Permissions

Something we haven't touched on yet is permissions in Ubuntu. The concept of permissions is highly important to how Linux works.
As you may know, Linux is a clone of the Unix operating system. Unix was originally designed to be used on huge systems which might have hundreds or even thousands of users, such as in universities, and it was therefore important to establish who was entitled to do what. The concept of groups therefore came about. By creating groups, and making individual users members of these groups, system administrators could set what users could do quickly and easily.
For example, refer back to the VirtualBox install article a while back and you'll notice that in order to use VirtualBox, a user needs to be a member of a group called "vboxusers". By adding a user name "fred"to this group, this shows that the administrator has given permission for the user fred to use VirtualBox. Now, to a certain extent this is a little redundant on a desktop system that will have only a handful of users, but it illustrates how Unix-like operating systems such as Linux handle files. In Ubuntu, a normal user will belong to a group based on their username, but other Linux distributions may instead have a group called "users".
A user account has limits. Each user has their own directory in the /home folder (so in this example, fred has /home/fred), in which they can save and edit files, but normally they can't save elsewhere. Users can move around, but some files are out of bounds. Some files (normally system files, such as your /etc/apt/sources.list), can be read, but not written to, so you could open it in a text editor, edit it and save a copy in your own home folder, for example, but you couldn't edit and save the original. This is enforced by the use of file permissions.
Each file or directory is owned by a user. For instance, if the user fred rips a CD using Sound Juicer and save it to a directory called Music in his /home directory, he will be the owner of the audio files created. He's therefore free to do as he wishes with these files. If he then logs out and another user, jane, logs in, she is not the owner and what she can do with these files will be subject to the permissions fred has set for these files. He can if he wishes make these files available for other users to edit or delete if they wish, or he can make them read-only. If he prefers not to share these, he can deny anyone else access to the files.
Another thing to note is the Unix philosophy that "everything is a file". This includes folders, so fred can also make entire folders read only, or can deny others access to them completely. So he could make his entire /home directory available for others to access or edit, or keep people from accessing it entirely.
There are three sets of permissions for each file or folder. There is one for the user, one for the specified group, and one for everyone else. To demonstrate this, open your file manager (Nautilus in Ubuntu, Konqueror or Dolphin in Kubuntu and Thunar in Xubuntu). Right-click on a file or folder and select Properties. Select the Permissions tab and you'll see something like this:


You may want to open this image in a separate tab so you can see it better. As you can see, each set of users has a dropdown box for you to set the permissions, and Group has an additional dropdown so you can set the permissions for each group. So far, this may have seemed quite technical, but hopefully this makes it a bit easier to understand!

There's three types of access you can set for a file:

• You can set out who is allowed to read a file;
• You can set out who is allowed to write to a file;
• And you can set who can execute (run) a file

Normally, a file in your /home directory which you own will allow you to read or write to it, but not execute it (this is just another one of the reasons why Linux is regarded as being more secure than Windows, as by default a freshly downloaded file can't be executed straight away). So, if you wanted to run it, you'd have to change the permissions on it. For instance, if you write a shell script to automate a task for you, you'll need to give yourself permission to run it.

One other thing to remember: Opening a folder is executing it, not reading it. So if you want to prevent other people looking in a folder, it should not be executable for others.

To illustrate the permissions on the files in a directory, run the following command:

ls -lh

You should see something like this:

matthew@matthew-laptop2:~/Demonstration$ ls -lh
total 8.0K
drwxr-xr-x 2 matthew matthew 4.0K 2008-09-18 20:31 Example
-rw-r--r-- 1 matthew matthew 13 2008-09-18 20:30 example.txt
matthew@matthew-laptop2:~/Demonstration$

Now, pay attention to the string of characters at the start of each sentence. The d at the start of the Example line indicates this is a directory, while this is a dash for example.txt, showing that this is not a directory.

The next three characters give the permissions for the owner. The r shows this can be read, the w shows this can be written, and the x shows it's executable. As example.txt shows a dash instead of an x, it shows it's not executable, but the r and w show it can still be read or written to.

