Chapter 2 UNIX Utilities I (All commands are based on

Solaris, some are for Linux)

By C. ShingITEC Dept

Radford University

Objectives• Understand what’s involved in Unix login and

logout process• Understand how to use Unix help• Understand how to traverse directory tree• Understand how to create a directory, list its

content and delete a directory• Understand how to create files, change its

name, copy files and delete files• Understand how to control file printing• Understand how to list and set file attributes

Unix Login & Logout• Unix is case-sensitive• After Login, use home directory and shell specified

in /etc/passwd and executes files (for environment set up):– .login command executed when user log in– .cshrc command executed when C shell startsNote: no prompt when login as root, it has no security check.

If hacker gets /bin/sh, then system security breach• After logout, executes:

– .logout command executed when user log out

Unix Help

There are possible 8 sections in each manual page:

• Commands• System calls• Library functions• Special files• File formats• Games• Miscellaneous• System administration utilities

Usage:• man –k keyword• man –s manual_section_number command• man –f command

one line explanation of the command

Example:man –k mode | moreman –s 2 chmod (Solaris) : list section 2 manual of chmodman 5 passwd (Linux)man –s 1m getty (Solaris)man –-S 1m getty (Posix)man –f echo

Unix Help

Traverse Directory Tree• List current folder

– pwd• Change directory

– cd path_name• Absolute path

– cd /home/uid/pulic_html• Relative path

– cd ./public_htmlor

cd public_html– cd ..– -cd ~

– Go back to home directory• cd

– Go back to previous directory• cd -

Create/List/Rename/Delete/COPY Directory

• Create– mkdir directory_name

• List– Directory name only

• ls –d directory_name– Directory contents

• Unhidden files– ls directory_name

• All including hidden files– ls –a directory_name

• Files and everything in subfolders– ls –R directoryn_ame

Note: if file/directory name listed is a number, it may belong to an intruder.

Hidden Files Example

• .historycontains previous commands that saved. Can keep track of intruder’s action.

command: history shows saved history in RAM• .ckpt (Only in rucs)

contains backup files of your account

Create/List/Rename/Delete/COPY Directory

• Rename– mv old_ directory_name new_ directory_name

• Delete– Empty

• rmdir directory_name

– Has contents• rm –rf directory_name

• Copy directory1 to directory2– cp –r directory1 directory2

Create Files• Create

– Small file• cat > filenameType in the content, end the standard input by pressing

<ctrl><d>• touch filename

Create an empty file– Large file

• vi filename• vim filename(type vimlearn for on-line tutorial about vim)

List Files• List

– File name only • ls filename

– File name along with file type symbol• ls -F filename

– File long information (attributes)• ls -l (ls –l filename)

– File contents• cat filename• more filename• less filename (b – backward, f – forward)• page (Solaris)• head –n 5 filename (or head -5 filename): 1st 5 lines of file• tail –n 5 filename (or tail -5 filename): last 5 lines of file

List Files– The 1st 5 lines

• head -5 filename (Solaris)• head 5 filename (Linux)

– The last 6 lines• tail -6 filename (Solaris)• tail 6 filename (Linux)

– wc filename• Total number of lines

– wc –l filename• Total number of words

– wc –w filename• Total number of characters

– wc –c filename

Rename/Move/Delete/Copy Files

• Rename– mv old_ filename new_ filename

• Move file1,…,filen to a directory– mv file1 file2 … filen directory_name

• Delete– A file

• rm –f filename– Files and all sub-directories in the current folder

• rm –rf *• Copy file1 tp file2

– cp file1 file2

Control File Printing

• System V– Print file

• lp –d printername –n copies filename– Print n pages on one paper

• mpage -n– Check status

• lpstat printername– Delete print job

• cancel printjobid

Control File Printing

• BSD– Print file and send e-mail to notify when done

• lpr –Pprintername –m -#copies filename– Check status

• lpq -Pprintername– Delete print job

• lprm –Pprintername printjobid

List/Set File Attributes• file attributes (ls –l) in data structure stat

(/usr/include/sys/stat.h)1. mode: 16 bits, from left most

1. Type: 4 bits, from left1. Regular file: shows – when use ls -l2. Directory: shows d when use ls -l3. Device: shows c when use ls -lExample: ls –l /devices (Solaris)4. FIFO stream (Socket)

