The command below will find any file whose  permission
exactly  matches  read,  write, and execute access for user,
and read and execute access for group and other:
and change the permission to 750.

Please note: -print gives you a short listing of the file:

::

find . -perm u=rwx,g=rx,o=rx -print -exec chmod 750 {} \;
find . -perm u=rwx,g-w,o-w -exec chmod 750 {} \;

Please note: -ls gives you a long listing of the file:

::

find . -perm u=rwx,g=rx,o=rx -ls -exec chmod 750 {} \;
find . -perm u=rwx,g=rx,o=rx -exec chmod 750 {} \;

En esta Oportunidad les Traigo una recopilación de lo q yo concidero son los comandos más, utiles, importantes y usados tanto en Ubuntu como en muchas otras distros linux

• Adduser: Se utiliza para añadir un usuario.

Uso: adduser <nombreusuario>

• Alias (este esta bien explicado en un post anterior)
  

Uso: alias nombrequeledamos=’comando’

• apt-get install nombredelprograma =  instala el paquete.

• apt-get remove nombredelprograma = Borra el paquete. Con la opción –purge borra tambien la configuración del paquete instalado.

• apt-get update = Actualiza la lista de paquetes disponibles para instalar.

• apt-get upgrade  = Instala las nuevas versiones de los diferentes paquetes disponibles.

• cd = Cambia el directorio.

Uso: cd nombredirectorio

Continuar leyendo el resto de comandos:

• chmod: Cambia los permisos de los archivos.

r:lectura w:escritura x:ejecución
+: añade permisos -:quita permisos
u:usuario g:grupo del usuario o:otros
Uso: chmod permisos nombrearchivo

• chown: Cambia el propietario de un archivo.

Uso: chown <nombrepropietario> <nombrearchivo>

• cp:Copia archivos en el directorio indicado.

Uso: cp archivoorigen archivodestino

• deluser: Elimina una cuenta de usuario

Uso: deluser <nombreusuario>

• exit: Cierra las ventanas o las conexiones remotas establecidas

• fsck: Sirve para chequear si hay errores en nuestro disco duro.

Uso: fsck -t <fs_typo> <dispositivo>

• ftp: Protocolo de Transferencia de Archivos, permite transferir archivos de y para computadores remotos.

Uso: ftp <maquina_remota>

• grep: Su funcionalidad es la de escribir en salida estándar aquellas líneas que concuerden con un patrón. Busca patrones en archivos.

grep: grep <patronabuscar> <nombrearchivos>

• ifconfig: Obtener información de la configuración de red

• kill: Termina un proceso

Uso: kill numeroPID

• ls:Lista los archivos y directorios dentro del directorio de trabajo.

• make: Crea ejecutables a partir de los archivos fuente.

• man: muestra el manual de un programa o comando si este esta disponible

Uso: man <nombredelcomando>

• mkdir: Crea un nuevo directorio.

Uso: mkdir nombredirectorio

• mount: Monta una unidad.

Uso: mount -t< sistema_de_archivo> <dispositivo> <nombredirectorio>

• mv: Este comando sirve para renombrar un archivo.

Uso: mv <nombrearchivo> <nuevonombrearchivo>

• netstat:Muestra las conexiones y puertos abiertos por los que se establecen las comunicaciones.

• poweroff: Apaga el ordenador.

• ps: Muestra información acerca de los procesos activos.

• rlogin: Conecta un host local con un host remoto.

Uso: rlogin <maquina_remota>

• rm: Remueve o elimina un archivo.

Uso: rm <rutaynombrearchivo>

• rmdir: Elimina el directorio indicado, el cual debe estar vacío.

Uso: rmdir nombredirectorio

• sudo o su: Con este comando accedemos al sistema como root.

• umount: Desmontar unidades montadas anteriormente

Uso: umount <nombredirectorio>

• wc:Cuenta los caráteres, palabras y líneas del archivo de texto.

Uso: wc nom_archivo

• whereis: Devuelve la ubicación del archivo especificado, si existe.

Uso: whereis nomb_archivo

Larga vida a la consola!!

I’ve allways struggled with how the linux permissions work. Recently i had another one of those times where i had to change a folders permission recursively so, once again, i googled it. The 5th result is a Google Code University Lab which actually explained it in a way i could get.

This post is a simple sumary of the lab.

When you do an ls -l on your console you will see something like the following

drwxr-xr-x. 2 sapiens sapiens 4096 2009-10-19 14:20 Desktop
drwxr-xr-x. 2 sapiens sapiens 4096 2009-10-07 23:55 Documents
-rwxr-xr-x. 3 sapiens sapiens 4096 2009-11-05 18:42 myStuff.txt

If you look at the start of the line you will notice a bunch of letters, they are actually 10 of them. At first when you are getting into linux these will seem like gibberish to you and you will basicly ignore them, but when you need to actually change the folders permissions you might want to try and learn how to read them.

The letters on that text means the following :

• d – directory;
• r – read granted;
• w – write granted;
• x - execute granted;
• - – Not granted.

Tha piece of text can be divided in 4 groups (1st group composed of the first caracther, then 3 groups of 3 characters each) :

1. first letter states wether the file is a folder or not (if it has a ‘d’ its a directory);
2. the next 3 letters states the permissions for the file Owner
3. The next 3 letters states the permissions for the Group
4. the last 3 letters states the permissions for Everyone

So you’ve learned how to read it, but how do you change it well basicly you will be using chmod for that (just man it). As for the arguments you can either write the whole text for the given file or use the short hand.The following table shows you how to use short hand version to give permissions:

Note: The above table was directly taken from the google lab, it also presents a good way to remember this table

In order to change a files permission you would write a 3 digit number, using the table above,  that defines the permissions for the groups mentioned above (owner, group, everyone else) for instance:

• 644 would change a file/folder pemission to be read-only to everyone but the owner which would have full permissions
• 755 (probably one of the most used) would make the file executable and readable to everyone and full permissions to the file owner.

External Links :

• Google Code Lab – Linux Ownership and Permissions Lab

Appena ho installato CheckGmail e’ sorta l’esigenza di far accendere il LED blu del portatile che notifica la ricezione di una nuova email. Ero abituato a quando il file dove inserire lo zero e l’uno – a seconda si volesse spegnere o accendere il LED – era posizionato in /proc/acpi/asus/mled. Invece e’ cambiato.

Prima bastava inserire in uno script (o nell’apposito form di un programma come nel caso di CheckGmail):

echo 0 > /proc/acpi/asus/mled

per spegnere o:

echo 1 > /proc/acpi/asus/mled

per accendere il LED.

Ho notato invece che ora il percorso e’ /sys/class/leds/asus::mail/ e il file non e’ mled ma brightness. Quindi le due righe di prima diventano:

echo 0 > /sys/class/leds/asus::mail/brightness

e

echo 1 > /sys/class/leds/asus::mail/brightness

State attenti che molto probabilmente il vostro file brightness ha i permessi in scrittura solo per l’utente root, mentre per gli altri ha solo i permessi in lettura. Ovviamente dobbiamo estendere a tutti il permesso in scrittura per poter inserire lo zero o l’uno a seconda del caso. Avevo gia’ scritto come funzionano e come cambiare i permessi ai file e alle directory.

Apriamo un terminale, spostiamoci nella directory giusta:
$ cd /sys/class/leds/asus\:\:mail/
controlliamo i permessi:
$ ls -l

[...]
-rw-r--r-- 1 root root 4096  9 nov 08:48 brightness
[...]

Diamo dunque questo comando:
# chmod a+w brightness
controlliamo se i permessi sono stati assegnati correttamente:
$ ls -l

[...]
-rw-rw-rw- 1 root root 4096  9 nov 08:48 brightness
[...]

