Welcome to
The DFN Weekly

Server Secrets

By

Old Tom

OT Scripts

Part One:
Remembering the Mid 20th Century

As your web business grows bigger and bigger, you will probably need to begin using other peoples' software. You might install a shopping cart, or use a gallery page builder... but sooner or later, you'll have to learn more about scripts and files.

Have you ever had a "permissions problem" with your unix/linux server? That's what I'm here to explain.

Well, no, that's not quite true. I'm here to explain several Server Secrets. The "permissions problem" is only one of those secrets. Unfortunately, this stuff is incredibly boring. We're not talking plain boring here... we're talking sadistically boring. But, if you survive the experience, you may never have to ask for help with your server again.

For our purposes, unix and linux mean the same thing. If you are on a unix-like server, this essay applies to you. FreeBSD, Red Hat, Slackware, Linux, Solaris, all refer to flavors of unix.

I am not here to teach you unix. I am here to help you survive unix as a webmaster.

File Ownership
Let's start with perhaps the trickiest concept of all - file ownership. I'm sure you're too young to recall this, but back in the mid 20th century, there was something known as a typewriter. A typewriter typically had one owner - that is, any specific typewriter was only used by one person.

In the same way, your laptop or desktop computer is probably a single-user machine. You don't need to worry about working around or interfering with somebody else's files. You might worry about people snooping, but that's a different issue. Generally speaking, each person has his or her own personal computer.

There was, of course, a gap between everyone (or everyone's secretary) having a typewriter, and everyone having their own personal computer. We had computers, but they were shared. On a small to medium scale, we had departmental computers. Each person had their own account. Same computer, different accounts, just like your local bank. That's how we kept things separate.

That's when unix came to be. Unix evolved on medium-sized computers, in universities and research laboratories. Same computer, different accounts. Therefore, the idea of ownership became extremely important. Every file, every transaction is owned by somebody, and who that somebody is, makes a difference as to how that transaction is handled.

Again, think about how things happen at your local bank. Every dollar, every coin - and most certainly every ball point pen - is owned by somebody, and in every case it's completely clear who that somebody is. You have an account number; other people have an account number, and those numbers do not get mixed up. Keeping those account ownerships separate is a fundamental part of the system.

In the same way, different bank employees can do different things. At my bank, the lady at the information desk can handle non-cash transactions such as depositing my MaxCash payout check. But only the teller can handle a wire transfer.

DFN Main ........................ Page 1
The 411 Zone .................. Page 2
Wenchy's World .............. Page 3
This Weeks Tutorial ......... Page 4
NPOW ............................ Page 5
SE Noodles ..................... Page 6
Newbie Sandbox .............. Page 7
The Back Page ................ Page 8
The DFN Top Dogs .......... Page 9
The DFN Weekly ........... Ad Rates

Unix is built around that same kind of environment. Even if you have a unix machine all to yourself, you still have to deal with the same concepts of file ownership. Perhaps you have a dedicated server; you are the only one on the whole server. But, the concept remains. You need to deal with file ownership.

Do you recall I mentioned that unix is based on departmental computing? I can think of no reason whatsoever for you to care about that fact. Even so, that fact does make a difference to you!

The files on my unix account are owned by me. That makes sense, right? The same concept applies to your server. When you upload your files, you specify your ftp user name. Your uploaded files are owned by that ftp user name. That is, your files are owned by you. When you deposit money into your own account at the bank, the money is owned by you.

So, on unix, there are a number of different user accounts. Each account has its own files - and thus different files are owned by different users.

However, on unix, a user is also part of a group. Back in the late 20th century, different departments wanted to keep their stuff away from the other departments, but share things among themselves. For example, in the following file list: 

drwxr-xr-x 4 oldtom users 4096 Mar 30 19:24 .
drwx------ 5 oldtom users 4096 Mar 30 19:20 ..
drwx--x--x 2 oldtom users 4096 Mar 30 19:23 cgi-bin
-rw-r--r-- 1 oldtom users    8 Mar 30 19:21 .htaccess
-rw-r--r-- 1 oldtom users  747 Mar 30 19:21 index.html
-rw-r--r-- 1 oldtom users   32 Mar 30 19:23 main.html
drwxrwxrwx 2 oldtom users 4096 Mar 30 19:24 members

the files are owned by user oldtom, but the files are also part of group users. In unix there are three levels of access: user, group, and others. In the above example, the file owner may update index.html (oldtom has read and write permission), and everyone else (both members of the same group, and others) has read permission.

In the next section, you'll begin to realize why this is important!

File Permissions
Caveat. This does not come anywhere close to being a complete explanation of unix file permissions. We are only covering the basics you need to deal with your server!

Unix file permissions are Read, Write, and Execute, abbreviated r, w, and x. The lack of a certain type of permission is shown with a dash. So, rwx means read, write and execute permission, and rw- means read and write permission but not execute.

"Directory" means the same thing as "folder." However, with unix they're always called directories. How do you know if it's a directory or an ordinary file? On the file listing, there will be a d in the left margin just before the file permissions list. In the above example, the first three items are directories, and the last item is a directory. A dash means it's a plain file. Anything other than d or - means your ftp program might get confused.

Unix directory permissions look the same as file permissions, but they are not the same! Directories have r, w, and x permission just like files... but r, w, and x don't mean the same thing! Unfortunately, this means we need to look at r, w, and x one item at a time.

Continued on: Page 8

The DFN Weekly Staff
Jojasa ... Chief Editor - Wingnut ... Asst. Editor
Weekly Contributors
Voltar, Old Tom, LadyB, PastaBoy, Widearea
VNWR Staff
Voltar ... President - Old Tom ... Vice President
Jojasa ... Vice President - LadyB ... Vice President
  Next Page

©2002 VNWR. All rights reserved.