2. SUID (Set User ID): shows s/S when use ls -l set to allow the executable runs as to have the owner privilege, used by passwd, lp, mail, mv, ps, cgi-wrapper etc

Example: ls –l /usr/bin/lp (in solaris) ls –l /usr/bin/passwd (in Linux)

List/Set File Attributes (Cont.)1. mode: 16 bits, from left most (Cont.)

3. SGID (Set Group ID): set to allow the executable runs as to have the group privilege

4. Sticky: shows t (in ls –l) if set1. File (for efficiency): keep the file in either RAM or swap space 2. Directory (shared): only owner can change his/her file

attributesExample: ls –dl /var/tmp

5. User (3bits): s (in ls –l) means x is set when SUID; otherwise S, r has octal 4, w has octal 2, x has octal 1

6. Group (3bits): s (in ls –l) means x is set when SGID; otherwise S, r has octal 4, w has octal 2, x has octal 1

7. Other (3bits): r has octal 4, w has octal 2, x has octal 1

List/Set File Attributes2. uname3. gname4. Size: Bytes5. Nlink: number of aliases (or hard links)6. Mtime (last file content modified time)Note: Unix time starts from Jan 1, 19707. Atime (last file access time)8. Ctime (time for last file contents, or meta-data

changed, i.e. change of inode)(Note: In Windows, it is the file creation time)

List/Set Directory AttributesNote: For Directory (Contains filenames)M Time:

changed when create, delete or rename filesnot changed even when file content modified

A Time:changed when list directory content (i.e. directory read)not changed when create or delete files (write directory) or change directory (execute directory)

C Time: directory attribute change

List/Set File Attributes (some ls command options are not implemented in Ubuntu)

• List– Include hidden files

• ls –al– Include non-hidden files

• ls –l– Modified time

• ls –lt or ls -l– Access time

• ls –lu– Change time

• ls -lc– Size (in blocks)

• ls –s– Type

• file filename– Group

• groups username

List/Set File Attributes

• Set– Owner

• chown newowner filename• chown noewowner:newgroup filename (Linux)• chown –R newowner file1 file2 …

– Group• chgrp newgroup filename • chgrp –R newgroup file1 file2 …

List/Set File Attributes

• Set Permissions:– File

• r : can see the file content (use cat)• w : can modify file (use vi)• x : can execute the file (the file is either an executable or a

shell script)

– Directory• r : can list file names in the directory (use ls)• w : can create or delete files in the directory (use vi, cp, mv)• x : can search the files in the directory (use cd)

List/Set File Attributes• Set

– Change permission: chmod• Relative permission:

use letter: u, g, o, a : user, group, other, allr, w, x : read, write, execute

– chmod u+r filenameadd read access of filename to user

– chmod o-w filename take off write privilege of filename from other

– chmod a+x filename add execute privilege of filename to user, group and other

– chmod u+s executableset UID bit on of the executable

– chmod g-s executable set GID bit off of the executable

– chmod +t directoryset sticky bit on of the directory

List/Set File Attributes• Set absolute permission

• Use octal – chmod 400 filename

read only access of filename to user– chmod 050 filename

give read and execute privilege of filename to group– chmod 4200 executable

set UID bit on and write access of the executable– chmod 2060 executable

set GID bit on and give read and write access to the executable

– chmod 1644 directoryset sticky bit on, give read+write to users, write to group and other of the directory

Misc. TC Shell Commands

• ssh –l uname machinename• passwd: change password in /etc/shadow

file• tty : display terminal port• stty –a : check terminal characteristics• Set certain keys to erase

stty erase [Backspace key] stty erase [Delete key]

Misc. TC Shell Commands (In .cshrc/.login)

• set prompt = ‘new prompt’• set path = ($path /additional_search_path)• set savehist = n

save n commands in .history file• set history = n

save n commands in RAM• set noclobber

prevent accidentally overwriting by redirection• set ignoreeof

prevent accidentally logout by <ctrl><d>• set notify

notify immediately the completion of background jobs instead of after pressing <Enter>

Misc. TC Shell Commands (Cont.)