Tenete presente che al riavvio del sistema i permessi verranno ripristinati. Quindi, o ripetiamo questa operazione ogni volta, oppure la facciamo fare in automatico. Per farla in automatico apriamo il file rc.local:
# nano /etc/rc.local
e inseriamo questo prima di exit 0:

---8<---
chmod a+w /sys/class/leds/asus::mail/brightness
---8<---

Perfetto.

Ora possiamo utilizzare quel file tranquillamente, facciamo subito una prova dal terminale:
$ echo 1 > /sys/class/leds/asus\:\:mail/brightness
e il LED dovrebbe ora essere acceso.

Spegniamolo con:
$ echo 0 > /sys/class/leds/asus\:\:mail/brightness
e andiamo a sistemarci CheckGmail e visto che ci siamo anche Thunderbird.

CHECKGMAIL – Apriamo le preferenze di CheckGmail e cerchiamo due form, il primo e’ “Comando da eseguire per le nuove mail“, qui ci inseriamo:

echo 1 > /sys/class/leds/asus\:\:mail/brightness

poi il campo subito sotto “Comando da eseguire quando non ci sono mail“, dove invece inseriremo:

echo 0 > /sys/class/leds/asus\:\:mail/brightness

Date l’OK e avete finito. Ogni volta che vi arrivera’ un’email al vostro account Gmail e CheckGmail lo rilevera’, ve lo comunichera’ con l’accensione del LED del vostro portatile oltre alla normale notifica a Desktop.

THUNDERBIRD/ICEDOVE – Adesso vediamo come far fare la stessa cosa anche con Thunderbird. Il modo piu’ semplice e’ quello di scaricarvi l’apposito add-ons. Si chiama Thunderled, scaricatelo e installatelo con la solita procedura di Thunderbird: Strumenti > Componenti aggiuntivi > Installa…

Una volta installato Thunderled dovete cercarlo nel vostro HD. Trovandosi in una directory nascosta, quando aprite il vostro gestore di file e directory (Nautilus, Konqueror, Thunar, o altro) dovete rendere visibili i file e le directory nascoste con [Ctrl] + [h].

Andiamo ora alla ricerca del file che ci serve, solitamente lo trovate in /home/UTENTE/.mozilla-thunderbird/BLABLABLA.default/extensions/

A questo punto vi trovate varie directory {BLABLABLA-BLABLABLA-BLABLABLA} tante quante sono le estensioni del vostro Thunderbird. Se Thunderled e’ stata l’ultima estensione ad essere installata con tutta probabilita’ la directory giusta e’ l’ultima. Per esserne certi apriamo la directory e leggiamo il file chrome.manifest.

Una volta accertato di trovarci nella giusta directory spostiamoci nella sottodirectory chrome. Troveremo il file thunderled.jar, che nonostante l’estensione e’ un semplice file ZIP. Dunque rinominiamolo (thunderled.zip) ed estraiamolo. Otterremo tre directory, entriamo in content/thunderled e apriamo il file overlay.js col nostro editor di testo.

Cerchiamo queste righe:

[...]
else{
        file.initWithPath("/bin/sh");
        if(x==1)
                var args = ["-c","echo 1 \> /proc/acpi/asus/mled"];
        else
                var args = ["-c","echo 0 \> /proc/acpi/asus/mled"];
        }
        var process = Components.classes["@mozilla.org/process/util;1"].createInstance(Components.interfaces.nsIProcess);
        process.init(file);
        process.run(false, args, args.length);
        }
[...]

e sostituiamole con queste:

---8<---
else{
        file.initWithPath("/bin/sh");
        if(x==1)
                var args = ["-c","echo 1 \> /sys/class/leds/asus::mail/brightness"];
        else
                var args = ["-c","echo 0 \> /sys/class/leds/asus::mail/brightness"];
        }
        var process = Components.classes["@mozilla.org/process/util;1"].createInstance(Components.interfaces.nsIProcess);
        process.init(file);
        process.run(false, args, args.length);
        }
---8<---

Salvate ed uscite. Adesso dovete ricreare l’archivio thunderled.zip e rinominarlo in thunderled.jar.

Finito. Da ora in poi ogni volta che Thunderbird scarichera’ una nuova email vi si accendera’ il LED del portatile.

[^] torna su | post<li> | 

Sapete bene che GNU/Linux – come un qualunque sistema unix-like – permette un ottimo controllo dei vari aspetti del software e dell’hardware (nei limiti di liberta’ di quest’ultimo). Ma questo puo’ avvenire solo se i dati sono espressi in file (grazie al filesystem). Ogni file ha un utente proprietario, puo’ avere un gruppo associato e dei permessi. Questi permessi ovviamente sono modificabili, come modificabile e’ il proprietario e il gruppo [1]. Vediamo come fare[.]

Il magico strumento che ci consente di cambiare i permessi e’ chmod, leggete il manuale:
$ man chmod

Ora portatevi da terminale in una qualunque directory e scrivete quanto segue:
$ ls -l
l’opzione l consente di mostrare permessi e l’utente di file e directory, ad esempio:

totale 30944
drwxr-xr-x 2 luca luca     4096  6 ott 08:37 Statistiche
-rw-r--r-- 1 luca luca 19736596 documento-regione.pdf
[...]

Come potete vedere nell’elenco (tagliato) c’e’ una directory (Statistiche) e un file (documento-regione.pdf) entrambi di proprieta’ dell’utente luca. La lettera d indica che si tratta di una directory, ma cio’ che ci interessa e’ il seguito, abbiamo dunque rwxr-xr-x per la directory e -rw-r–r– per il file.

Possiamo dividere in tre gruppi di permessi:

+------------------------------------------------+
| utente proprietario |    gruppo   |    altro   |
|---------------------|-------------|------------|
| -rwx------          |  ----rwx--- | -------rwx |
+------------------------------------------------+

esattamente in quest’ordine. La lettera w significa permesso di scrittura, la lettera r permesso di lettura e la lettera x permesso di esecuzione. Tornando all’esempio, l’utente proprietario ha permesso di lettura scrittura ed esecuzione per la directory, permesso di lettura e scrittura per il file Pdf.

Il metodo piu’ semplice dell’utilizzo di chmod e’ attraverso le lettere. Quindi se ad esempio volessimo dare il permesso di lettura e scrittura su un file all’utente proprietario, dovremmo dare questo comando:
$ chmod u+rw file
se volessimo dare il permesso di esecuzione, lettura e scrittura su un file al gruppo:
$ chmod g+rwx file
se volessimo dare il permesso di lettura su un file agli altri:
$ chmod o+r file

Se su un file vogliamo dare permesso di lettura a tutti:
$ chmod ugo+r file

Tenete conto che questi comandi sono aggiuntivi, non esclusivi. Dunque se l’utente proprietario ha il permesso di lettura e noi diamo questo comando:
$ chmod u+w file
l’utente proprietario avra’ sia il permesso di lettura (che aveva prima) sia il permesso di scrittura che abbiamo appena aggiunto. Se vogliamo che i permessi che diamo siano esclusivi, dobbiamo (ad esempio, ci sono anche altri modi) prima togliere completamente tutti i permessi su quel file, e lo dobbiamo fare da utente root:
# chmod a-rwx file
solo dopo possiamo dare i permessi a chi vogliamo, ad esempio permesso di lettura e scrittura al proprietario (ne’ il gruppo ne’ gli altri avranno alcun permesso su quel file):
# chmod u+rx file

Ovviamente possiamo anche togliere un determinato permesso a un utente/gruppo/altri. Anziche’ il piu’ dobbiamo mettere il segno meno. Se ad esempio vogliamo togliere il permesso di scrittura su un file agli altri, dovremmo dare questo comando:
$ chmod o-w file

Oltre alle lettere, possiamo vedere i permessi in ottali:
0 = nessun permesso (-);
1 = esecuzione (x);
2 = scrittura (w);
3 = 2 + 1 = scrittura ed esecuzione (wx);
4 = lettura (r);
5 = 4 + 1 = lettura ed esecuzione (rx);
6 = 4 + 2 = lettura e scrittura (rw);
7 = 4 + 2 + 1 = lettura, scrittura ed esecuzione (rwx).

