Archive for March, 2006

FOSE Review

0

So yesterday a coworker came up to me and asked if I wanted to go to FOSE- I have a vague idea it was a government tech convention, but that’s about it. Since I have a Gov’t ID badge, I was able to get in for free.

So Cris(the boss), David and Terrance went into DC in search of the washington DC convention center. It should be noted that this is not the MCI Center, Metro Center, or the Verizon Center- it’s a completely generic convention center with a completely generic name. Makes it fun to track down when you see signs pointing to “Convention Center” but not specifying which one.

We got off in china town and then proceeded to walk a long distance down 7th street from G to L St.- I didn’t think it was too bad, but Cris wasn’t too happy. We got there, got though the registration process, and found it- it was huge- filled this giant 50 foot tall basement that was like a city block in size. The other three made a B-line to the Advocent booth because we’re getting ready to implement/look into a setup they had on display. Looked sorta cool, but it wasn’t my cup of tea, so I ran off. I checked out pretty much the entire thing, but since it was 3 hours before shutdown on the last day, it was very dull. Very few free goodies.

I did manage to snag a copy Linux Journal archive from 1994-2003, an Ubuntu Disc and an Open Suse disc. Ran into a decent guy working the Tux.org booth- I’ll call him the Ubuntu Kid because he was very tall and scrawny, entirely too excited to run into another linux geek, and loved ubuntu. We talked for a while, then I asked him about other open source booths- he took me over to the redhat booth where he picked on the redhat lady. He kept saying things like “I don’t think I could use Fedora because it still uses those nasty RPMs,” “Have you ever heard of CentOS?” and “You should really try ubuntu.” I’m sure she found it annoying and childish, but I was plenty amused. She gave me a redhat pen before I stumbled off to find my coworkers.

Afterwards, we hit this pub/bar type place and we got a big thing of uber nachos, and I got a club sandwich. Boy was that Chili on the nachos angry at me last night.

All in all, it was pretty boring actually, but it was nice to have been to one. Perhaps next time I can go the first or second day to get better goodies, or go to another expo/convention alltogether.

Debian Stable maintainer quit…

2

My friend k_f sent me a link containing the resignation of the debian stable maintainer. I can completely see where he’s coming from- the Debian crowd seems to have collected all of the antisocial jerks over the years. I sent him the following letter of support:

Hi there, I caught your post to the debian team’s mailing list from a friend (http://lists.debian.org/debian-devel-announce/2006/03/msg00008.html ).

As a former debian user, I wanted to let you know I fully support you. There is a large segement of the debian crowd that has their heads firmly up their asses. It’s not often that someone from the inside calls them on it.

My experience with “debian snobbery” was with some kde ugliness in the migration to kde 3.x from kde 2.x. I found a problem with one of the dependencies on a package, and when I asked someone to verify it, I was bluntly told “debian doesn’t have dependency problems.” I was then berated by mwilson for 20 minutes before I said screw you all and downloaded a Gentoo ISO. I’ve been using Gentoo for almost 3 years now, and I gotta tell you it’s one of the best moves I’ve made.

The debian community as a whole is aloof, snobby, and generally unhelpful and rude. I’d suggest finding another distro- I’m sure ubuntu or mepis would gladly accept you- heck, even the gentoo guys would, although I suspect there’d be a bit of a learning curve for you.

You’re gonna get a lot of shit over the next few days, and I figured a positive email would help. Release your hate, your hubris, your ego, and snobbery, (however small they may be), and find a new distro to work with. The community as a whole needs you, even if those ungrateful asshats don’t realize it. Give them a good shake on the way out.

-Jesse (morgajel)

Useful Utility: chown

2

Since I covered chmod last week, I figured I should touch upon chown this week. chown is infinitely less complex than chmod because you don’t have to worry about actual permissions. chown is mainly used by root, but I suppose it could be used by others as well, although it will happen much less often.

chown can change the owner and group of a file or files.