The next three characters show the permissions for the group specified (more on this a bit later). The format is the same. Then, the final three characters are the permissions for everyone else.

You'll notice there are two names afterwards. The first is the name of the owner, while the second is the owner's group. As stated previously, in Ubuntu each user has their own group. The rest is information about the file.

OK, so we've established what permissions are. Now, how can we change them? You can easily use a file manager to change these, as demonstrated in the screenshot above, but as usual I'm going to point you towards the terminal as the best way to do it.

First, to change permissions, you use the chmod command. In this example, to make the example.txt document available so that everyone can read and write to it, you enter this:

chmod a+rw example.txt

This is quite easy to follow - all users (a) add (+) read (r) and write (w) permissions. Another example:

chmod a-w example.txt

This means all users (a) take away (-) write (w) permission. You can edit permissions for just the user as follows:

chmod u+rw example.txt

Similarly, you can edit it for the group like this:

chmod g+rw example.txt

Or you can edit it for others:

chmod o+rw example.txt

Please note that you can leave out the first character, which means it will default to a (all), as in this example:

chmod +x example.txt

Now, say you've written a shell script called housekeeping to automate a common task for you. To enable this to run, you need to make it executable, like this:

chmod +x housekeeping

OK, so now you should understand how to change permissions for a file or folder. But what about changing the user who owns it? There's an easy way to do this, using the chown (CHange OWNer) command. Please note, this must be run using sudo for security reasons. So if fred wants jane to own his example.mp3 file, he should run the following:

sudo chown jane example.mp3

He can also change the group at the same time:

sudo chown jane.examplegroup example.mp3

Or, he can change the group alone with chgrp (CHange GRouP):

sudo chgrp examplegroup example.mp3

This is a fairly complex concept, so you may want to spend some time getting familiar with the idea of permissions.

Manipulating files and folders

Apologies for the delay since my last post - as I don't have access to the Internet during the week at present and my parent's Internet connection has been playing up, it's been hard to get any blogging done! Hopefully that will change soon!
Anyway, manipulating files and folders is something that you need to know about, seeing that Linux applies the Unix philosophy of "everything is a file". So I'll walk you through some basic commands.
First up is mkdir. This command makes a new folder. So, if you're in your /home directory and you enter the following:

mkdir Work

You'll create a new directory called Work. Never forget that Linux, unlike Windows, is case sensitive. Also, if you want to create a new directory anywhere other than in your own /home directory, you'll need to use sudo.
To remove an empty directory, you can use rmdir, as in this example:

rmdir Work

Now, to remove a file, you use the rm command, as in this example where we're deleting the document Example.html:

rm Example.html

Like most commands in Linux, rm has a number of options you can specify. A word of warning: watch out for the command rm -rf. The r option means remove things recursively (so you can remove a directory AND everything inside it), while the f option forces it, even if it gives a warning. You can specify the folder you want to delete with its path, so NEVER run the following command (unless you actually want to destroy your system!):

sudo rm -rf /

This means "delete the whole filesystem recursively, ignoring all warnings, with root access", essentially meaning delete everything!. I've tried this on VirtualBox installs of Ubuntu and it will destroy everything on your system! That said, the command rm -rf can be quite handy for deleting a folder and it's contents, but be VERY careful with it!
To copy a file, use the cp command, with the source followed by the destination, as in this example:

cp Example.html /media/USB

You can change the name of the destination by specifying the file name as well, like this:

cp Example.html /media/USB/Example2.html

Moving a file is similar to copying it, with similar syntax:

mv Example.html /media/USB

And again you can change the name, in the same way as with cp. Or you can use it to rename a file without moving it, like this:

mv Example.html Example2.html

Now, moving files and folders is all very well, but how can you show them? Simple, use the ls command:

ls

To show hidden files and folders as well, use this:

ls -A

As usual, if you want to know more about these commands, refer to the man pages for more specific guidelines. Hopefully this has given you enough to get started. I recommend spending a little time becoming comfortable with these commands, they'll give you a sound grasp of the fundamentals of using the command line.