I permessi da dare attraverso chmod in ottali e’ rappresentato da una terna di numeri (in realta’ quattro, ma il primo e’ uno 0 e lo possiamo omettere), ogni singolo numero della terna rappresenta i permessi per un utente. La terna di numeri ABC rappresenta dunque i permessi dati a utente proprietario (A), gruppo (B) e altri (C). Un esempio sara’ senz’altro piu’ chiaro.

Se vogliamo dare il permesso di lettura scrittura ed esecuzione su un file per il proprietario, di lettura e scrittura per il gruppo e di sola lettura per gli altri, dovremmo dare questo comando:
$ chmod 764 file
se agli altri non volessimo dare alcun permesso su quel file il comando sara’ questo:
$ chmod 760 file
per le varie combinazioni basta guardare la tabellina che ho scritto sopra.

Poniamo ad esempio che i permessi di un dato file siano questi (-rw-r--r--), tradotto in ottale avremo (644). Se vogliamo togliere il permesso di lettura al gruppo e agli altri e togliere il permesso di scrittura al proprietario basta scrivere:
$ chmod 400 file
per ripristinare i permessi come prima basta scrivere:
$ chmod 644 file

Se anziche’ su un singolo file volessimo agire su tutti i file contenuti nella directory, dando permesso di lettura, scrittura ed esecuzione a tutti, il comando sara’:
$ chmod -R 777 directory/
se vogliamo cambiare i permessi solo alla directory (lettura scrittura ed esecuzione al proprietario; esecuzione e lettura al gruppo; esecuzione e scrittura agli altri):
$ chmod 753 directory/

Se vogliamo cambiare i permessi di un file di cui non siamo proprietari, o facciamo login con l’utente proprietario o usiamo l’utente root. Utilizzare chmod da root e’ comunque un’operazione da fare con molta attenzione per evitare spiacevoli conseguenze.

Se vogliamo dare il permesso di lettura, scrittura ed esecuzione al solo utente proprietario, lasciando il gruppo e gli altri senza alcun permesso, il comando sara’:
# chmod 700 file
in realta’ sarebbe piu’ corretto il comando:
# chmod 0700 file
ma lo zero come prima cifra si puo’ omettere, anzi, tutte le lettere mancanti a partire da sinistra vengono considerate come 0. Quindi un ipotetico permesso 5 su un file, significa che utente proprietario e gruppo non hanno nessun permesso, mentre gli altri hanno il permesso di lettura ed esecuzione.

Possiamo anche cambiare l’utente proprietario di un file, col comando chown, se ad esempio il file documento.pdf e’ di proprieta’ dell’utente franco, ma voglio farlo diventare di luca (il file non franco), daro’ questo comando (da root ovviamente):
# chown luca documento.pdf

Posso anche farlo per un’intera directory e i file in essa contenuti:
# chown luca -R directory

Se vogliamo invece cambiare il gruppo, usiamo il comando chgrp:
# chgrp uffriscossioni documento.pdf
Possiamo anche cambiare sia l’utente sia il gruppo proprietari del file:
# chown luca:uffstat documento.pdf

Il comando chmod puo’ essere inserito all’interno di uno script in bash per semplificare determinate operazioni ricorsive. Ad esempio con questo script possiamo con un unico comando dare permessi diversi ai file rispetto alle directory, ad esempio il comando:
$ chmodr go-wx g-w
toglie il permesso di scrittura ed esecuzione al gruppo e agli altri sui file, e toglie il permesso di scrittura sulla directory al gruppo.

Ovviamente per usare il comando chmodr dovete copiare lo script sul file che chiameremo chmodr.sh e renderlo eseguibile (come ormai dovreste saper fare):
$ chmod a+x chmodr.sh

[1] ATTENZIONE: evitate di giocare con i permessi, pena l’incasinamento di file importanti e forse l’esplosione del Pianeta Terra. Nel caso facciate casini di piccole dimensioni, sappiate che generalmente i permessi per i file sono impostati a 640 e per le directory a 750, pero’ quando si fanno casini li si fa su file e directory diverse (directory e file con permessi a 700 trasformate in 600 ad esempio) [^]

[^] torna su | post<li> | 

If you’ve written a shell script, there are a couple of things you need to do before you can execute it from the terminal command line. First change the permissions:

chmod 755 filename

and then make it executable:

chmod +x filename

If your on a Mac, you can also add an extension that will execute the file by double-clicking:

filename.command

Hope this helps…

Hola a todos.

Combinando la informacion de tres paginas web, vamos a:
1) Buscar nuevos tipos de letras (TTF) para nuestro linux (Ubuntu, en mi caso).
2) Instalarlas en nuestro ordenador
3) Hacer un reloj digital, con el tipo de letra que acabamos de instalar.

Nota importante: darle las gracias a los autores de las paginas a las que me voy a referir.

Pasamos a hacerlo:
1) Buscar nuevos tipos de letras:
http://fonts500.com/
Desde aqui podemos descargarnos la que mas nos guste. Por ejemplo: ALLSTAR, pulsamos sobre ella y nos saldra el cuadro de guardar:

La extraemos en una carpeta que crearemos nueva llamada fuentes:

Otras direcciones para obtener tipos de letras:
http://www.letramania.com/index.htm
http://www.fontreactor.com/
http://recursosgratis.com/fuentesgratis/
http://www.creamundo.com/

2) Instalar el nuevo tipo de letra:
En la direccion http://nideaderedes.urlansoft.com/2006/11/14/instalar-nuevos-tipos-de-letras-en-ubuntu/, nos explican como instalar tipos de letras ttf, la que nos hemos descargado es de ese tipo.

Crearemos (si no esta creado) esta carpeta font-install en /usr/share/fonts/truetype/ :

sudo mkdir -p /usr/share/fonts/truetype/font-install


Crearemos un archivo llamado “instalador”, (por ejemplo con el Editor de textos gedit), pegaremos el siguiente código:
#!/bin/bash
#
# This script helps to install fonts
#
# Set your default font storage directory here
##DEFAULT_DIR="$HOME/fonts"
DEFAULT_DIR=`pwd`
# Set the default font installation directory here
DEFAULT_DEST="/usr/share/fonts/truetype/font-install"
# Don't edit anything below unless you know what you're doing.
echo "¿En qué directorio están las fuentes?"
echo -n "[$DEFAULT_DIR] "
read DIR
echo
echo "¿Cuál es la extensión (sin el punto) de las fuentes? (ojo, no es lo mismo ttf que TTF)"
echo -n "[ttf] "
read EXT
echo
echo "¿Dónde instalo las fuentes?"
echo "¡NO CAMBIES ESTO A NO SER QUE SEPAS LO QUE HACES!"
echo -n "[$DEFAULT_DEST] "
read DEST
if [ -z "$DIR" ]; then
DIR="$DEFAULT_DIR"
fi
if [ -z "$EXT" ]; then
EXT="ttf"
fi
if [ -z "$DEST" ]; then
DEST="$DEFAULT_DEST"
fi
sudo -v
if [ $? != 0 ]; then
echo "Imposible conseguir los privilegios necesarios. Saliendo..."
echo -n "Press to continue. "
read WER
exit $?
fi
echo
echo
if [ ! -d "$DIR" ]; then
echo "El directorio $DIR no existe. Saliendo..."
echo -n "Press to continue. "
read SDF
exit 2
fi
if [ ! -d "$DEST" ]; then
echo "El directorio $DIR no existe. Saliendo..."
echo -n "Press to continue. "
read DFG
exit 1
fi
echo "Copiando fuentes..."
cd "$DIR"
for i in *."$EXT"; do
sudo cp -iv "$i" "$DEST"
done
echo
echo
echo "Actualizando la caché de fuentes..."
sudo fc-cache -fv
if [ $? != 0 ]; then
echo "Error actualizando la caché de fuentes. Tus fuentes no se han instalando correctamente. Prueba a ejecutar sudo fc-cache -fv manualmente. Saliendo..."
echo -n "Pulsa para salir. "
read FSF
exit $?
fi
echo
echo
echo "Proceso terminado."
echo
echo "Probablemente necesitarás reiniciar los programas que están en marcha para poder usar estas fuentes."
echo -n "Pulsa para salir. "
read WERT
exit 0

