Subtitles of the Movie

Another bit you can set for directories and executable files is the sticky bit. With this bit set for an executable, when you finish the execution of it, it stays in memory so it's already loaded if you, or somebody else, wants to execute it again. This was more useful in days of slow disk drives, but with the faster access of today, this use is mostly obsolete. But it still has a purpose for directories. With a sticky bit set on a directory, users can only rename or remove files in it that they own. It's not uncommon to have the sticky bit set on the Temp directory because everybody shares it. You set the sticky bit with a T option on the Change mod command. You can see the sticky bit setting by using LS to list the permissions. It will show up as the letter T appended onto the end of the permissions list. SUID stands for Set User ID. It's for executable files and shows up as an S in the user permissions where you would normally see an X. When you run the program, your user ID changes to that of the owner of the file, but only while that program is running. For example, if it's an executable script owned by the root, you will be granted root permissions while the script is executing. Be careful with this one. Any user can run it and will have root permissions when he does. You set it by using the S option on Change mod. It will show up in LS as an S where you would normally see an X for the user. The SGID bit is the Set Group ID bit. It does for the group what Set Usr ID does for the user. It is for executables and it is set the same way. It will show up as an S in place of an X in the group permissions displayed by LS. Another form of controlling access to files is ACL, which stands for Access Control List. This type of access control differs from one Linux to another and does not exist for all Linux distributions, but it does work with EXT2 and EXT3 file systems. In most cases, it's a directory level access control affecting the contents of the directory. The first step to setting up ACL is to add the ACL option for the disk partition in FSTab. It will be necessary to remount the file system, and that's all you need to do. Now you can start setting extended permissions on the files. You can read the permissions with a Get FACL command, and you can set extra permissions per user for several users with the Set FACL command. The permission settings work the same way; 3 bits for read, write, execute; but you can add lots of them for several users. And the long display form of the file name will show a plus sign at the end if ACL has been added to it. You can always get the user names and permission settings with Get FACL. For an AFS file server, the command to manage ACL lists, is named FS. As an exercise, use the Touch command to create files with UMask settings of 0, 022, 777, and 033, and then look at the permissions and see what you've got. You need to relate the bits of an octal number to the permission settings. Change the permissions on a file until you can use octal digits and get exactly what you want. You also need to work with a character mode of setting permissions. You'll find that you prefer either character or octal, one or the other. Set the sticky bit on your Temp directory and look at it with LS.