Since the permissions are all dashes, that means that no one else has any access to this directory at all.
The important thing to understand is that these permissions can also be represented in a three-digit octal number. r=4, w=2, and x=1; add them up and string them together. The file permission for the directory above, then, would be 750 (4+2+1, 4+0+1, 0+0+0).
The perceptive reader may ask, "when a new file is created, what are its permissions?" Well, that is exactly what umask does. A new file has the default permission of "all access for everybody minus the umask value".
The default umask value is "022" pretty much everywhere in the civilized world. Therefore, new directories, which would ordinarily be created as 777 (4+2+1, 4+2+1, 4+2+1) would instead be 755 (4+2+1, 4+2+1 minus 2, 4+2+1 minus 2). Similarly, plain old new files, which would ordinarily be created as 666, would instead be created as 644.
So the default umask basically takes away the ability of other people to write to new files you've created, but still allows them to read those files. Any user can set a new default umask for their own files; 066 is a popular umask for the deeply paranoid, for instance, and 000 is a good umask for free love hippies and libertarians.
===Garfield asks:
Where can I find all directives for the fstab file?
To which Shadowman replies:
Presuming that you already have a basic understanding of what fstab is for -- i.e. a configuration file that describes all of the partitions and storage devices on your system -- Shadowman would point you to the good folks over at tuxfiles, who have written a nice little article called "How to edit and understand fstab."
Shadowman sincerely hopes you're not asking because you've been poking around your fstab file randomly, and suddenly you've discovered a growing rift between you and your hard drive. That would be tragic.
===Dani said:
I love redhat
To which Shadowman replies:
Thanks, Dani! redhat loves you back. Except for that guy in facilities. He's not really the lovey-dovey kind. But the rest of us totally dig you.
===Sergio asks:
How do I build a custom DVD with Fedora Core 4 updated? I need it to install on off-line computers. Something like this but a little easier.
To which Shadowman replies:
As it happens, that document is still a pretty good overview. The basic idea: 1. Get all the packages into an install tree; 2. Generate the header list for the new set of packages; 3. build your new install images. The rest is just details -- some of which will likely be infuriating.
When you run into trouble, you might want the support of the developers of the anaconda installer. Maybe you could hang out with them on their mailing list. You might also want to get in touch with any of the 63 projects that have successfully built their own customized distribution based on Fedora.
And hey, if you end up finding some bugs in that original article, maybe you could even write your own, and put it up on the Fedora Project wiki for others to share and enjoy.
Happy hacking, Sergio.