Lo guardamos en la carpeta fuentes,con el nombre de instalador

lo haremos ejecutable:
chmod +x instalador
y lo ejecutaremos:
.\instalador
pulsamos ENTER cada vez que nos pregunte algo. Obtendremos una salida tal como esta:

$ ./instalador
¿En qué directorio están las fuentes?
[/home/uno/fuentes] (PULSA ENTER)
¿Cuál es la extensión (sin el punto) de las fuentes? (ojo, no es lo mismo ttf que TTF)
[ttf] (PULSA ENTER)
¿Dónde instalo las fuentes?
¡NO CAMBIES ESTO A NO SER QUE SEPAS LO QUE HACES!
[/usr/share/fonts/truetype/font-install] (PULSA ENTER)
Copiando fuentes...
«All Star Resort.ttf» -> «/usr/share/fonts/truetype/font-install/All Star Resort.ttf»
Actualizando la caché de fuentes...
/usr/share/fonts: caching, new cache contents: 0 fonts, 3 dirs
/usr/share/fonts/X11: caching, new cache contents: 0 fonts, 6 dirs
/usr/share/fonts/X11/100dpi: caching, new cache contents: 0 fonts, 0 dirs
/usr/share/fonts/X11/75dpi: caching, new cache contents: 0 fonts, 0 dirs
/usr/share/fonts/X11/Type1: caching, new cache contents: 43 fonts, 0 dirs
/usr/share/fonts/X11/encodings: caching, new cache contents: 0 fonts, 1 dirs
/usr/share/fonts/X11/encodings/large: caching, new cache contents: 0 fonts, 0 dirs
/usr/share/fonts/X11/misc: caching, new cache contents: 0 fonts, 0 dirs
/usr/share/fonts/X11/util: caching, new cache contents: 0 fonts, 0 dirs
/usr/share/fonts/truetype: caching, new cache contents: 2 fonts, 19 dirs
/usr/share/fonts/truetype/arphic: caching, new cache contents: 4 fonts, 0 dirs
/usr/share/fonts/truetype/font-install: caching, new cache contents: 1 fonts, 0 dirs
/usr/share/fonts/truetype/freefont: caching, new cache contents: 12 fonts, 0 dirs
/usr/share/fonts/truetype/latex-xft-fonts: caching, new cache contents: 7 fonts, 0 dirs
/usr/share/fonts/truetype/openoffice: caching, new cache contents: 1 fonts, 0 dirs
/usr/share/fonts/truetype/sazanami: caching, new cache contents: 2 fonts, 0 dirs
/usr/share/fonts/truetype/thai: caching, new cache contents: 51 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-arabeyes: caching, new cache contents: 39 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-bengali-fonts: caching, new cache contents: 5 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-bitstream-vera: caching, new cache contents: 10 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-dejavu: caching, new cache contents: 21 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-indic-fonts-core: caching, new cache contents: 11 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-kannada-fonts: caching, new cache contents: 7 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-lao: caching, new cache contents: 1 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-liberation: caching, new cache contents: 12 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-oriya-fonts: caching, new cache contents: 2 fonts, 0 dirs
/usr/share/fonts/truetype/ttf-telugu-fonts: caching, new cache contents: 2 fonts, 0 dirs
/usr/share/fonts/truetype/unfonts: caching, new cache contents: 4 fonts, 0 dirs
/usr/share/fonts/truetype/wqy: caching, new cache contents: 2 fonts, 0 dirs
/usr/share/fonts/type1: caching, new cache contents: 0 fonts, 1 dirs
/usr/share/fonts/type1/gsfonts: caching, new cache contents: 35 fonts, 0 dirs
/usr/share/X11/fonts: skipping, no such directory
/usr/local/share/fonts: caching, new cache contents: 0 fonts, 0 dirs
/home/uno/.fonts: skipping, no such directory
/usr/share/fonts/truetype/ttf-malayalam-fonts: skipping, no such directory
/var/cache/fontconfig: cleaning cache directory
/home/uno/.fontconfig: cleaning cache directory
/home/uno/.fontconfig: invalid cache file: 63a4f2800cb770cfbf6fd5bd92ba9af9-x86.cache-2
fc-cache: succeeded
Proceso terminado.
Probablemente necesitarás reiniciar los programas que están en marcha para poder usar estas fuentes.
Pulsa para salir.


Con todo esto ya tendremos instalada el nuevo tipo de letra.

3) Hacer un reloj digital, con el tipo de letra que acabamos de instalar.
En la pagina: http://gambaslinux.wordpress.com/2007/12/11/%C2%BFcomo-construir-un-reloj-digital/
nos explican como hacer un reloj digital.
Una vez realizado lo que nos cuentan, en la etiqueta1, vamos a cambiar el tipo de letra:

Y ejecutamos el código obtenemos nuestro reloj digital con el tipo de letra “ALLSTAR”:

Bueno, espero que os haya gustado esta combinación de información de varias paginas web, y de nuevo darle las gracias a los autores de las paginas a las que me he referido, sin ellas no hubiera podido hacerlo.

Saludos, Julio

VSFTPD (very secure ftp daemon) adalah salah satu ftp daemon yang biasa dipakai pada mesin berbasiskan UNIX. VSFTPD mendukung berbagai fitur diantaranya:

• Virtual IP configurations
• Virtual users
• Standalone or inetd operation
• Powerful per-user configurability
• Bandwidth throttling
• Per-source-IP configurability
• Per-source-IP limits
• IPv6
• Encryption support through SSL integration

info lebih lanjut menegenai vsftpd bisa dilihat di http://vsftpd.beasts.org/#about.

FTP sendiri merupakan singkatan dari File Transfer Protocol. FTP merupakan sebuah aplikasi yang berguna untuk transfer file antar komputer yang terhubung jaringan.

Instalasi dan konfigurasi di sini saya lakukan dalam mesin dengan Sistem Operasi FreeBSD.

INSTALASI

Saya memilih instalasi melalui  ports. Pertama pastikan vsftpd ada di koleksi port anda. Saya melengkapi koleksi port melalui sysinstall. pilih configure -> distribution -> ports collection.

