Archive for the ‘Street Linux’ Category

IX – Scripting

onsdag, juni 23rd, 2010

In a cold, dark world the shell is your only friend along with Jack Daniels. From the shell your able to set environmental variables, run commands and execute binaries. A convenient way to run a set of cmd:s is to pack them into a script file. In some scripts first thing you’ll notice is the so called ’shebang’ on the first script line. It probably looks something like ‘#!/bin/bash‘. In many scripting languages the ‘#’ char indicates a comment which will be disregarded by the script interpreter. And fo sho, this line will be disregarded by the interpreter but instead tells the operating system what script interpreter to use.

======== <helloworld.sh> ========

#!/bin/bash
 
# An array
hello_holder=(Hello bright world)
 
# For each position in the array
for word in ${hello_holder[@]}
do
  # ‘-n’ -> do not output the trailing newline
  echo -n ”$word ”
done
 
echo
echo ”Goodbye cruel world”

======== </helloworld.sh> ========

With the shebang ‘#!/bin/bash’ above we tell the operating system to use ‘bash’ to interpret helloworld.sh. So if we initiate this script in the regular way ‘./helloworld‘ then the shebang will be read by the operating system, specifying bash as interpreter and then ‘bash’ will be invoked with the script as a parameter.
If you’re high on drugs you might recognize the ‘#’ chars as indicating comments. If you’re not on high drugs you might have noticed that as well. With this in mind we now start the script NOT using the regular initiation. Therefore the operating system won’t find the shebang but instead we specify the interpreter to use directly – e.g. ‘bash helloworld.sh‘ or ‘sh helloworld.sh‘. In this case we tell the operating system that we don’t want to execute ‘helloworld.sh’ but instead ‘bash’ with the script as a parameter. And when bash reads the file the shebang ‘#!/bin/bash’ will be disregarded as a comment. Nice.

One thing that might get you fucked up is the permissions here. If you don’t have exec rights to ‘helloworld.sh’ you are unable to initiate the script using the ‘./helloworld.sh’ notation which makes sense. But you are able to run the script with ‘bash helloworld.sh’. How come? Some damn newbie checked in a fix without code review? Naah, not this time. You see, even though you don’t have exec rights to file ‘helloworld.sh’ you have exec rights to initiate ‘bash’ and the script is seen as a parameter to bash. In order to prohibit users from executing this file you must not only take a way their exec rights (to prevent initiations like ‘./helloworld.sh’) but also their read rights (to prevent execution with e.g. ‘bash helloworld.sh’). If a user have no read rights then bash is not allowed to read this file and the script therefore can’t be executed.

One of the most important differences between the different shell is the support for arrays. Bash supports arrays. Sh doesn’t – you are able to run ‘bash helloworld.sh’ but not ’sh helloworld.sh’. I do not know about the other shells but my guess is that they don’t support arrays either.

VIII – Shell hell

onsdag, juni 23rd, 2010

Shell scripting is my one true love in life besides cocain. It wasn’t love at first sight, though. You see, there is a threshold to be conquered before you can truly enjoy the shell in its only form – simple, honest, definite. But once you’ve climbed that mountain the view cannot be matched by any other programming language I’ve experienced. There are no fancy pancy util classes, code standards or design patterns. There is just raw, untamed bash. It cannot be forced but merely twined into patterns of desired functionality. And yet I have so much more to learn.

But let’s take it from the beginning. Before a user interface (UI) there was a shell – a command line interpreter. In linux this shell is still very much used and is, despite its name, more flexible than a UI could ever be. A graphical window view of the system is very useful from time to time though. In Linux there are a couple of shells that can be used. They are pretty similar. The most used, most advanced, and the most recent is the bash-shell (Bourne Again SHell). You can find the current shell you’re using by typing   ‘echo $SHELL’ in a terminal.
The file ‘/etc/shells‘ contains all of the shells available to you (‘cat /etc/shells’). Your default shell is probably set in your ‘/etc/passwd‘ file (this file contains one line entry for each account on the system and is, by the way, also used to set the $HOME path for each of these accounts). Preferable you want ‘bash’ to be your default shell. You can always change the current shell by typing the name ’sh’ or ‘bash’ or some other shell in your local terminal.
As we’ll see in chapter ‘IX – Scripting’ arrays are support in bash but not in e.g. sh.

