solaris admin s100_10
TRANSCRIPT
Solaris 10 Administrator IISA-200-10
Agenda
2
Solaris 10 Operating System Essentials (SA-100-S10) ● Use components of the desktop system● Manage files and directories● Create and modify files● Control the user’s work environment● Archive files and perform remote operations
System Administration for the Solaris 10 OS Part 1 (SA-200-S10)● Manage file systems● Install software● Perform system boot procedures● Perform user and security administration● Manage network printers and system processes● Perform system backups and restores
Agenda
3
System Administration for the Solaris 10 OS Part 2 (SA-200-S20)● Describe network basics● Manage virtual file systems and core dumps● Manage storage volumes● Control access and configure system messaging● Set up name services● Perform advanced installation procedures
Network Administration for Solaris 10 Operating System(SA-300 S10)● Configure the Network Interface layer● Configure the network (Internet and Transport layers)● Configure and manage network applications
Agenda
4
Solaris 10 Operating System Essentials (SA-100-S10) ● Use components of the desktop system● Manage files and directories● Create and modify files● Control the user’s work environment● Archive files and perform remote operations
Agenda
5
1. Viewing and Using Components of the Desktop SystemUsing the Desktop in the Solaris™ 10 Operating SystemUsing Command-Line Features and Online Help ResourcesViewing Directories and Files2. Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory ContentsUsing the vi EditorUsing Commands Within the ShellUsing Basic File PermissionsConfiguring Access Control Lists (ACLs)3. Searching and Process ManipulationSearching Files and DirectoriesPerforming Basic Process Control4. Working With the ShellAdvanced Shell FunctionalityReading Shell Scripts5. Archiving Files and Remote TransferCreating ArchivesCompressing, Viewing, and Uncompressing FilesPerforming Remote Connections and File Transfers
Agenda
6
7
Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory Contents
Copying Files and Directories cp -option(s) source(s) target
Moving and Renaming Files and Directories mv source(s) target
Creating Files and Directories Touch filename mkdir -p directory_names
Removing Files and Directories rm -option filename
8
Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory Contents
Using Symbolic Links and Hard link Hard link
9
Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory Contents
Advantage and Disadvantage of Hard link Advantage
Find to faster Working on many application Hard link still working even source file has been removed
Disadvantage Cant hardlink to directory have to rely on inode to identify hardlink in each file
10
Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory Contents
Using Symbolic Links and Hard link
Soft link
11
Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory Contents
Advantage and Disadvantage of Symbolic Links Advantage
Link to directory and file Easy to find soft link on inode
Disadvantage Some application not allow for use symlink The symlink would be fail when source files were deleted or
moved
12
Manipulating and Managing Files and DirectoriesChanging the Solaris OS Directory Contents
Using Symbolic Links ln -s source_file target_file
Symbolic Links
Version 1 Version 2 Version 3
Requests
Using Basic File PermissionsHardlink & Softlink
14
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Viewing File and Directory Permissions Using the ls -l command and the ls -n command to view the
permissions The Solaris OS uses two basic measures to prevent
unauthorized access to a system and to protect data: The first measure is to authenticate a user’s login by verifying that the
user name and password exist in the /etc/passwd and /etc/shadow files.
The second measure is to protect file and directory access automatically. The Solaris OS assigns a standard set of access permissions at the time of creation of files and directories.
The Solaris OS also provides a special user account on every system, called the root user.
15
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Types of UserField Description
Owner Permissions used by the assigned owner of the file or directory.
Group Permissions used by members of the group that owns the file or directory
User Permissions used by all users other than the file owner, and members of the group that owns the file or the directory
16
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
# ls -n /var/adm-rw-r--r-- 1 0 0 6516 Nov 18 07:48 messages
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Changing the Permissions Permission Modes
Symbolic mode — uses combinations of letters and symbols to add or remove permissions for each type of user.
