There is a world of difference between Windows and Linux in file handling. Your immediate need is to understand the business of permissions. One of the fundamental security advantages in Linux is every file is owned by someone, and the owner gets to decide what happens to those files. Ownership, of course, is limited to those who have an identity on the computer in question.
First, let’s open that Terminal again. When first opened, by default your relative location in the system is your Home directory. So important is this, anytime you issue the command cd
without saying specifically where you want to go, you’ll be sent here to the same place, Home. On the Linux commandline, we love our abbreviations. When you are typing things on the commandline, the symbolic reference to your Home is ~/
— that’s a tilde and a forward slash together in that order.
Let’s see what’s there. Type ls
(lower-case LS). You get a column list of item names, in different colors. Blue is what marks a directory, which may or may not have anything inside it. You should have at least Desktop and Downloads, and mostly likely some other standard folders such as Documents, Music, Pictures and Videos. Not so different from Windows in that sense. You may not see any files, which show up as black. That is, unless you’ve been playing with the color scheme in the Terminal menu system. But there isn’t much information about the folders and files. Who owns them?
Type “ls” again, but with an added switch, which asks for the full length version of information about each item: ls -l
. You should see something like:
drwxr-xr-x. 2 ed ed 4096 Jan 5 08:42 Desktop
drwxr-xr-x. 2 ed ed 4096 Jan 7 14:33 Documents
drwxr-xr-x. 3 ed ed 4096 Jan 9 17:40 Downloads
That first column is all about permissions. I’m not going to duplicate the good work of others who write better than I. Allow me to refer you to this tutorial on Linux Permissions. You’ll need to read it if you don’t understand what we’ve done so far. Go ahead, we’ll be here when you get back. You might want to bookmark the home page of that website if you find yourself lost already in Linux. The author covers a lot of basics in very simple explanations.
For now, I want you to learn how to do this in the GUI. If you click the “Home” icon on your desktop, you get a window reminiscent of the ancient Windows 95 default. If you like that, fine, but it won’t help you learn much about maintaining your own file collection. So in the open window, go to the Edit menu, and select Preferences, the last item. You should see a configuration dialog with many tabs at the top. In the first tab, hit the drop-down box where it says “Icon view” and change it to “List view.” I recommend you checkmark “Show hidden and backup files.” On the Behavior tab, checkmark “Always open in browser windows.” My personal preference is also to select the radio button for single-click, because I like my file browser to act like a web browser; everything is a link which requires only one click. Finally, go to the “List columns” tab and add a checkmark to the box at “Permissions.”
Hit the “Close” button; the choices are automatically saved. Now close the file manager window. Open it again, and the changes should have been applied. Of the far right side of each line you see those permissions again. Right click on any item, folder or file, and click “Properties” at the bottom. Click on the “Permissions” tab and you get a detailed management page for the item in question. You’ll see the labels explaining all that stuff you saw in your Terminal window. Change those permissions and it changes what shows up in the file browser window in that permissions column on the far right. Note: All folders must be marked with the “execute” bit for you, or you can’t see what’s inside.
You’ll discover if you transfer any files from a FAT file system (like thumb drives or memory sticks), NTFS (the current Windows default), or most backup CDs, every file has all the execute bits set. That’s how Linux interprets Windows default file settings. It’s not a big problem in every case, but it does conflict with the Linux defaults. When copying files from those other media into your Home folder or anywhere else on your Linux machine, be aware of this. If the file is not supposed to be an executable script or binary, change those permissions to take away the execute bit (but not on folders). It’s laborious if you have a lot of files, but it’s just one of those things.
Now, about ownership: You’ll notice the files belong to you as your username, listed twice. That’s because there is the user as a person, and you belong to a group by the same name. You may have picked up on that from the tutorial I linked above. The root account can change ownership of any file, but you get to set group membership for any group your user account belongs to.
Linux and Unix folks will gravely warn you about messing around too much while logged in as root. On your system, root owns everything, and can delete the entire system with just a few keystrokes. So we protect our root access with hard passwords and don’t use the root login except when necessary. Never connect to the outside Net as root unless absolutely necessary, as this exposes your machine to someone else using some unknown security hole to masquerade as root on your machine.
In the last lesson, we copied a bunch of codec files into the library file system. Those files are still owned by your user account. It’s a low-level security threat to leave them that way, among other things. You could accidentally delete them from your user account. Suppose you were online and someone managed to use one of those as-yet undiscovered security holes, and grabs control of your system using your user account. They will have only your user account’s permissions to do things. Those files are not protected. As a standard practice, anything which is used by the system should belong to root. Let’s fix that situation.
Open the Terminal and login as root. Then execute this command:
chown -R root:root /usr/lib/codecs/
That’s change ownership, using the -R
switch for recursively (diving down into the folder and everything inside it), to make root the owner of all those codec files we moved there.
One final note. We got those files from a standard source in the Linux world. Unless someone packages them for your particular Linux version, that’s the way to get them. Right now, no one makes an RPM for RHEL 6 containing those codecs. If they did, we might be able to download and use that RPM file, and all would be well. But you should avoid adding multiple third-party repositories. ATrpms does things one way, and the others do things differently. If you add other repos which cover the same kind of packages, there will surely be conflicts, and Yum won’t be able to resolve them. Most of those third-party repos don’t work together, at least not very well, because the people who run them won’t, for whatever reason. If you use ATrpms, you might be able to take individual packages from other places, but even that could be dicey. It’s the nature of the beast.