VII – Users and groups

onsdag, juni 23rd, 2010

Linux user hierarchy is similar to that in real life. Top dog is the ‘root user’ similar to your family’s Godfather. Then you can have local admins which would correspond to the capos, the underbosses. Barely present in the food chain, lowest in rank, comes the regular user – the associates or as we call them in the street – the ‘local business men’. Needless to say they haven’t been ‘made’ and most of them never will. The root or Godfather can do pretty much anything he likes. He’s untouchable and no one to fuck with. In linux he alone can change the environmental setup and add users to the admin group etc. But with greats powers comes great responsibilities. Running your system as root user can be a dangerous thing since you are able to fuck up the system completely. Therefore it’s not recommended. There are ways to get around this dilemma though. But first let’s look at a simple task as switching user.

su – switch user

The magic word here is ’su’ – ’switch user’ and it goes something like ’su – a_user_name’. You’ll be prompted for the users password and if you’re able to crack it you’re in. One can note the ‘-’ in command ’su – a_user_name’. It’s optional but if it’s included you will also apply the environmental variables of the user when logging in to his account. If the user name is omitted like ’su -’ the system presumes you’re in for a root session and you will be logged in as such.

sudo – superuser do

As stated earlier it’s not recommended running shells in root user mode. In some linux systems you’re able to run specific commands that requires root user privileges with cmd ’sudo’. A regular user is unable to modify the file ‘/etc/passwd‘ but running ’sudo nano /etc/passwd’ will grant you the required rights. When running ’sudo’ you won’t be prompted for the root password but your own. Your authentication is valid for a couple of minutes so if you’re executing several ’sudo’ cmds in a row you probably won’t have to type you’re password for every single command.

I know what you’re thinking and I hate to admit it’s actually a valid question – “what’s the point of having restricted access to the root user magics if you can play God with the newfound ’sudo’ cmd?”. Well, you’re not able to use ’sudo’ unless the root user have given you these permissions in the first place. I have little faith in you but if you’re able to run the ’sudo’ cmd successfully, the root obviously does. Or maybe he was just looking for a cheap blow job.
Any average system should always log all ’sudo’ cmds. One way to do it is to modify the ‘/etc/sudoers‘ file. This file handles all rules to the ’sudo’ cmd. Check out this page in order to get an overview of the file and it’s rules.

sudo su

If you’re running several cmds that requires root privileges you might not want to use the sudo cmd all time but instead open up a root session. The most obvious way to do such a thing is to switch to the root user ‘su -‘. But to do that you must have the root password. If you’re not root yourself (hence, you don’t have the root password) there is another way. You can switch to a root session by running ‘sudo su -‘ which translates into “I need a root session but since I’m not the root but a somewhat authorized user I’d like to use my own password together with ’sudo’ to create that session“. So now you have a root session without knowing the root password just by typing your own password. Sweet huh? I need a drink.

VI – Default file permissions

onsdag, juni 23rd, 2010

Every time you create a file some default permissions is set to it. The permissions are set in file ‘/etc/profile‘ in the variable ‘umask‘ e.g. ‘umask=022′. Every hacker with an IQ slightly over rooms temperature realizes that this is a bit mask. In the case ‘umask=022′ this translates into rights ‘644′ (rw- r– r–) for your created files and ‘755′ (rwx r-x r-x) for your created directories. Maybe an explanation is in place, the bit mask ‘022′ equals ‘000 010 010′ in binary notation. We start out by bit inversion which converts our mask to ‘111 101 101′. Fine. Now we apply these bits with the AND operator to the default set of permissions which is ‘666‘ (‘110 110 110′ or ‘rw- rw- rw-’) for files and ‘777‘ (‘111 111 111′ or ‘rwx rwx rwx’) for directories.
See, a file will never be set with execution rights when created.