Standard usage goes something like this

 $ chown morgajel:svngroup samplefile

You can check to make sure changes took by using

 $ ls -l samplefile

Much like chmod, you can use -c to show changes, -v for verbose and -f for quiet. There’s also the -R recursive flag, which works in a similar fashion, but it has several related flags that can be used in conjunction.

One interesting feature of chown is how it handles symbolic links when working recursively- the default behavior is not to traverse and just ignore them. If you use the -H in conjunction with -R, it will traverse the command line argument if it’s a symbolic link. In other words

 $ ls -l mywww
  lrwxrwxrwx  1 morgajel users 9 Mar  9 10:08 mywww -> /var/www
  $ chown bob   -R -H ~/mywww

will recursively change the files in /var/www, but not symbolic links located IN that location. This behavior differs from -L flag used in conjunction with -R, which will traverse ALL symbolic links encountered.

This can be useful to know if you need to change ownership of an entire directory structure and it’s full of symbolic links to other places.

One interesting flag I found is the conditional –from=user:group flag. It is appended to any other chown command and will only change the file if it meets the condition of having a particular user and/or group. This little tidbit could save you a couple lines of shell scripting down the road- I could see it being useful on rare occasions.

The last flag of interest is the –reference=file flag, where you can reference a file and use it’s user and group to set the target file without explictly stating it. Not incredibly useful, but interesting nonetheless.

Sort of a lame article, I know, but the midi stuff has been keeping me busy.

Spam and Ham

1

I finally got around to modifying the sa-stats script k_f gave me- it now works on my setup of postfix+gentoo+spamd.

I unzipped, cat’ed and parsed my logs for the last 7 days and came up with the following stats:

Total messages:      Ham:       Spam:      % Spam:
--------------------------------------------------
572                  196        376        65.73%

Average spam score  : 20.04/6.00
Average ham score   : -9.04/6.00

Username:            Total:     Ham:       Spam:      % Spam:
------------------------------------------------------------
                     572        196        376        65.73%

Username:            Avg. ham score:      Avg. spam score:
------------------------------------------------------------
                     -9.04/6.00           20.04/6.00

I knew I recieved a lot of spam, but this is stupid. I buy stuff online, but I purposfully avoid buying anything mentioned in spam. Spam doesn’t work on me- in fact, it has the opposite effect- I ignore their products. Now some spam, from buy.com, ticketmaster or whatever, I understand because they I’ve bought from them before. Their emails are annoying, but I know for a fact that they haven’t sold my email address (I use buy.com as my username for my email address at morgajel.com and it automagically gets back to me.)

I’m annoyed, but I can understand it. It’s not caught by my filter. The stuff that IS caught? Utter crap. 65% of my incoming mail is utter crap. Like someone found a way to digitize horse shit and place it in my inbox.

These people are annoying; they’re scum of the earth. What they do serves no purpose other than greed. What we need is public lynching of spammers. I hate that there are people in the world who don’t get that this is pure bullshit; and worse is that the spammers defend what they’re doing- they think it’s legitimate! They honestly believe that. It makes me lose more faith in humanity.

Before I finish up, I’d just like to pass a word to the spammers that are listening- I’m not going to purchase OEM software. I don’t care how good of a deal you have on it, it just ain’t gonna happen. Quit trying to sell me XP, it’s a lost cause.

ok, rant over.

M-Audio Oxygen (O2) Midi Controller

0

As I mentioned previously, I picked up a midi controller. I’ve recently gotten midi on my sound card to work. now I want to get this beast of a keyboard working before I chuck it out the window. Here’s my current setup:

  • Running Gentoo
  • Running 2.6.15-r1 kernel from gentoo-sources
  • using alsa drivers that came with the kernel
  • all other alsa packages are 1.0.10
  • using http://alsa.opensrc.org/USBMidiDevices as a guide
  • using version 1.2 of the usb midi firmware loader: http://sourceforge.net/projects/usb-midi-fw/

I seem to be hitting a rough spot when connecting the controller:

Mar  6 23:28:19 draccus kernel: midi: probe of 1-2.4:1.0 failed with error -5

that error: -5 scares me. I traced it back to an conflict between the legacy OSS usb_midi and the alsa snd-usb-audio modules. I thought I needed both, since usb-midi makes /dev/midi work, and the articles are saying I need snd-usb-audio. It turns out they are mutually exclusive, or at least should be.

draccus ~ # aconnect -i
client 0: 'System' [type=kernel]
0 'Timer           '
1 'Announce        '
client 64: 'Audigy MPU-401 (UART)' [type=kernel]
0 'Audigy MPU-401 (UART)'
32 'Audigy MPU-401 #2'
client 72: 'USB O2' [type=kernel]
0 'USB O2 MIDI 1   '

See that last line? SUCCESS! But, we’re not working yet. I also found out after my latest reboot that asfxload no longer likes 65:0 as an output. and yes, it still shows up in aconnect with the same ID numbers. I don’t know if it’s related to a working midi keyboard or not. Whatever- the good news is it no longer needs the -D 65:0 to load soundbanks- I found this one out myself. Make sure you load it with -v 100 as well for full volume- this is independent of the slider in alsamixer, for some stupid-ass reason.

asfxload --verbose=255 \ 
        /mnt/dvd/Audio/Common/SFBank/CT4MGM.SF2   -v 100

now install kaconnect yeah, I know I’m springing an install on you at the last minute- I just don’t know how to do this any other way. using that, click in the USB input in the left column and the first emu10k1 wavetable entry (or whatever you’re using) and click connect.

Now press the Keyboard.

I got sound!
only about 1/2 of the top controls work, so be forwarned that you’ll have to do a little digging. to get it operable. Once I get it all working, I’m gonna tear it apart and get it working on jackie’s computer with my soundcard.

but first, I still need to get it working in noteedit/rosegarden.

Painless.

2

I caught a security notice about wordpress and decided to take the plunge and upgrade to 2.0.1. After the crap with midi I put up with this weekend, I wasn’t too fond of messing with anything. I bit the bullet and went through with it tho, and the result was painless. I’m using webapp-config and virtual hosts, so there was a bit of an extra step:

  • emerge –ask –oneshot –verbose “>=www-apps/wordpress-2.0.1”
  • webapp-config -U -h morgajel.net -d wordpress wordpress 2.0.1

when this ran smoothly, I loaded up the page and noticed some errors in the sidebar. I loaded the site admin section, thinking I could find out more here when I was greeted with a “You have to upgrade the database” message. I clicked next, expecting a long complex process that was going to make me curse like a sailor. Instead I’m greeted with a “well, there was really only one step. you’re all done!” message.

Everything seems to be working great now. Not too fond of the new ‘write post’ interface, but I’ll get used to it. If this article works, it’ll be my first successful posting with WP 2.x

Teh Win: Linux Midi

0

Well, right before I ran out the door for work this morning, I managed to capture the ever-elusive “win”. not just any win, but “Teh Win.”

morgajel@draccus ~ $ aconnect -o
client 64: 'Audigy MPU-401 (UART)' [type=kernel]
    0 'Audigy MPU-401 (UART)'
   32 'Audigy MPU-401 #2'
client 65: 'Emu10k1 WaveTable' [type=kernel]
    0 'Emu10k1 Port 0  '
    1 'Emu10k1 Port 1  '
    2 'Emu10k1 Port 2  '
    3 'Emu10k1 Port 3  '

While there are 6 devices listed, the important one is “Emu10k1 Port 0”, otherwise known as 65:0
You see, the other devices are clever ruses by a soundcard that refuses to be tamed.

Here is EXACTLY what I did.

  1. I loaded firmware with asfxload –verbose=255 /mnt/dvd/Audio/Common/SFBank/CT4MGM.SF2 -D 65:0
  2. I started kmid
  3. I set kmid to use emu10k1 Port 0
  4. I loaded ff2.mid and hit play.

two seconds later, the world was alive with the synthetic cello playing a song from my childhood.