Masuk ke /usr/ports/ftp/vsftpd

#cd /usr/ports/ftp/vsftpd

#make

jika jaringan anda terdapat firewall, sebelum make setting proxy dulu

#setenv HTTP_PROXY http://username:password@proxy.anda.com:3128

#setenv FTP_PROXY http://username:password@proxy.anda.com:3128

ganti sesuai username, password (jika ada), alamat proxy, port proxy

cek user nobody jika belum ada tambahkan

mengecek user

#vipw

menambah user ‘nobody’

#pw useradd nobody

jika anda ingin membuat anonymous FTP, pastikan anda memiliki direktori /usr/ftp, jika belum

#mkdir /usr/ftp

tambahkan user ftp

#pw useradd ftp -d /usr/ftp

atur ownership

#chown -R root:wheel /usr/ftp

#chmod -R 755 /usr/ftp

pastikan juga ada direktori /usr/ftp/incoming, kemudian

#chown -R ftp:ftp /usr/ftp/incoming

#chmod -R 755 /usr/ftp/incoming

install vsftpd, pastikan anda berada di /usr/ports/ftp/vsftpd

#make install clean

KONFIGURASI

edit /usr/local/etc/vsftpd.conf

boolean options

allow_anon_ssl

Only applies if ssl_enable is active. If set to YES, anonymous users will be allowed to use secured SSL connections.Default: NO

anon_mkdir_write_enable

If set to YES, anonymous users will be permitted to create new directories under certain conditions. For this to work, the option write_enable must be activated, and the anonymous ftp user must have write permission on the parent directory.Default: NO

anon_other_write_enable

If set to YES, anonymous users will be permitted to perform write operations other than upload and create directory, such as deletion and renaming. This is generally not recommended but included for completeness.Default: NO

anon_upload_enable

If set to YES, anonymous users will be permitted to upload files under certain conditions. For this to work, the option write_enable must be activated, and the anonymous ftp user must have write permission on desired upload locations. This setting is also required for virtual users to upload; by default, virtual users are treated with anonymous (i.e. maximally restricted) privilege.Default: NO

anon_world_readable_only

When enabled, anonymous users will only be allowed to download files which are world readable. This is recognising that the ftp user may own files, especially in the presence of uploads.Default: YES

anonymous_enable

Controls whether anonymous logins are permitted or not. If enabled, both the usernames ftp and anonymous are recognised as anonymous logins.Default: YES

ascii_download_enable

When enabled, ASCII mode data transfers will be honoured on downloads.Default: NO

ascii_upload_enable

When enabled, ASCII mode data transfers will be honoured on uploads.Default: NO

async_abor_enable

When enabled, a special FTP command known as “async ABOR” will be enabled. Only ill advised FTP clients will use this feature. Additionally, this feature is awkward to handle, so it is disabled by default. Unfortunately, some FTP clients will hang when cancelling a transfer unless this feature is available, so you may wish to enable it.Default: NO

background

When enabled, and vsftpd is started in “listen” mode, vsftpd will background the listener process. i.e. control will immediately be returned to the shell which launched vsftpd.Default: NO

check_shell

Note! This option only has an effect for non-PAM builds of vsftpd. If disabled, vsftpd will not check /etc/shells for a valid user shell for local logins.Default: YES

chmod_enable

When enabled, allows use of the SITE CHMOD command. NOTE! This only applies to local users. Anonymous users never get to use SITE CHMOD.Default: YES

chown_uploads

If enabled, all anonymously uploaded files will have the ownership changed to the user specified in the setting chown_username. This is useful from an administrative, and perhaps security, standpoint.Default: NO

chroot_list_enable

If activated, you may provide a list of local users who are placed in a chroot() jail in their home directory upon login. The meaning is slightly different if chroot_local_user is set to YES. In this case, the list becomes a list of users which are NOT to be placed in a chroot() jail. By default, the file containing this list is /etc/vsftpd.chroot_list, but you may override this with the chroot_list_file setting.Default: NO

chroot_local_user

If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.Default: NO

connect_from_port_20

This controls whether PORT style data connections use port 20 (ftp-data) on the server machine. For security reasons, some clients may insist that this is the case. Conversely, disabling this option enables vsftpd to run with slightly less privilege.Default: NO (but the sample config file enables it)

debug_ssl

If true, OpenSSL connection diagnostics are dumped to the vsftpd log file. (Added in v2.0.6).Default: NO

delete_failed_uploads

If true, any failed upload files are deleted. (Added in v2.0.7).Default: NO

deny_email_enable

If activated, you may provide a list of anonymous password e-mail responses which cause login to be denied. By default, the file containing this list is /etc/vsftpd.banned_emails, but you may override this with the banned_email_file setting.Default: NO

dirlist_enable

If set to NO, all directory list commands will give permission denied.Default: YES

dirmessage_enable

If enabled, users of the FTP server can be shown messages when they first enter a new directory. By default, a directory is scanned for the file .message, but that may be overridden with the configuration setting message_file.Default: NO (but the sample config file enables it)

download_enable

If set to NO, all download requests will give permission denied.Default: YES

dual_log_enable

If enabled, two log files are generated in parallel, going by default to /var/log/xferlog and /var/log/vsftpd.log. The former is a wu-ftpd style transfer log, parseable by standard tools. The latter is vsftpd’s own style log.Default: NO

force_dot_files

If activated, files and directories starting with . will be shown in directory listings even if the “a” flag was not used by the client. This override excludes the “.” and “..” entries.Default: NO

force_anon_data_ssl

Only applies if ssl_enable is activated. If activated, all anonymous logins are forced to use a secure SSL connection in order to send and receive data on data connections.Default: NO

force_anon_logins_ssl

Only applies if ssl_enable is activated. If activated, all anonymous logins are forced to use a secure SSL connection in order to send the password.Default: NO

force_local_data_ssl

Only applies if ssl_enable is activated. If activated, all non-anonymous logins are forced to use a secure SSL connection in order to send and receive data on data connections.Default: YES

force_local_logins_ssl

Only applies if ssl_enable is activated. If activated, all non-anonymous logins are forced to use a secure SSL connection in order to send the password.Default: YES

guest_enable

If enabled, all non-anonymous logins are classed as “guest” logins. A guest login is remapped to the user specified in the guest_username setting.Default: NO

hide_ids

If enabled, all user and group information in directory listings will be displayed as “ftp”.Default: NO

implicit_ssl

If enabled, an SSL handshake is the first thing expect on all connections (the FTPS protocol). To support explicit SSL and/or plain text too, a separate vsftpd listener process should be run.Default: NO

listen

If enabled, vsftpd will run in standalone mode. This means that vsftpd must not be run from an inetd of some kind. Instead, the vsftpd executable is run once directly. vsftpd itself will then take care of listening for and handling incoming connections.Default: YES

listen_ipv6

Like the listen parameter, except vsftpd will listen on an IPv6 socket instead of an IPv4 one. This parameter and the listen parameter are mutually exclusive.Default: NO

local_enable

Controls whether local logins are permitted or not. If enabled, normal user accounts in /etc/passwd (or wherever your PAM config references) may be used to log in. This must be enable for any non-anonymous login to work, including virtual users.Default: NO

lock_upload_files

When enabled, all uploads proceed with a write lock on the upload file. All downloads proceed with a shared read lock on the download file. WARNING! Before enabling this, be aware that malicious readers could starve a writer wanting to e.g. append a file.Default: YES

log_ftp_protocol

When enabled, all FTP requests and responses are logged, providing the option xferlog_std_format is not enabled. Useful for debugging.Default: NO

ls_recurse_enable

When enabled, this setting will allow the use of “ls -R”. This is a minor security risk, because a ls -R at the top level of a large site may consume a lot of resources.Default: NO

mdtm_write

When enabled, this setting will allow MDTM to set file modification times (subject to the usual access checks).Default: YES

no_anon_password

When enabled, this prevents vsftpd from asking for an anonymous password – the anonymous user will log straight in.Default: NO

no_log_lock

When enabled, this prevents vsftpd from taking a file lock when writing to log files. This option should generally not be enabled. It exists to workaround operating system bugs such as the Solaris / Veritas filesystem combination which has been observed to sometimes exhibit hangs trying to lock log files.Default: NO

one_process_model

If you have a Linux 2.4 kernel, it is possible to use a different security model which only uses one process per connection. It is a less pure security model, but gains you performance. You really don’t want to enable this unless you know what you are doing, and your site supports huge numbers of simultaneously connected users.Default: NO

passwd_chroot_enable

If enabled, along with chroot_local_user , then a chroot() jail location may be specified on a per-user basis. Each user’s jail is derived from their home directory string in /etc/passwd. The occurrence of /./ in the home directory string denotes that the jail is at that particular location in the path.Default: NO

pasv_addr_resolve

Set to YES if you want to use a hostname (as opposed to IP address) in the pasv_address option.Default: NO

