New Document
unix protection

When created, all files have an owner and group associated with them. The owner is the same as the username of the person who created the files and the group is the name of the creatorís default login group, such as users, systemetc. Most users do not belong to a shared group on our systems. If the creator of the file belongs to more than one group (you can display the groups to which you belong with the groupscommand) then the creator can change the group of the file between these groups. Otherwise, only the root account can change the group of a file.

Only the root account can change the ownership of a file.

Displaying owner, group and protection

Only the root account can change the ownership of a file.

The display looks something like:

protection owner group filename
-rw-r----- hamilton ug munster_village

The Protection Bits

The command ls -lg filenamewill list the long directory list entry (which includes owner and protection bits) and the group of a file. The display looks something like:

protection owner group filename
-rw-r----- hamilton ug munster_village
The Protection Bits

The first position (which is not set) specifies what type of file this is. If it were set, it would probably be a d(for directory) or l(for link). The next nine positions are divided into three sets of binary numbers and determine protection to three different sets of people.

u g o
rw- r-- ---6 4 0

The file has mode 640. The first bits, set to r + w (4+2) in our example, specify the protection for the user who owns the files (u). The user who owns the file can read or write (which includes delete) the file. The next trio of bits, set to 4, or r, in our example, specify access to the file for other users in the same group as the group of the file. In this case the group is ug-all members of the ug group can read the file (print it out, copy it, or display it using more). Finally, all other users are given no access to the file.

The one form of access which no one is given, even the owner, is x (for execute). This is because the file is not a program to be executed-it is probably a text file which would have no meaning to the computer. The x would appear in the 3rd position and have a value of 1.

Changing the Group and the Protection Bits

The group of a file can be changed with the chgrpcommand. Again, you can only change the group of a file to a group to which you belong. You would type as follows:

% chgrp groupname filename

You can change the protection mode of a file with the chmodcommand. This can be done relatively or absolutely. The file in the example above had the mode 640. If you wanted to make the file readable to all other users, you could type:

% chmod 644 filename
% chmod +4 filename(since the current mode of the file was 640)
Default Protections: Setting the umask

All files get assigned an initial protection. To set the default initial protection you must set the value of the variable umask. umaskmust be defined once per login (usually in the .cshrcfile). Common umask values include 022, giving read and directory search but not write permission to the group and others and 077 giving no access to group or other users for all new files you create.

The Unix Shell Syntax

As mentioned earlier, user commands are parsed by the shell they run. There are many shells other than the the C shell which allow different types of shortcuts. We will only discuss the C shell here, but some alternate shells include the Bourne shell (/bin/sh), the Bourne-Again Shell (bash), zshand tcsh(a C shell variant).

The Path

One of the most important elements of the shell is the path. Whenever you type something at the % prompt, the C shell first checks to see if this is an alias you have defined, and if not, searches all the directories in your path to determine the program to run.

The path is just a list of directories, searched in order. Your default .cshrcwill have a path defined for you. If you want other directories (such as a directory of your own programs) to be searched for commands, add them to your path by editing your .cshrcfile. This list of directories is stored in the PATH environment variable. We will discuss how to manipulate enviroment variables later.

Flags and Parameters

Most commands expect or allow parameters (usually files or directories for the command to operate on) and many provide option flags. A flag as we saw before, is a character or string with a -before it-like the -swe used with the lscommand.

Some commands, such as cpand mvrequire file parameters. Not surprisingly, cpand mv(the copy and move commands) each require two! One for the original file and one for the new file or location.

It would seem logical that if lsby itself just lists the current directory then cp filenameshould copy a file to the current directory. This is logical-but wrong! Instead you must enter cp filename. where the (.) tells cpto place the file in the current directory. filenamein this case would be a long filename with a complete directory specification.

Not surprisingly ls. and lsare almost the same.

Creating Files

catis one of most versatile commands. The simplest use of cat:

% cat .cshrc

displays your .cshrcfile to the screen. Unix allows you to redirect output which would otherwise go to the screen by using a >and a filename. You could copy your .cshrc, for example, by typing:

% cat .cshrc > temp
This would have the same effect as:
% cp .cshrc temp
More usefully catwill append multiple files together.
% cat .cshrc .login > temp
will place copies of your .cshrcand .logininto the same file. Warning! Be careful not to cat a file onto an existing file! The command:
% cat .cshrc > .cshrc

will destroythe file .cshrcif it succeeds. If you fail to give cata filename to operate on, cat expects you to type in a file from the keyboard. You must end this with a -D on a line by itself. -D is the end-of-file character. By combining these two-leaving off the name of a file to input to catand telling catto direct its output to a file with > filename, you can create files.

For example:
% cat > temp

This will create a new file temp, containing the lines of garbage shown above. Note that this creates a new file-if you want to add things on to the end of an existing file you must use catslightly differently. Instead of you'd use which tells the shell to append any output to an already existing file. If you wanted to add a line onto your .cshrc, you could type

% cat >> .cshrc
echo "blah blah blah"

This would append the line echo "blah blah blah"onto your .cshrc. Using >here would be a bad idea-it might obliterate your original .cshrcfile.

Text Editors

catis fine for files which are small and never need to have real changes made to them, but a full fledged editor is necessary for typing in papers, programs and mail messages. Among the editors available pico, viand emacs.

Be careful! Not all Unix editors keep backup copies of files when you edit them.


picois a simple, friendly editor--the same editor as used in pine. Type pico filenameto start it and type man picofor more information about how to use it.


viis an editor which has a command mode and a typing mode. When you first startup vi(with the command vi filename) it expects you to enter commands. If you actually want to enter text into your file, you must type the insert command i.When you need to switch back to command mode, hit the escape key, usually in the upper left corner of your keyboard.

To move around you must be in command mode. You can use the arrow keys or use j, k, h, lto move down, up, left and right.

For more information type man vi. There are two reference sheets containing lists of the many vi commands available from C&C (located at Brooklyn and Pacific).


Emacs is a large editing system. Copies of the manual are for sale at the CCO Front Desk and copies of the two-page reference sheet are available in the reference sheet rack across from the Front Office.

To use emacs,type:
% setup emacs
% emacs
Files as Output and Log Files

Ordinarily there are two types of output from commands: output to standard output (stdout) and to standard error (stderr). The >and >>examples above directed only standard output from programs into files. To send both the standard output and error to a file when using the C shell, you should type >&:

% command >&  filename
Logging Your Actions to a File

Sometimes you may wish to log the output of a login session to a file so that you can show it to somebody or print it out. You can do this with the scriptcommand. When you wish to end the session logging, type exit.

When you start up you should see a message saying script started, file is typescriptand when you finish the script, you should see the message script done. You may want to edit the typescript file-visible ^Mís get placed at the end of each line because linebreaks require two control sequences for a terminal screen but only one in a file.

Comparing Files

The basic commands for comparing files are: cmp states whether or not the files are the same diff lists line-by-line differences comm three column output displays lines in file 1 only, file 2 only, and both files See the man pages on these for more information.

Searching Through Files

The grepprogram can be used to search a file for lines containing a certain string:

9980 s9 S 0:06 -csh (csh)
12380 s9 R 0:01 ps

The processes executing above are the C shell process and the pscommand. Note that both commands are attached to the same terminal (TT), have different process identification numbers (PID), and have different amounts of CPU-time (TIME), accumulated.

Previous                                                                                                                                                       Next

Back to Top