P1: JDW
UNIX WL040/Bidgoli-Vol III-Ch-41 August 13, 2003 17:26 Char Count= 0
508 UNIXOPERATINGSYSTEMTable 5Main Directories and Their Functions on a Typical
Unix System/(root) The base directory of all other directories
/bin The directory that holds system binaries
/usr The directory that contains user commands
/etc The directory that contains system configuration
files, including the files involved in system
initialization
/tmp A world-writable directory for storing temporary
files (deleted periodically)
/home The base directory for all user’s home
directoriesworking directory. Such pathnames are called relative be-
cause they are completely relative to whatever directory
the user happens to be in when the relative pathname is
referenced. For example, if the current working directory
happens to be the root directory itself, the absolute path-
name /etc/security/dev/audio denotes the same file as the
relative pathname etc/security/dev/audio (notice the miss-
ing initial ‘/’ slash). If the current working directory is a
sibling directory (a directory at the same level) as /etc., for
example, /bin, then the audio file could be represented by
the relative pathname “../etc/security/dev/audio.” Again,
the pathname is relative because (a) its validity depends
on the current working directory and (b) the pathname
does not begin with a ‘/’ slash, denoting the root directory.
For security, Unix files may be assigned permissions
as to which users and which groups of users may access
them, and in what ways. For example, I might create a file
in a directory called “personal.stuff” and name that file
“confidential.info.” I might decide that only I can modify
that data, but I might wish to allow other executives to
read (but not modify) the file’s contents. I might also de-
cide that no one else should have access to that file in any
way, effectively disallowing others from using the file in
any way. In Unix, access to files and directories can be con-
trolled through the use of file and directory permissions.Security
Security on a Unix system is a layered approach defined
in terms of access to the system itself and its resources, in-
cluding files and directories. Access to the system is man-
aged by encrypted passwords associated with userids dur-
ing the login process.
Files may be read from, written to, and executed, de-
pending on individual permissions. Every file in the Unix
file system (remember directories are files) has a partic-
ular user who “owns” the file, as well as a group that is
associated with the file. Groups collect users and give the
ability to assign rights to a file to a group of users in addi-
tion to the single user who owns the file. One can see the
file permissions for most any file in the system by typing
the “ls -l” command. For example, if there is have a file
called “inventory.stat” owned by the user “tom” and asso-
ciated with the group “inventory,” one might see a long
directory listing such as the following:-rw-rw-r-- 1 tom inventory 1098764 May 1
2001 inventory.statThis set of information tells us the following:The file’s name is “inventory.stat”;
The user “tom” owns the file;
The file is associated with the group “inventory”;
The file contains 1,098,764 bytes;
The file was last modified on May 1st of 2001;
There is 1 hard link to the file; and
The file’s access permissions.According to the symbolic rights of the inventory.stat
file, the permissions are represented as “rw-rw-r- -.” This
means that the owner would be able to read and write the
file (the first “rw-” in the triad), the members of the group
“inventory” associated with the file would also be able to
read and write the file (the second “rw-” in the triad), but
all others would only be able to read the file (the final
“r- -” in the triad).THE UNIX PHILOSOPHY
Write Small Programs That Do One
Thing Well
From the beginning, Unix has had a penchant for small
programs. Some of this is due to the inherent memory lim-
itations of the early Unix systems, but another more im-
portant reason was the philosophy that programs should
be small, do one thing, and be written to act as filters.
Thus, many small programs could be linked together us-
ing pipes to create a much larger capability. Unix users can
create their own “super commands” by putting together
numerous filters in a new order to accomplish some larger
activity.
Other operating systems provide large commands that
do a lot of work but that are not easy to tailor. By providing
a number of small programs that do a number of specific
things, but that can be arranged in succession to accom-
plish much larger scale tasks, Unix offers its users both
the advantage of power as well as flexibility—an addictive
combination.Write Programs to Communicate Over a
Common Data Format
Integral to the concept of pipes and filters is the empha-
sis on writing data out in a common format. The key to
being able to “plug and play” various filters is that filters
are designed not to accept some proprietary data format,
but are designed to work generically with standard ASCII
text. By forcing a constraint that all filters must deal with
plain ASCII text, filters can use the generic pipes that Unix
provides to communicate with one another without in-
curring an additional overhead by having to marshal and
demarshal incoming and outgoing data. So Unix can be
said to have a penchant for plain text, and this is par-
tially why all Unix editors (ed, emacs, vi, ex, pico, nedit,
etc.) work with plain ASCII text. Contrast this with a data
file created by a proprietary program such as Microsoft
Word. In that format, the only program that can suc-
cessfully read that file is Microsoft Word. No other tool
can be leveraged to work on that file, implying that if the