Joyous days.

now, the sonfofabitch is, I’ve done this exact same process over 100 times with differing variables. Today’s differing variable? That SPECIFIC soundfont.

I’m going to double check tonight, but in my rush before work it seemed like the .bnk files that came with gentoo *didn’t work*.

I verified that /mnt/dvd/Audio/Common/Media/Sndfont/Tabla.SF2 works as well, but it sound like straight percussion.

Either way, Midi work- real midi from the soundcard wavetable.

Now, the Midi keyboard is all that stands in my way.

This Week’s 10 Minutes of Hate: Linux Midi

107

Midi- oh, how do I loathe thee? Let me count the ways…

I’ve never liked midi, it’s fabricated, boring, hollow existence bothers me whenever I hear it, yet I am currently at it’s mercy. Linux may be ahead of other operating systems in many respects, but for some reason, midi support seems to have been completely passed over.

One of my side projects right now is writing a CD. a useful tool for writing a CD is a Piano. Since I do not own/have room for a piano, I decided to purchase a midi controller to attach to my computer. After careful research, went down to Guitar Center and picked up the second cheapest one I could find- the M-Audio Oxygen. It only has 25 keys, but I figure, hey I only got 10 digits. Even if I was to get my toes into the act, I’d have 5 keys to spare!

So anyways, I honestly have been planning on getting one for almost a year. I got it home and found the joy of trying to get it to work with Linux. Since my onboard soundcard was a piece of crap, I had problems getting midi to work in general. I got fed up and went and spent ANOTHER $80 to pick up a new sound card- another purchase i’ve been planning on. I got an Creative Soundblaster Audigy 4, which I was told had reasonable recording capabilities, hardware midi sequencer and reasonable linux support…

“Reasonable” is a funny word- it’s completely subjective. If a dung beetle came up and offered you a plate and said “hey man, eat up, this is good shit,” You’d probably realize he meant well, but still decline the plate full of feces. Taste, much like beauty, is in the eye of the beholder. So back to my reasonable support. After a bit of battling, I was able to get regular playback working- as an added bonus, I can now turn down the bass on my subwoofer so the neighbors don’t hate me. Midi, however, is still out of my grasp.

“They” were partially right. There’s lots of documentation. on all the various versions of the audigy (except of course mine), on different distributions, some using alsa, some using oss, finding different problems, using different versions of everything. No one person has anything remotely close to my setup from what I can tell- Audigy 4 + Gentoo + M-Audio Oxygen midi controller + ALSA. In other words, hundreds of pages of crap to sort through and very little of it useful by itself. I don’t blame the linux community for this, I blame the lazy manufacturers who refuse to help and make us end up doing it for them. It sucks and it pisses me off.

So anyways, I have three goals-

  1. get midi playback working, so I can listen to ff2.mid
  2. get my keyboard working so can input into the program called “noteedit”
  3. figure out what part, if any, this remote and IR tower have in this.

Getting Midi to Work

Here’s an idea of where I’m at now.

draccus ~ # aconnect -o
client 64: 'Audigy MPU-401 (UART)' [type=kernel]
    0 'Audigy MPU-401 (UART)'
   32 'Audigy MPU-401 #2'
client 65: 'Emu10k1 WaveTable' [type=kernel]
    0 'Emu10k1 Port 0  '
    1 'Emu10k1 Port 1  '
    2 'Emu10k1 Port 2  '
    3 'Emu10k1 Port 3  '

draccus ~ # aconnect -i
client 0: 'System' [type=kernel]
    0 'Timer           '
    1 'Announce        '
client 64: 'Audigy MPU-401 (UART)' [type=kernel]
    0 'Audigy MPU-401 (UART)'
   32 'Audigy MPU-401 #2'