pasv_enable

Set to NO if you want to disallow the PASV method of obtaining a data connection.Default: YES

pasv_promiscuous

Set to YES if you want to disable the PASV security check that ensures the data connection originates from the same IP address as the control connection. Only enable if you know what you are doing! The only legitimate use for this is in some form of secure tunnelling scheme, or perhaps to facilitate FXP support.Default: NO

port_enable

Set to NO if you want to disallow the PORT method of obtaining a data connection.Default: YES

port_promiscuous

Set to YES if you want to disable the PORT security check that ensures that outgoing data connections can only connect to the client. Only enable if you know what you are doing!Default: NO

require_cert

If set to yes, all SSL client connections are required to present a client certificate. The degree of validation applied to this certificate is controlled by validate_cert (Added in v2.0.6).Default: NO

require_ssl_reuse

If set to yes, all SSL data connections are required to exhibit SSL session reuse (which proves that they know the same master secret as the control channel). Although this is a secure default, it may break many FTP clients, so you may want to disable it. For a discussion of the consequences, see http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html (Added in v2.1.0).Default: YES

run_as_launching_user

Set to YES if you want vsftpd to run as the user which launched vsftpd. This is useful where root access is not available. MASSIVE WARNING! Do NOT enable this option unless you totally know what you are doing, as naive use of this option can create massive security problems. Specifically, vsftpd does not / cannot use chroot technology to restrict file access when this option is set (even if launched by root). A poor substitute could be to use a deny_file setting such as {/*,*..*}, but the reliability of this cannot compare to chroot, and should not be relied on. If using this option, many restrictions on other options apply. For example, options requiring privilege such as non-anonymous logins, upload ownership changing, connecting from port 20 and listen ports less than 1024 are not expected to work. Other options may be impacted.Default: NO

secure_email_list_enable

Set to YES if you want only a specified list of e-mail passwords for anonymous logins to be accepted. This is useful as a low-hassle way of restricting access to low-security content without needing virtual users. When enabled, anonymous logins are prevented unless the password provided is listed in the file specified by the email_password_file setting. The file format is one password per line, no extra whitespace. The default filename is /etc/vsftpd.email_passwords.Default: NO

session_support

This controls whether vsftpd attempts to maintain sessions for logins. If vsftpd is maintaining sessions, it will try and update utmp and wtmp. It will also open a pam_session if using PAM to authenticate, and only close this upon logout. You may wish to disable this if you do not need session logging, and you wish to give vsftpd more opportunity to run with less processes and / or less privilege. NOTE – utmp and wtmp support is only provided with PAM enabled builds.Default: NO

setproctitle_enable

If enabled, vsftpd will try and show session status information in the system process listing. In other words, the reported name of the process will change to reflect what a vsftpd session is doing (idle, downloading etc). You probably want to leave this off for security purposes.Default: NO

ssl_enable

If enabled, and vsftpd was compiled against OpenSSL, vsftpd will support secure connections via SSL. This applies to the control connection (including login) and also data connections. You’ll need a client with SSL support too. NOTE!! Beware enabling this option. Only enable it if you need it. vsftpd can make no guarantees about the security of the OpenSSL libraries. By enabling this option, you are declaring that you trust the security of your installed OpenSSL library.Default: NO

ssl_request_cert

If enabled, vsftpd will request (but not necessarily require; see require_cert)acertificateonincomingSSLconnections.Normallythis should not cause any trouble at all, but IBM zOS seems to have issues. (New in v2.0.7).Default: YES

ssl_sslv2

Only applies if ssl_enable is activated. If enabled, this option will permit SSL v2 protocol connections. TLS v1 connections are preferred.Default: NO

ssl_sslv3

Only applies if ssl_enable is activated. If enabled, this option will permit SSL v3 protocol connections. TLS v1 connections are preferred.Default: NO

ssl_tlsv1

Only applies if ssl_enable is activated. If enabled, this option will permit TLS v1 protocol connections. TLS v1 connections are preferred.Default: YES

strict_ssl_read_eof

If enabled, SSL data uploads are required to terminate via SSL, not an EOF on the socket. This option is required to be sure that an attacker did not terminate an upload prematurely with a faked TCP FIN. Unfortunately, it is not enabled by default because so few clients get it right. (New in v2.0.7).Default: NO

strict_ssl_write_shutdown

If enabled, SSL data downloads are required to terminate via SSL, not an EOF on the socket. This is off by default as I was unable to find a single FTP client that does this. It is minor. All it affects is our ability to tell whether the client confirmed full receipt of the file. Even without this option, the client is able to check the integrity of the download. (New in v2.0.7).Default: NO

syslog_enable

If enabled, then any log output which would have gone to /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility.Default: NO

tcp_wrappers

If enabled, and vsftpd was compiled with tcp_wrappers support, incoming connections will be fed through tcp_wrappers access control. Furthermore, there is a mechanism for per-IP based configuration. If tcp_wrappers sets the VSFTPD_LOAD_CONF environment variable, then the vsftpd session will try and load the vsftpd configuration file specified in this variable.Default: NO

text_userdb_names

By default, numeric IDs are shown in the user and group fields of directory listings. You can get textual names by enabling this parameter. It is off by default for performance reasons.Default: NO

tilde_user_enable

If enabled, vsftpd will try and resolve pathnames such as ~chris/pics, i.e. a tilde followed by a username. Note that vsftpd will always resolve the pathnames ~ and ~/something (in this case the ~ resolves to the initial login directory). Note that ~user paths will only resolve if the file /etc/passwd may be found within the _current_ chroot() jail.Default: NO

use_localtime

If enabled, vsftpd will display directory listings with the time in your local time zone. The default is to display GMT. The times returned by the MDTM FTP command are also affected by this option.Default: NO

use_sendfile

An internal setting used for testing the relative benefit of using the sendfile() system call on your platform.Default: YES

userlist_deny

This option is examined if userlist_enable is activated. If you set this setting to NO, then users will be denied login unless they are explicitly listed in the file specified by userlist_file. When login is denied, the denial is issued before the user is asked for a password.Default: YES

userlist_enable

If enabled, vsftpd will load a list of usernames, from the filename given by userlist_file. If a user tries to log in using a name in this file, they will be denied before they are asked for a password. This may be useful in preventing cleartext passwords being transmitted. See also userlist_deny.Default: NO

validate_cert

If set to yes, all SSL client certificates received must validate OK. Self-signed certs do not constitute OK validation. (New in v2.0.6).Default: NO

virtual_use_local_privs

If enabled, virtual users will use the same privileges as local users. By default, virtual users will use the same privileges as anonymous users, which tends to be more restrictive (especially in terms of write access).Default: NO

write_enable

This controls whether any FTP commands which change the filesystem are allowed or not. These commands are: STOR, DELE, RNFR, RNTO, MKD, RMD, APPE and SITE.Default: NO

xferlog_enable

If enabled, a log file will be maintained detailling uploads and downloads. By default, this file will be placed at /var/log/vsftpd.log, but this location may be overridden using the configuration setting vsftpd_log_file.Default: NO (but the sample config file enables it)

xferlog_std_format

If enabled, the transfer log file will be written in standard xferlog format, as used by wu-ftpd. This is useful because you can reuse existing transfer statistics generators. The default format is more readable, however. The default location for this style of log file is /var/log/xferlog, but you may change it with the setting xferlog_file.Default: NO

numeric options

accept_timeout

The timeout, in seconds, for a remote client to establish connection with a PASV style data connection.Default: 60

anon_max_rate

The maximum data transfer rate permitted, in bytes per second, for anonymous clients.Default: 0 (unlimited)

anon_umask

The value that the umask for file creation is set to for anonymous users. NOTE! If you want to specify octal values, remember the “0″ prefix otherwise the value will be treated as a base 10 integer!Default: 077

chown_upload_mode

The file mode to force for chown()ed anonymous uploads. (Added in v2.0.6).Default: 0600