Setting up your /home directory on a separate partition

Many experienced Linux users set up their /home directory on a separate partition to their root filesystem. You may be wondering why? Well, it's to preserve data in case of anything going wrong with your system. Also, it means that when the time comes to change to the next version of Ubuntu, you don't have to lose the information preserved in your /home partition, you can just format the root filesystem and mount /home within it. In this way, you can keep things like e-mails and Firefox profiles safe, saving you lots of work! If you haven't done this yet, when the time comes to switch to Hardy in about a month, you may want to do this as it means from then on, you can do a fresh install but keep all your files intact!

A warning though: this may sound intimidating if you're new to Ubuntu. If you're concerned that you might mess it up, why not have a trial run using VirtualBox? I used VirtualBox to do this as it meant I could write this on my Vista laptop using Windows Live Writer.

In this example, I've used an .iso image of Xubuntu Gutsy, but the process will be identical among all variants of Ubuntu that use the Ubiquity installer, ie Ubuntu, Kubuntu, Linux Mint, goS etc. However, if you understand what's happening, it shouldn't be hard to adapt it to a text mode installer (or for that matter, for any other Linux distribution).

Once you've booted into LiveCD mode, you'll be confronted with the desktop, which will have an Install icon on it. As usual, double-click this to open it. You'll then be led through the usual series of steps. The one we want to look at closely is step 4 - How do you want to partition the disk?

As shown above, you need to select Manual partitioning. If you're dual-booting or already have an operating system installed that you plan to overwrite, this screen will have more options under Guided, but don't worry about this. Just click Forward.

You'll then see a screen which looks something like this:

We'll be setting up a new partition table from here. Note the comments at the bottom about needing to set up both a root filesystem partition and a swap partition, and that you can add other partitions if necessary. If you're dual-booting with another OS or already have an OS installed that you're planning to wipe, the screen will look different.

Click on New Partition Table. You'll get a warning, but it's OK to click through this. You'll then be taken to a screen like this:


If you already have an operating system installed, it will be shown here. If you're planning on dual-booting, don't make any changes to it (except for possibly shrinking it if necessary). Just use the free space, or overwrite any partitions you want to get rid of.
Click on the free space, and you should see something like this:

Now click on New Partition and you'll have the chance to set up the first partition. Now, a little planning is called for. You're going to need three partitons: a root partition and a /home partition, as well as a swap partition. You need to have some idea of how big each one should be.
As a guide, you need at least 256MB for your swap partition, although 512MB is better if possible. The size of the /home partition depends on how much you're likely to want to put there. For instance, if you're likely to keep a lot of music on your hard drive, you'll likely want a bigger /home partition to give you the space for this. Remember, if you aren't going to be the only user, that the other users will also be saving their files to the /home partition, as it contains the home directories of ALL users.
If we set up the swap partition first, that gets it out the way. You should now be seeing this screen:

Leave the new partition type as Primary, and adjust the size to whatever size you want to use for your swap partition (here, I'm using 512MB). The location is fine as beginning or end, that doesn't matter. For use as, select swap. The mount point will then be greyed out, as the swap partition has no mount point. Then click on OK and the new partition will appear in the partition table. Note that you haven't yet made any changes to your filesystem, this is just setting it out for you to check.


You'll now see the swap partition in your filesystem. If you click on it, you'll have options to edit or delete this partition, or to undo changes to the partition.
Now to set up your root partition. Click on your free space again and select new partition again.
Again set this as Primary and it's fine to place it at the beginning or at the end. Don't forget to leave some space for your /home partition - here I'm leaving 1GB Under Use as, you have a number of options. This is because there are a wide array of different filesystems available for Linux, including Ext2, Ext3, ReiserFS, JFS and XFS. Ubuntu uses Ext3 by default, as do most modern Linux distributions, so this is a safe bet. Also the GRUB boot loader does not work well with all of these, so although some of these are in many ways better than Ext3, I recommend sticking with it. Ext3 will already be selected so you don't need to do anything with the pulldown box.
The final question is your mount point. This is where you will place this partition in the filesystem. However, you won't be able to select anything here yet, but that's OK. Just click on OK and your new partition will be set up.
Now , your partition table should look something like this:

Note that the partition you've just set up has no mount point. Click on it and select Edit Partition. You can then use the pulldown box to select a mount point - choose / and then click on OK. It will then be set up as the root partition.
With that done, click on the remaining free space and select New Partition again. You can just use the remaining space for this, and again select Primary as the type. The location doesn't matter here either. Again, you can't mount the partition at this stage, so once you're done click OK.
Once the partition is set up, again click on it and go into Edit Partition. Again, you'll be offered a choice of mount points - select /home, then click on OK to proceed.
The partition table is now completed and should look something like this:


That's basically it! Now you can click forward to continue with your new install as usual. Once you've finished the install, from now on you'll be able to do a fresh install of Ubuntu (or whatever derivate you're using) without losing everything in your /home directory. It's a bit more effort, but it's very worthwhile. You could even be using Ubuntu, then switch to Kubuntu or Xubuntu and have all your emails and Firefox profile waiting for you! If you've ever had to log back into all the sites you use after a fresh install so that Firefox can remember your passwords again, this is a lifesaver.

When you upgrade to Hardy, or if you're doing a fresh install anyway, if you take the time to set up /home on a separate partiton, you'll be saving yourself a lot of hassle. Don't be scared of using Manual partitioning, it's not as hard as you might think, it just requires a bit of planning to get it right.

Partitions and Filesystems in Linux

A computer with Microsoft Windows installed will normally have only one partition on the hard drive, which contains the entire operating system (actually, many computers will actually have a separate diagnostic or recovery partition so you can reinstall easily - don't do what I did and delete that!). By comparison, Linux will always have at least two partitions, and can have more depending on how you have set up your system, but you don't have to keep track of this as the operating system does this for you. This also applies to additional hard drives - whereas Windows will show the primary hard drive as C, the next as D and so on, Linux makes no distinction between different hard drives, and is happy to slot them into the filesystem where ever you see fit.

If you used Guided partitioning when you installed Ubuntu, then it will have created two partitions - your main partition and a swap partition. If you're dual-booting with Windows, these will coexist with your Windows partition and possibly your recovery partition. By using manual partitioning, you can add extra partitions, and decide where to mount these within your filesystem. For instance, many people will set up their /home directory on a separate partition. Although this is a bit more fiddly than using Guided partitioning, it has the advantage that if you do a fresh install, as long as you don't overwrite the /home partition, you can keep everything saved to this directory.

The same applies to additional hard drives - you could have the main partition on one drive, and your /home directory on another, for instance. Linux does recognise the actual hard drives as being separate devices though - they're in the /dev directory, which as you may recall, contains device drivers. These act as a shortcut to the device for the sake of convenience. Typically, they will be described using the following system:

• /dev/cdrom - The CD-ROM drive (though you may also see cdrom1, cdwriter, dvd, or even a hard drive designation)
  
• /dev/fd0 - Floppy drive 1
• /dev/fd1 - Floppy drive 2
• /dev/hda - First IDE hard drive
• /dev/hda1 - First IDE hard drive, first primary or extended partition
• /dev/hda2 - First IDE hard drive, second primary or extended partition
• /dev/hdb - Second IDE hard drive, with numbers denoting the partitions as for hda
• /dev/sda - First SCSI hard drive
• /dev/sda1 - First SCSI hard drive, first primary or extended partition. Can also refer to USB devices ranging from flash drives to iPods, which you'd probably want to mount to /media.

Don't worry too much if you're struggling to understand this. Next time, we'll be demonstrating how to set up your /home directory on a separate partition - a very useful thing to know!