draccus ~ # lsmod
Module                  Size  Used by
snd_seq_midi            6752  0
snd_emu10k1_synth       6912  0
snd_emux_synth         35840  1 snd_emu10k1_synth
snd_seq_virmidi         5952  1 snd_emux_synth
snd_seq_midi_emul       6592  1 snd_emux_synth
snd_pcm_oss            47264  0
snd_mixer_oss          16832  1 snd_pcm_oss
snd_seq_oss            33920  0
snd_seq_midi_event      5888  3 snd_seq_midi,snd_seq_virmidi,snd_seq_oss
snd_seq                49936  8 snd_seq_midi,snd_emux_synth,snd_seq_virmidi,snd_seq_midi_emul,snd_seq_oss,snd_seq_midi_event
snd_emu10k1           118500  1 snd_emu10k1_synth
snd_rawmidi            20704  3 snd_seq_midi,snd_seq_virmidi,snd_emu10k1
snd_seq_device          7244  7 snd_seq_midi,snd_emu10k1_synth,snd_emux_synth,snd_seq_oss,snd_seq,snd_emu10k1,snd_rawmidi
snd_ac97_codec         92320  1 snd_emu10k1
snd_pcm                80904  3 snd_pcm_oss,snd_emu10k1,snd_ac97_codec
snd_timer              21444  3 snd_seq,snd_emu10k1,snd_pcm
snd_ac97_bus            1792  1 snd_ac97_codec
snd_page_alloc          8456  2 snd_emu10k1,snd_pcm
snd_util_mem            3328  2 snd_emux_synth,snd_emu10k1
snd_hwdep               7328  2 snd_emux_synth,snd_emu10k1
snd                    50596  16 snd_seq_midi,snd_emux_synth,snd_seq_virmidi,snd_pcm_oss,snd_mixer_oss,snd_seq_oss,snd_seq_midi_event,snd_seq,snd_emu10k1,snd_rawmidi,snd_seq_device,snd_ac97_codec,snd_pcm,snd_timer,snd_util_mem,snd_hwdep
audio                  44608  0
quickcam               73316  0
videodev                7360  1 quickcam
wacom                  13632  0
nvidia               4084560  12
usb_midi               22148  0
soundcore               7648  3 snd,audio,usb_midi
usbhid                 31648  0

I’ve used afxload to load my sf2 soundbank. I believe this has worked correctly.

I can open kmid and play ff2.mid, but no sound comes out. the little virtual keyboards flicker and play, but no sound. I’ve doublechecked and the “synth” slider in kmix/alsamixer/etc is at full volume.

Getting the midi Keyboard to Work

I figure this can wait till we get the rest of midi working, but I’ve found when it’s hooked up via usb, /dev/midi and /dev/midi00 will both output characters when catted and the keyboard is pressed. This means usb-linux is working, but it’s still not recognized by alsa. I believe I also have to load some type of firmware into it, but I’m a little fuzzy on that part.

draccus ~ # cat /dev/midi
þþþþþþþþ;2;;B;;B;;?

IR Tower and Remote

The soundcard came with a remote and USB IR tower. the remote is a Creative RM-1500.
One of the posts on this page about ALSA, audigy and emu10k1 seemed to imply midi wouldn’t work until the IR tower was fixed. Check out the ” Sunday, 29 February 2004″ post for more info.

If anyone has any questions/comments/help/ explicit directions, I’d be very greatful. I just checked my history in firefox and I have over 100 articles that I’ve read and 34 google searches. I’m running out of steam.

BTW, big thanks to the guys of #alsa and K_F for helping me get as far as I got- if I seem frustrated, it’s because I am 🙂

Update 1

Alright, so after letting my subconcious work on the problem last night, I’ve come up with a plan of attack. what’s really hurting me on this is a lack of knowledge revolving around my hardware and alsa, so I’m going to do a bit of reading up about alsa today. I’ve come up with the following troubleshooting goals:

Identify a path that I can troubleshoot- how can I make sure asfxload is working? How can I verify Synth volume is up? what comes next? what needs to be there?

I should note that Timidity is up and running, and I can use it to verify that yes, synth volume is reasonable.

I guess the next step is to verify that soundfonts are being loaded.