connect_timeout

The timeout, in seconds, for a remote client to respond to our PORT style data connection.Default: 60

data_connection_timeout

The timeout, in seconds, which is roughly the maximum time we permit data transfers to stall for with no progress. If the timeout triggers, the remote client is kicked off.Default: 300

delay_failed_login

The number of seconds to pause prior to reporting a failed login.Default: 1

delay_successful_login

The number of seconds to pause prior to allowing a successful login.Default: 0

file_open_mode

The permissions with which uploaded files are created. Umasks are applied on top of this value. You may wish to change to 0777 if you want uploaded files to be executable.Default: 0666

ftp_data_port

The port from which PORT style connections originate (as long as the poorly named connect_from_port_20 is enabled).Default: 20

idle_session_timeout

The timeout, in seconds, which is the maximum time a remote client may spend between FTP commands. If the timeout triggers, the remote client is kicked off.Default: 300

listen_port

If vsftpd is in standalone mode, this is the port it will listen on for incoming FTP connections.Default: 21

local_max_rate

The maximum data transfer rate permitted, in bytes per second, for local authenticated users.Default: 0 (unlimited)

local_umask

The value that the umask for file creation is set to for local users. NOTE! If you want to specify octal values, remember the “0″ prefix otherwise the value will be treated as a base 10 integer!Default: 077

max_clients

If vsftpd is in standalone mode, this is the maximum number of clients which may be connected. Any additional clients connecting will get an error message.Default: 0 (unlimited)

max_login_fails

After this many login failures, the session is killed.Default: 3

max_per_ip

If vsftpd is in standalone mode, this is the maximum number of clients which may be connected from the same source internet address. A client will get an error message if they go over this limit.Default: 0 (unlimited)

pasv_max_port

The maximum port to allocate for PASV style data connections. Can be used to specify a narrow port range to assist firewalling.Default: 0 (use any port)

pasv_min_port

The minimum port to allocate for PASV style data connections. Can be used to specify a narrow port range to assist firewalling.Default: 0 (use any port)

trans_chunk_size

You probably don’t want to change this, but try setting it to something like 8192 for a much smoother bandwidth limiter.Default: 0 (let vsftpd pick a sensible setting)

string options

anon_root

This option represents a directory which vsftpd will try to change into after an anonymous login. Failure is silently ignored.Default: (none)

banned_email_file

This option is the name of a file containing a list of anonymous e-mail passwords which are not permitted. This file is consulted if the option deny_email_enable is enabled.Default: /etc/vsftpd.banned_emails

banner_file

This option is the name of a file containing text to display when someone connects to the server. If set, it overrides the banner string provided by the ftpd_banner option.Default: (none)

ca_certs_file

This option is the name of a file to load Certificate Authority certs from, for the purpose of validating client certs. Regrettably, the default SSL CA cert paths are not used, because of vsftpd’s use of restricted filesystem spaces (chroot). (Added in v2.0.6).Default: (none)

chown_username

This is the name of the user who is given ownership of anonymously uploaded files. This option is only relevant if another option, chown_uploads, is set.Default: root

chroot_list_file

The option is the name of a file containing a list of local users which will be placed in a chroot() jail in their home directory. This option is only relevant if the option chroot_list_enable is enabled. If the option chroot_local_user is enabled, then the list file becomes a list of users to NOT place in a chroot() jail.Default: /etc/vsftpd.chroot_list

cmds_allowed

This options specifies a comma separated list of allowed FTP commands (post login. USER, PASS and QUIT and others are always allowed pre-login). Other commands are rejected. This is a powerful method of really locking down an FTP server. Example: cmds_allowed=PASV,RETR,QUITDefault: (none)

cmds_denied

This options specifies a comma separated list of denied FTP commands (post login. USER, PASS, QUIT and others are always allowed pre-login). If a command appears on both this and cmds_allowed then the denial takes precedence. (Added in v2.1.0).Default: (none)

deny_file

This option can be used to set a pattern for filenames (and directory names etc.) which should not be accessible in any way. The affected items are not hidden, but any attempt to do anything to them (download, change into directory, affect something within directory etc.) will be denied. This option is very simple, and should not be used for serious access control – the filesystem’s permissions should be used in preference. However, this option may be useful in certain virtual user setups. In particular aware that if a filename is accessible by a variety of names (perhaps due to symbolic links or hard links), then care must be taken to deny access to all the names. Access will be denied to items if their name contains the string given by hide_file, or if they match the regular expression specified by hide_file. Note that vsftpd’s regular expression matching code is a simple implementation which is a subset of full regular expression functionality. Because of this, you will need to carefully and exhaustively test any application of this option. And you are recommended to use filesystem permissions for any important security policies due to their greater reliability. Supported regex syntax is any number of *, ? and unnested {,} operators. Regex matching is only supported on the last component of a path, e.g. a/b/? is supported but a/?/c is not. Example: deny_file={*.mp3,*.mov,.private}Default: (none)

dsa_cert_file

This option specifies the location of the DSA certificate to use for SSL encrypted connections.Default: (none – an RSA certificate suffices)

dsa_private_key_file

This option specifies the location of the DSA private key to use for SSL encrypted connections. If this option is not set, the private key is expected to be in the same file as the certificate.Default: (none)

email_password_file

This option can be used to provide an alternate file for usage by the secure_email_list_enable setting.Default: /etc/vsftpd.email_passwords

ftp_username

This is the name of the user we use for handling anonymous FTP. The home directory of this user is the root of the anonymous FTP area.Default: ftp

ftpd_banner

This string option allows you to override the greeting banner displayed by vsftpd when a connection first comes in.Default: (none – default vsftpd banner is displayed)

guest_username

See the boolean setting guest_enable for a description of what constitutes a guest login. This setting is the real username which guest users are mapped to.Default: ftp

hide_file

This option can be used to set a pattern for filenames (and directory names etc.) which should be hidden from directory listings. Despite being hidden, the files / directories etc. are fully accessible to clients who know what names to actually use. Items will be hidden if their names contain the string given by hide_file, or if they match the regular expression specified by hide_file. Note that vsftpd’s regular expression matching code is a simple implementation which is a subset of full regular expression functionality. See deny_file for details of exactly what regex syntax is supported. Example: hide_file={*.mp3,.hidden,hide*,h?}Default: (none)

listen_address

If vsftpd is in standalone mode, the default listen address (of all local interfaces) may be overridden by this setting. Provide a numeric IP address.Default: (none)

listen_address6

Like listen_address, but specifies a default listen address for the IPv6 listener (which is used if listen_ipv6 is set). Format is standard IPv6 address format.Default: (none)

local_root

This option represents a directory which vsftpd will try to change into after a local (i.e. non-anonymous) login. Failure is silently ignored.Default: (none)

message_file

This option is the name of the file we look for when a new directory is entered. The contents are displayed to the remote user. This option is only relevant if the option dirmessage_enable is enabled.Default: .message

nopriv_user

This is the name of the user that is used by vsftpd when it wants to be totally unprivileged. Note that this should be a dedicated user, rather than nobody. The user nobody tends to be used for rather a lot of important things on most machines.Default: nobody

pam_service_name

This string is the name of the PAM service vsftpd will use.Default: ftp

pasv_address

Use this option to override the IP address that vsftpd will advertise in response to the PASV command. Provide a numeric IP address, unless pasv_addr_resolve is enabled, in which case you can provide a hostname which will be DNS resolved for you at startup.Default: (none – the address is taken from the incoming connected socket)

rsa_cert_file

This option specifies the location of the RSA certificate to use for SSL encrypted connections.Default: /usr/share/ssl/certs/vsftpd.pem

rsa_private_key_file

This option specifies the location of the RSA private key to use for SSL encrypted connections. If this option is not set, the private key is expected to be in the same file as the certificate.Default: (none)