Octal mode — uses octal numbers to represent each permission. Octal mode is also referred to as absolute mode
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Changing the Permissions Changing Permissions in Symbolic Mode
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Changing the Permissions Changing Permissions in Octal Mode
Octal Value Permission Sets Binary7 rwx 111 (4+2+1)
6 rw- 110 (4+2+0)
5 r-x 101 (4+0+1)
4 r-- 100 (4+0+0)
3 -wx 011 (0+2+1)
2 -w- 010 (0+2+0)
1 --x 001 (0+0+1)
0 --- 000 (0+0+0)
Manipulating and Managing Files and DirectoriesUsing Basic File Permissions
Changing the Permissions Changing Permissions in Octal Mode
Octal Value Permission Sets Binary7 rwx 111 (4+2+1)
6 rw- 110 (4+2+0)
5 r-x 101 (4+0+1)
4 r-- 100 (4+0+0)
3 -wx 011 (0+2+1)
2 -w- 010 (0+2+0)
1 --x 001 (0+0+1)
0 --- 000 (0+0+0)
Using Basic File PermissionsUsing Basic File Permissions
Q & A
Using Basic File PermissionsUmask
In the Solaris OS, the default umask value is 022 The initial permission value specified by the system at the time of file
creation is 666 (rw-rw-rw-). The initial permission value specified by the system for a directory at the
time of its creation is 777(rwxrwxrwx).Umask Octal Value File Permissions Directory Permissions
0 rw- rwx
1 rw- rw-
2 r-- r-x
3 r-- r--
4 -w- -wx
5 -w- -w-
6 --- --x
7 --- ---(none)
Using Basic File PermissionsUmask
Calculating The Final Permission For Directories permissions of new directory = DBP XOR U (111 111 111 XOR Umask value)
Directory base permissions = DBP U = Umask Value
Calculating The Final Permission For Files permissions of new directory = FBP XOR U
(110 110 110 XOR Umask value) File base permissions = FBP U = Umask Value
Using Basic File PermissionsUmask
Using Basic File PermissionsUmask
Using Basic File PermissionsUmask
Q & A
Using Basic File PermissionsConfiguring Access Control Lists (ACLs)
Standard UNIX file protection provides read, write, and execute permissions for the three user classes: file owner, file group, and others. ACLs provide greater data access control for each file or directory. ACLs enable you to control file permissions more finely.
ACL Commands
Command and Option Descriptiongetfacl filename(s) Displays ACL entries for files
setfacl acl_entries filename Configures ACL entries on files
Using Basic File PermissionsConfiguring Access Control Lists (ACLs)
Viewing ACL Entries# getfacl file1$ file: file1$ owner: userc$ group: sysadminuser::rwgroup::r-- #effective:r--mask:r--other:r--
Using Basic File PermissionsConfiguring Access Control Lists (ACLs)
Viewing ACL Entriesentry-type:[UID or GID]:perm
entry-type– Specifies the scope of the file permissions to the owner, owner’s group, specific users, additional groups, or the ACL mask.
UID or GID– Specifies the user’s name or user’s identification number (UID), or the group’s name or group’s identification number (GID).
perm– Symbolically specifies permissions for entry-type by using r, w, x, and -, or by using octal values from 0 to 7
Using Basic File PermissionsDetermining if a File Has an ACL
When viewing the output of the ls –l command, if a file has an non-trivial ACL entry, a plus (+) sign appears at the end of the permission field.
root@mailserver # ls -l total 0-rw-r--r--+ 2 root root 0 Dec 23 15:08 file1-rw-r--r-- 1 root root 0 Dec 23 15:08 file2-rw-r--r-- 1 root root 0 Dec 23 15:28 file3root@mailserver #
Using Basic File PermissionsConfiguring ACLs by Using the Command Line
Command/Option Descriptionsetfacl -m acl_entries filename Creates or modifies ACL entries on files
setfacl -s acl_entries filename Substitutes new ACL entries for old ACL entries
setfacl -d acl_entries filename Deletes one or more ACL entries on files
setfacl -r filename Recalculates the ACL mask based on the ACL entries, when used with the -m or -s option
Using Basic File PermissionsUmask
Q & A