Useful Utility: chmod

0

Chmod is a utility used for changing permissions. It is fairly well known, and doesn’t have a lot of obscure flags, which makes it an odd choice for this series. I’m including it because it seems like the most logical way to touch on linux file permissions, which can be the bane of new linux user. Let me cover permissions first, then we’ll move on to chmod.

Simple Permissions

(I’m only touching on “simple” permissions because they’re difficult enough to grasp without throwing in super user and stickey bits, or attributes like immutable.)

Every file has three types of simple permissions: Read, Write and Execute. Each file also has three types of users: the (u)ser, (g)roup, and (o)thers. Each of these groups has each of these permissions, resulting in a total of 9 simple permissions (there’s also a 10th one that determines what type of file you’re dealing with at the front of the line). When you type “ls -l filename” at the command line, you can see these permissions:

morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
-rwxr-xr--  1 morgajel users 984 Feb 27 13:01 foo.pl

The file permissions are the first 10 characters.

  file type     user     group     others
       -             rwx        r-x          r--

Permissions will always be listed in this order- user, group,others. They’ll also be in the order or read,write,execute for each of those groups. A permission is active when the corresponding character is shown, and inactive when a dash appears. The above permissions show this is a regular file, and the user (morgajel) has read, write and execute permissions. The group that it belongs to (users) have read and execute permissions. Everyone else (others) have only read permissions.

Permissions for directories are a bit different than regular files- they control who has access to view and write to their contents. This is a bit out of the scope of what I intended to write (and I’m a tiny bit fuzy on the edges myself), so for the sake of simplicity, I won’t touch on them (for now). I encourage you to explain it if you have a firm grasp yourself and can provide sources.

So all your files have these wonderful permissions, but how do we change them? Well, there are two ways- symbolic and numeric. The simplest is with symbolic, but as you continue you’ll learn to use both.

Symbolic Permissions

Suppose in the file above, we want to block other users from reading the file. to do this, we need to remove the read permission from (o)thers on foo.pl

morgajel@FCOH1W-8TJRW31 ~/docs $ chmod o-r foo.pl
morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
-rwxr-x---  1 morgajel users 984 Feb 27 13:01 foo.pl

we use the symbols o-r to signify “subtract read from others.” Suppose we also want to remove read and execute permissions from the group that this file is in?

morgajel@FCOH1W-8TJRW31 ~/docs $ chmod g-rx foo.pl
morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
-rwx------  1 morgajel users 984 Feb 27 13:01 foo.pl

See, we can stack them up like that. We can stack user groups as well: go+r, guo+rwx, and gu-rx are all acceptable. It’s worth noting that you can also use the equals sign (example: oga=rx) to explicitly set permissions. On top of this, rather than writing “ugo”, you can use “a”, which stands for “all”.

morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
----------  1 morgajel users 984 Feb 27 13:01 foo.pl
morgajel@FCOH1W-8TJRW31 ~/docs $ chmod a+rx foo.pl
morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
-r-xr-xr-x  1 morgajel users 984 Feb 27 13:01 foo.pl

The problem you run in to during all of this is setting complex permissions. Suppose you want to change from -r-xr-xr-x to -rw-r-x-r– ? I don’t know of a way to do it symbolically (although there might be and I just don’t know it).

Numeric Permissions

Think about those 9 original permissions again:

-rwxr-xr--  1 morgajel users 984 Feb 27 13:01 foo.pl

Ignore the file type in the beginning of that line, you have 3 groups of 3.

 rwx      r-x      r--

Now, the fact that they use the letters r, w and x are just visual cues- Instead of letters, imagine them being placeholders in contrast to nothing- permissions are either on, or off.

 ###      #_#      #__

Now we’re going to make a bit of a logical jump. What we end up with are 3 three-digit binary numbers; all the digists are either On (#) or Off (_). The highest you can count in binary with three digits is 7(if you start at 0). The bad news is you/re about to learn to count to 7 in binary. The good news is it’s very easy.