For ‘umask=022′ (=000 010 010) this will give us:

111 101 101 (inverted umask)
110 110 110 (default file values)
= 110 100 100 which equals ‘rw- r– r–’ or ‘644′ for files

and for directories:
111 101 101 (inverted umask)
111 111 111 (default directory values)
= 111 101 101 which equals ‘rwx r-x r-x’ or ‘755′

Another example:
umask=556 (‘r-x r-x rw-’ or ‘101 101 110′)

For files:
010 010 001 (inverted umask)
110 110 110 (default file values)
= 010 010 000 which equals ‘-w- -w- —’ or ‘220′

For directories:
010 010 001 (inverted umask)
111 111 111 (default directory values)
= 010 010 001 which equals ‘-w- -w- –x’ or ‘221′

V – Modifying file rights

onsdag, juni 23rd, 2010

To summerize the previous chapter – every file and directory in a linux file system requires certain rights in order to modify them, the needed rights are often different if your the file owner, a group fan or just another junkie and I’ve been a gangster since I was about two cocks high.

But these rights aren’t consistent over time. You’re able to modify the rights with the command ‘chmod‘ (abbreviated from ‘change mode’). In most linux implementations this is true only if you’re root user. No other loose players are able to fuck around changing permissions for the file. For a file ‘BloodyHammer’ with rights ‘-rw-rw-r–’ if you’re the owner you could execute ‘chmod u+x BloodyHammer‘ in order to get execution rights, ‘-rwxrw-r–’.
u‘ is for ‘user’
g‘ is for ‘group’
o‘ is for ‘other’

If you don’t want anyone but yourself to be able to play with the file (I’m mean why should you, what have they ever done for you?) you could exec ‘chmod go-rwx BloodyHammer’ which is translated into “for ‘group’ and ‘others’ take away ‘read’, ‘write’ and ‘exec’ rights”.

You can also specify rights by using a bitmask.
read=4
write=2
exec=1
no rights=0

So if you want to give user all read, write and exec rights this sums up to 4+2+1=7
You want to give group users read and execute rights only 4+0+1=5
All others should not be able to do anything with the file 0+0+0=0
So now we can set our new file permissions with ‘chmod 750 BloodyHammer‘ capishe?

There are a couple of other syntaxes here but you get the point.

As stated above you need to be logged in as root in order to change the ownership of a file/directory. If you are, this can be done with ‘chown‘ (‘change owner’). With ‘chown’ you can also modify group ownership as well – just add a colon after the new owner name followed by the new group. Example: change the owner to ‘testuser’ and group to ‘admin’ for file ‘helloworld.sh’ – ’sudo chown testuser:admin helloworld.sh’ (now, don’t you worry ’bout the ’sudo’ prefix for now. We use it to tell the system to execute our cmd as the root user. We’ll get back to this in chapter ‘VII – Users and groups’)

ls -l
# -rwxr-xr-x 1 sgar sgar 230 2010-06-22 15:22
helloworld.sh

sudo chown testuser:admin helloworld.sh
ls -l
# -rwxr-xr-x 1 testuser admin 230 2010-06-22 15:22 helloworld.sh

If you’d like to change the group only you can use cmd ‘chgrp’
sudo chgrp sgar helloworld.sh
ls -l
# -rwxr-xr-x 1 testuser sgar 230 2010-06-22 15:22 helloworld.sh

There are more to this file rights shit but I’d just leave it here for now. Along with the usual pornography I recommend some careful reading of the commands ‘setuid‘ and ‘setgid‘ which grants a non-privileged user to execute files with the additional rights of the owner.

IV – File characteristics

onsdag, juni 23rd, 2010

Unlike in real life in a linux system you cannot do exactly what you want. See, you might have to have some kind of permission in order to read, write and execute a file. It’s like being five years old again when mother told me I could not do crack but just meth. Not that I did care but anyway. When running ‘ls -l‘ you’re able to see all files listed in the folder. But together with the ‘-l’ parameter you also get some additional parameters – the characteristics of each file.

ls -l
# drwxr-xr-x 1 sgar users 0 May 5 16:22 my_folder

In today’s class we’re looking at what we’re allowed to do with each file so we notice the first string of hieroglyphs in the example above – ‘drwxr-xr-x’. For educational purposes, after all that’s why you’re here, we split it into ‘d   rwx   r-x   r-x’.

# d   rwx   r-x   r-x 1 sgar users 0 May 5 16:22 my_folder
First thing we can notice is the first ‘d’ character. The ‘d’ stands for ‘directory’. So we come to the conclusion that this is a folder, not a file (technically this is a file but it serves as a directory. Also, careful readers might have noticed that a symbolic link begins with an ‘l’ from the ‘Links’ chapter.).