• script name.txt ( exit to quit): record text in screen

• image screen.jpg (Red Hat Linux only): screen shot

• which: which command is used• whereis: list absolute path of command locations• who am i: login info.• file filename: best guess file type(e.g. LSB file)

Misc. TC Shell Commands (Cont.)• <

redirect input• >

redirect output to a new file• &> (Bash only)

redirect output to a new file without showing error message in screen

• >>redirect output to append to the existing/a new file

• a.out < inputdata.txt >! output.txt• a.out < inputdata.txt &>! output.txt (Without Error

Message Shown - Bash only) overwrite output.txt if it exists• exit/logout/<ctrl><d>

Misc. TC Shell Commands (Cont.)

• !!execute the previous command

• !-2execute the second from the last command

• !nexecute history event n command

• !cmdexecute the most recent command that begins with cmd

• !n:p show history event n without executing it

Misc. TC Shell Commands (Cont.)

• !cmd:s/word1/word2execute the most recent command that begins with cmd by replacing word1 with word2

• !cmd:gs/word1/word2execute the most recent command that begins with cmd by replacing every word1 with every word2

• ^word1^word2execute the previous command by replacing word1 with word2

Misc. TC Shell Commands (Cont.)

• uname: list machine OS• uname –r: list machine OS version• uname –n: list machine name• date +”20%y %m %d %H %M %S”: list year (20xx),

month, day, hour, minute, second• clear• cat –n filename number the file content (all lines)• nl filename

number each non-blank line in the file• cat filename | nl : number the non-blank line output

Misc. TC Shell Commands (Cont.)

• mv –i, cp –i, rm –i• umask : set file creation mask• passwd : change password• id: show uid and gid• newgrp : create new shell for new group• tset : reset terminal type• touch -t YYMMDDHHMM.SS : change

mtime and atime (Hacker hide track)

Misc. TC Shell Commands (Cont.)

• echo message• echo “message”• printf “message\n”• printf message• source .cshrc (or . /source .cshrc)

rerun an updated shell without re-login• cd ~uid (or cd $HOME)

change directory to /home/uid• cd – (or cd ~-)

change directory to the previous visited directory

Misc. TC Shell Commands (Cont.)• alias

show all aliases• unalias cmd

unset the alias cmd• alias cp “cp –i”• \cp oldfile newfile

use the unaliased cp command• umask: create files (directory) with permission subtracted from default

permission 666 (777)• umask 022: create file with permission 644 and directory with permission 755• su uname: substitute user login• /bin/su -: login as superuser• sudo: execute with owner’s privilege• apt-get upgrade (install updates on Ubuntu)• apt-get install pkgname (install phgname on Ubuntu)• wget https://..../filename (download filename from web location on Ubuntu)

Reference

• Vi editor (or vim editor – with some GUI)– Environment customize: .exrc(Use :set all in vi)

• set autoindent• set noautoindent• set ignorecase• set noignorecase• set number• set nonumber• set showmode• set noshowmode

Example of Using SetUID BitHave File processing hands-on:fileprocessing.c and fileprocessing.txt ready in /home/cshing/public_html/310/Lecture/tmp.•Instructor (1st): In tmp directory

cd ~/310/Lecture/tmpchmod o+x ../tmpgcc fileprocessing.cchmod u+s,o+x a.out

•Student:/home/cshing/public_html/310/Lecture/tmp/a.out /home/cshingpublic_html/310/Lecture/tmp/fileprocessing.txt