0   ___     000
1   __#     001
2   _#_     010
3   _##     011
4   #__     100
5   #_#     101
6   ##_     110
7   ###     111

Now lets look at those permissions again and convert them from symbols to placeholders to binary to regular digits:

 rwx      r-x      r--
 ###      #_#      #__
 111      101      100
  7        5        4

Now lets try setting a file with now permissions to have the permissions above.

morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
----------  1 morgajel users 984 Feb 27 13:01 foo.pl
morgajel@FCOH1W-8TJRW31 ~/docs $ chmod 754 foo.pl
morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
-rwxr-xr--  1 morgajel users 984 Feb 27 13:01 foo.pl

The most common numbers you’ll use are the following:

7 most permissions you can give: read, write and execute
7 read and write, used on personal documents
5 read an execute, but no write access- often given to scripts so other users can run them
4 read only, used on system documents
0 nothing: you get no access

Using Chmod

We’ve seen the basis of how chmod works, but what fun things can we do with it? Well, there’s the -R flag which changes permissions recursively. The -c flag lists the changes that are actually made for each file:

morgajel@FCOH1W-8TJRW31 ~/docs $ chmod 750 -c foo.pl
mode of `foo.pl' changed to 0750 (rwxr-x---)

The -v flag lists ALL changes that are attempted for each file. The -f flag hides all mesages, which can also be done with the more obvious –silent or –quiet.

It should be noted that Users can only set the permissions they have access to; for example, Bob can change the permissions on files that Bob owns, but not on files that Joe owns. Root can of course change any permissions and even write to unwritable files.

An interesting note is that a file set to 007 will allow others to read, write and execute, but not the user or group that it belongs to- in other words, permissions don’t stack.

The 10th Permission

Remember that leading – on our permissions? I referred to it as the file type. Well, here’s a more complete explination. There are several types of files:

  • – = regular file
  • d = directory
  • l = symbolic link
  • s = socket
  • p = named pipe
  • c = character (unbuffered) device file special
  • b = block (buffered) device file special

Regular files and directories are the most common types you’ll run into, followed by symbolic. These are all beyond the scope of this document (yet again), but I will mention this- Symbolic link files will always have their permissions set to 777 (rwxrwxrwx).

Advanced Permissions

Remember how I said the r, w and x in “rwxr-xr–” were just placeholders, and didn’t hold any meaning? well, that was partly true. there are 3 special “optional” flags that can be used. The first one is the Stickey bit, often showing up as a T in the (o)ther’s execute space. This tells the kernel to keep a copy of this executable in swap space so it’ll run without incurring the delay of loading it from the harddrive the next time around. It’s rare to see it, but when you do, it’ll look like this:

morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l foo.pl
---------T  1 morgajel users 984 Feb 27 13:01 foo.pl

Next up are the setuserid (SETUID) and setgroupid (SETGID) bits. There are actually two- one for groups and one for users. When the group SETGID bit is set, anyone who runs this program will execute it as if they’re a member of whatever group the file belongs to. If the user SETUID bit is set, the program will run as if it’s being run by the user it belongs to.

morgajel@FCOH1W-8TJRW31 ~/docs $ ls -l myprogram*
---x--Sr-x  1 morgajel webdevs 984 Feb 27 13:01 myprogram1
---S--xr-x  1 morgajel webdevs 984 Feb 27 13:01 myprogram2

For example, if bob was to execute the myprogram1 file, it would execute with webdevs’ group permissions, perhaps granting it access to files bob otherwise might not be able to get to. If he were to run myprogram2, it would execute as if morgajel was running it. These bits can be useful with applications like cdrecord, where the program needs low level access to hardware. They do pose a security risk however- an insecure program can result in a malicious user getting permission to files they otherwise wouldn’t be able to.

Be wary when using the SETUID and SETGID bits, and use them sparingly.

I think that covers a good majority of what you need to know to use chmod. Later on I’ll go into umask, chown and file attributes. If you have anything to add, feel free to include it below.

Go to Top