# d   rwx   r-x   r-x 1 sgar users 0 May 5 16:22 my_folder
The next three characters (rwx) represents the owners rights. They are spelled out in
the magic language ‘r’, ‘w’ and ‘x’.

r‘ stands for read rights. When set for a directory, this permission grants the ability to read the names of files in the directory (but not to find out any further information about them such as contents, file type, size, ownership, permissions, etc.)

w‘ stands for write rights (puh!) so that you’re able to modify a file. In the case of a directory, this permission grants the ability to modify entries in the directory. This includes creating files, deleting files, and renaming files.

x‘ stands for execution rights. This permission must be set for executable binaries (for example, a compiled c++ program) or shell scripts (for example, a Perl program) in order to allow the operating system to run them. When set for a directory, this permission grants the ability to traverse its tree in order to access files or subdirectories, but not see files inside the directory (unless read is set).

# d   rwx   r-x   r-x 1 sgar users 0 May 5 16:22 my_folder
The owner is the person, monkey or regular drug dealer that created the file – in our case ’sgar’ is the owner which is listed together with the ‘ls -l’ cmd.

# d   rwx   r-x   r-x 1 sgar users 0 May 5 16:22
my_folder
The next three characters ‘r’, ‘-’ and ‘x’ are the group rights. Everybody belongs to a group. In the example above the group is named ‘users’ and everyone belonging to this group have rights to read and execute the file or, in our case, the directory.

# d   rwx   r-x   r-x 1 sgar users 0 May 5 16:22
my_folder
Last and truly least are the ‘others’ rights – the rights for everybody that hasn’t created the file or belong to the correct group. In the example they as well are allowed to read and to execute the file but not write to it.

Every file and directory have such rights. Our next chapter will focus on how to change them. After all, breaking rules are much more fun. I hated cigarettes until I saw my first ‘no smoking’ sign. ‘Keep of the grass’, let’s play soccer.

III – Hard and soft links

torsdag, juni 10th, 2010

    Before moving on I’d like to stress two more things:
1. Vengeance is a dish best served cold
2. Hard and soft links

Hard links

    A hard link is two or more file names referring to the same inode. Hard links share the same data blocks on the hard drive, while they continue to behave as independent files. Obviously you didn’t get that. Obviously I’ll give you an example:

<====================

#!/bin/bash
# Don't worry about the line above - I'll explain that later.

# First create a regular file
echo "one hard link ordered" > HLink_org.txt

# Now make a hard link to this file
ln HLink_org.txt HLink_link.txt

# Check new file
cat HLink_link.txt # This will provide an output like the original ‘one hard link ordered’

# List the files and their iNodes
ls -il
# This will provide an output similar to:
# 1482256 -rw-r–r– 2 sgar group 21 May 5 15:55 HLink_org.txt
# 1482256 -rw-r–r– 2 sgar group 21 May 5 15:55 HLink_link.txt
# As you can see both files refer to the same iNode (the number first in each row). If you change ‘HLink_org.txt’ the changes will also apply to
‘HLink_link.txt’

# add ‘appending class’ to file ‘HLink_org.txt’
echo ”appending class” >> HLink_org.txt

# Even though the changes were made to the original file they are found in ‘HLink_link.txt’ as well
cat HLink_link.txt

# If we remove the original file ‘HLink_org.txt’ the hard link ‘HLink_link.txt’ is still accessable and unmodified
rm HLink_org.txt
cat HLink_link.txt

===================/>

    When there are no links referring to a point of data e.g. when all hard links have been removed together with the original file (and no process has the file open for access) the data is deallocated by the operating system.

    The major disadvantage with hard links is that they cannot span over partitions since the iNode numbers are uniqe only within a given partition. But there is a cure for this – soft links (also called ’symbolic links’ or ’symlinks’).

Soft links

    Instead of pointing to an iNode, soft links point to a specific file path. Therefore they can span over partitions. On the other hand, if the source file is deleted the link will be broken although still visible.

<====================

#!/bin/bash
# Don't worry about the line above - I'll explain that later.