The /usr subdirectories

Last time, we covered the root directory. As promised, we're now going to cover the /usr directory. Here's a full breakdown of the contents of this directory:

• /usr/X11R6 - The files managing your X Window Server (this is the base on which all the different Linux desktops are built. If you use a graphical desktop of any kind in Linux, this is what it runs on).
• /usr/bin - Commands that aren't essential for users, but are useful.
• /usr/games - Pretty self-explanatory! Games you install on your system, except for those you put in /opt.
• /usr/include - The files that the C programming language (used to write the Linux kernel and most of the programs it needs to run) needs to work.
  
• /usr/lib - Shared code used by many programs in the /usr directory.
• /usr/local - Programs and other items you want to keep locally.
• /usr/sbin - Commands that aren't essential for administrators but are useful.
  
• /usr/share - Information you can use on any Linux machine (even if it's running completely different hardware from what his one is running)
• /usr/src - Source code used to build software on your system

Again, certain directories are best left alone unless you know what you're doing. These are X11R6, bin, include, lib, sbin, and share.

So that brings to an end our tour of the Linux filesystem. Don't worry too much if little of it makes sense, you just need a general idea of what's kept where. With practice, you'll soon learn where everything is!

Meeting the Linux Filesystem

Among the many differences between Windows and Linux, the filesystem is one of the most significant. While both are logical, the difference may take some getting used to.

One of the most significant changes is that while Windows keeps all system files in one directory, Linux (and its Unix cousins such as FreeBSD or Mac OS X) spreads them out a bit more.
Everything in Linux is relative to the root directory. This is referred to by the system as /. To demonstrate this, open the terminal and enter the following:

cd /

Follow this with the following:

ls

The cd / command moves you to the root directory. The ls command then lists the files in that directory. Here's my output from this:

bin cdrom etc initrd lib media opt root srv tmp var
boot dev home initrd.img lost+found mnt proc sbin sys usr vmlinuz

Equally, you can use a file manager such as Nautilus or Konqueror to view your root directory. Konqueror allows you to specify the path to a folder to view it, so in the URL bar you can just enter / to view the root directory. Other file managers, such as Nautilus, don't all support this, so for these you can just keep moving up through the directories to reach the root directory.

One important point - don't confuse this with the root user! Think of the filesystem as a tree, with the root directory being the base of the tree and the folders being branches on that tree.

Now, I'll tell you what the individual folders are for:

• /bin - Essential commands for your system
• /boot - The information used to boot your system, including the Linux kernel
• /dev - Device drivers
• /etc - Configuration files for your system
• /home - This directory contains the home folders of all users on the system. For instance, as I'm the sole user on my laptop, the /home folder contains one folder, which is /home/matthew. This contains all your settings and preferences as hidden folders, together with anything you choose to save there.
• /lib - The libraries that many programs use.
• /media - This is where the system adds temporary media such as floppy disks or CD-ROM's. When I connect my iPod Shuffle to my Kubuntu laptop, it gets mounted by default to /media/ipod.
• /mnt - This is where you add extra filesystem components such as networked drives. Basically, anything that's not permanent, but less temporary than the kind of things that go in /media.
• /opt - This is generally used for installing new software. Not all programs installed by apt-get or dpkg use this by default though. If you ever have to install something from tarballs (a common format for applications packaged for any Linux distribution), this is a safe place to install it.
  
• /proc - Current settings for your kernel.
• /root - The root user's home directory. As Ubuntu doesn't have a separate root account, you may find this doesn't get used much.
• /sbin - Commands the system administrator needs.
• /srv - Data for your system's services.
• /sys - Kernel information about your hardware.
• /tmp - Temporary files.
• /usr - This is virtually a separate filesystem in its own right! Contains a huge number of important files and folders.
• /var - Data that changes frequently, such as log files and mail.

So, that's the Linux filesystem. You'll be using it a lot, so it pays to get at least some idea of what's in it. A word of warning though: don't mess around with the bin, boot, dev, etc, lib, proc, sbin, srv, or sys folders unless you know what you're doing! Also, usr contains lots of subdirectories which you should leave alone. I'll discuss the /usr subdirectories in detail next time.