# First create a regular file
echo "soft links - easy like Sunday morning" > SLink_org.txt

# Now make a symbolic link to this file which is done with the ‘-s’ parameter
ln -s SLink_org.txt SLink_link.txt

# Check new file
cat SLink_link.txt # This will provide an output like the original ’soft links – easy like Sunday morning’

# List the files and their iNodes
ls -il
# This will provide an output similar to:
# 1482256 -rw-r–r– 1 sgar group 21 May 5 15:55 SLink_org.txt
# 1482226 lrwxrwxrwx 1 sgar group 21 May 5 16:22 SLink_link.txt -> SLink_org.txt
# In difference from the hard links we can see that the iNode numbers for the two files are different. Also one can notice the ‘l’ char in the ‘lrwxrwxrwx’ sequence
# which is the sign of a symbolic link. Also, for the soft link we can see that it refers to the ‘SLink_org.txt’ file.

# Now add ’soft dogs’ to file ‘SLink_link.txt’
echo ”soft dogs” >> SLink_link.txt

# The modifications made to the soft link is visible also in the original file.
cat SLink_org.txt

# But now, here comes the grande finale, if you remove the original file the soft link will not be destroyed but point to a file that does not exist
rm SLink_org.txt
cat SLink_link.txt
# Output’s gonna be something like ‘cat SLink_link.txt: File not found’ even though the actual soft link is still found in the file system

===================/>

II – iNodes

torsdag, juni 10th, 2010

    From previous readings we can see that each partition has it’s own filesystem. And in Linux everything is a file. And if not it’s probably a process. Furthermore each file is described in a so called iNode. The iNode holds a record similar to the one the government has of me. But instead of buglary, assault and jailbreak the iNode record holds information of the files type, size, owner, etc. The iNode does not include the file name and directory though. This information is stored in other files but the OS is able to make up a tree-structure that the user can understand by comparing iNode numbers and filenames/directories.

I – Partitions & root folders

torsdag, juni 10th, 2010

    Partitions increase safety. If you fill up a harddrive with only one partition you’re fucked. If you have several your data partition might be out of mem but your system partition will still be functional. Also, you can increase disk space efficiency – if you have a lot of small files with an avarage size of 1 kb and your partition block size is set to 4 kb you’ll be wasting 3 kb for each file allocation. With several partitions you can optimize them for the avarage filesize on that partition.
Linux have several partitions.

    Linux comes with swap partition and some other shit that you really don’t have to care about. I’d say roll up a joint and skip next section. If you have some sort of mental disorder or, worse, for some unimagenable reason are truly interested, here is the brief go through:

    All partitions are attached to the system via a mount point. In Linux, usually all partitions are connected through the root partition. This partition is indicated with the slash (/). Partitions however, should not be confused with regular folders and when you’re looking in the root folder there seem to be folders, just folders, no partitions. How come?
You can look at it this way – a cargo ship fills the role of a partition, a container the roll of a folder. All you have to care about is to remember in what container you stacked your cocain, crack, etc. You don’t have to worry about what cargo ship that takes them over the ocean. I put my heroin in container ‘fun_and_games’ and I put my weapons in container ‘diffensore’ and then I just don’t give a shit which cargo ship that brings ‘em. I put my private files in folder ‘private’ which might be on partition A or B or… and I take my public files and put them in folder ‘public’ which might reside on partition A or B or…
You can check the partition of the current folder by using cmd ‘df -h .’. Again, some of these folders are kept on different partitions to make the world, or at least your work station, a safer place.

Okey, move along.

    So I stole that picture honestly from ‘http://www.linuxconfig.org/Filesystem_Basics’. As you can see there are a lot of folders in your root directory. I’d like to explain them to you some day. Eeh, wait a minute, correction – I don’t want to explain the to you. Not now, not ever. You’ll have to check ‘em out on your own, cowboy.

    All folders in the root folder, no matter what partition it belongs to, starts with a ‘/’. For an avarage grade you should have come to the conclusion that all absolute paths starts with the sign of the root ‘/’ e.g. ‘/dev’, ‘/usr/bin’, ‘/home’ etc. The ‘/’ character is just to show that we want a folder in the root. ‘cd /dev’ relates to the folder in the root directory. ‘cd dev’ relates to a ‘dev’ subfolder in your current directory.

Beginning…

torsdag, juni 10th, 2010

Alright kiddos.

Lean back, roll with some background Cypress Hill and light up that crack pipe – Linux salvation’s ahead.