secure_chroot_dir

This option should be the name of a directory which is empty. Also, the directory should not be writable by the ftp user. This directory is used as a secure chroot() jail at times vsftpd does not require filesystem access.Default: /usr/share/empty

ssl_ciphers

This option can be used to select which SSL ciphers vsftpd will allow for encrypted SSL connections. See the ciphers man page for further details. Note that restricting ciphers can be a useful security precaution as it prevents malicious remote parties forcing a cipher which they have found problems with.Default: DES-CBC3-SHA

user_config_dir

This powerful option allows the override of any config option specified in the manual page, on a per-user basis. Usage is simple, and is best illustrated with an example. If you set user_config_dir to be /etc/vsftpd_user_conf and then log on as the user “chris”, then vsftpd will apply the settings in the file /etc/vsftpd_user_conf/chris for the duration of the session. The format of this file is as detailed in this manual page! PLEASE NOTE that not all settings are effective on a per-user basis. For example, many settings only prior to the user’s session being started. Examples of settings which will not affect any behviour on a per-user basis include listen_address, banner_file, max_per_ip, max_clients, xferlog_file, etc.Default: (none)

user_sub_token

This option is useful is conjunction with virtual users. It is used to automatically generate a home directory for each virtual user, based on a template. For example, if the home directory of the real user specified via guest_username is /home/virtual/$USER, and user_sub_token is set to $USER, then when virtual user fred logs in, he will end up (usually chroot()’ed) in the directory /home/virtual/fred. This option also takes affect if local_root contains user_sub_token.Default: (none)

userlist_file

This option is the name of the file loaded when the userlist_enable option is active.Default: /etc/vsftpd.user_list

vsftpd_log_file

This option is the name of the file to which we write the vsftpd style log file. This log is only written if the option xferlog_enable is set, and xferlog_std_format is NOT set. Alternatively, it is written if you have set the option dual_log_enable. One further complication – if you have set syslog_enable, then this file is not written and output is sent to the system log instead.Default: /var/log/vsftpd.log

xferlog_file

This option is the name of the file to which we write the wu-ftpd style transfer log. The transfer log is only written if the option xferlog_enable is set, along with xferlog_std_format. Alternatively, it is written if you have set the option dual_log_enable.Default: /var/log/xferlog

file /usr/local/etc/vsftpd.conf punya saya

anonymous_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=NO
anon_world_readable_only=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
idle_session_timeout=240
data_connection_timeout=120
ascii_upload_enable=NO
ascii_download_enable=NO
ftpd_banner=Selamat datang di kunz ftp
secure_chroot_dir=/usr/local/share/vsftpd/empty

#standalone
listen=YES
background=YES

check_shell=YES
chmod_enable=YES

MENJALANKAN

untuk menjalankan saat start up

edit /etc/rc.conf

#vi /etc/rc.conf

#vsftpd_enable=”YES”

jalankan vsftpd

#/usr/local/libexec/vsftpd &

Uma pequena explicação, para acabar de uma vez por todas, sobre as duvidas de qual numero usar quando queremos mudar as permissões de arquivos, pastas etc, com o chmod

-rw => indicação de permissões do proprietário
-rw => permissões do grupo que o usuário pertence
-r- => permissões para os demais usuários

— => nenhuma permissão;
r– => permissão de leitura;
r-x => leitura e execução;
rw- => leitura e gravação;
rwx => leitura, gravação e execução

A ordem em que as permissões devem aparecer é rwx, abaixo as mais utilizadas:

So you have written your first program in Perl and it probably looks something like this


#!/usr/local/bin/perl
# We will call the program hello_world
print “Hello world\n”

Now you try to run it with the command ./hello_world, only to find that it won’t run.  Well the reason is obvious, well to experienced users anyway.  The problem is that your program doesn’t have permission to be executed.  Instead you first need to run chmod u+x hello_world, then ./hello_world will run as expected.
The function of the chmod command is to change the mode of a files.  The modes are permissions and special modes.  I will only touch on permissions in this post.  The format for this command is as follows

chmod [references] [operator] [modes] file1...

references: who you want to apply the changes to
operator: how the changes are to be made
modes: which changes are to be made

The references are; u, o, g, and a.  u is the owner of the file.  g is users who are members of the file’s group.  o is outsider, members who are not specified by either u or g.  Finally a is all, this is equivalent to uog.

The operators are; +, -, and =.  As can be expected you use + to add permissions and - to remove them.  The = is a little harder to explain but is made perfectly clear with an example (which is later in this post).

The modes are; r, w, x.  They stand for read, write, and executable respectively.

Well now I suppose you would like to see some examples of this in use.  For all these examples we will assume that hello_world has the following initial modes: -rwxr-xr-x, this means that the owner (the first grouping of rwx) has the ability to read, write, and execute.  However, group members (the second grouping) and outsiders (the last grouping) can only read and execute

Example 1: Make it so that the owner only has executable permission.  After using the following command, the file’s modes will look like —xr-xr-x

chmod u=x hello_world

Example 2: Make is so that the owner can only read and execute.  After using the following command, the file’s modes will look like -r-xr-xr-x

chmod u-w hello_world

Example 3: Make it so that group users and outsiders  can read and write only. While not affecting the owner’s permissions.  After using the following command the file’s modes will look like -rwxrw-rw-

chmod og=rw hello_world

Example 4: Make it so that no one has execute ability.  The file’s modes will look like -rw-r–r– after using the following command.

chmod a-x hello_world

Example 5: Make is so that people that aren’t group members or the owner have write permission.  The file’s modes will look like -rwxr-xrwx after using the following command.

chmod o+w hello_world

So that wasn’t too bad, and hopefully you noticed how the = operator works.  Finally, it is worth mentioning that in order to see a file’s modes you only need to use ls -l file.  For more information on chmod check out this Wikipedia entry, and for examples follow this link.

The simple way to reproduce this is:

mkdir source
cp source target

It’s a pretty simple request. I want to copy a directory. I want to *copy* and not create the directory. I don’t want any of the contents (cp -r), I just want the container itself, without using mkdir. I don’t want to diddle around with the contents of the directory (moving them around) and then do cp -r. I want to copy the container because I want to match the permissions. I don’t want to separately use other commands to sync permissions:

chmod --reference=source target
chown --reference=source target

Why can’t cp do this? Oh right, it’s GNU .. so it sucks.

Eğer web sunucunuz Unix işletim sisteminin (Linux şu günlerde popüler olan işletim sistemidir ve Unix` in bir parçası sayılabilir.) bazı özelliklerini çalıştırmanıza izin veriyorsa ve bunlardan birisi de CGI scriptleri çalıştırabilmek ise mutlaka CHMOD ayarlarının nasıl yapıldığını bilmeniz gerekmektedir.Öncelikle şunu belirtelim, bilinen Windows sistemlerinden sonra Unix sistemi oldukça farklıdır. Benzer görünüşler(profiller) de yer almaktadır. Her kullanıcı bazı özellikleri kullanabilmek için izin almak zorundadır.

Kısaca basit bir scripti kullanmak için kullandığınız sunucunun sistemi Unix veya Linux olsa da sunucunun idarecisinden sizin dosyalarınızın yapısına göre gerekli dosya sınıflarının kullanma hakkınızın önceden anlaştığınız firma tarafından açılmış olması gerekir. Yoksa dosyalarınızı gerektiği gibi kullanamazsınız. Çalıştırma hakkınız var ise tipik scriptleri rahatça çalıştırabilirsiniz ve çalıştırırken CHMODunu genellikle 755 yapmalısınız.(-rwxr-xr-x).
Burada genellikle diyorum çünkü aksi bir değişiklik hali var ise mutlaka kullanacağınız dosyanın bir readme.txt , benioku.txt ya da bir DOCS klasöründe yapmanızı istedikleri tüm değişiklikleri size önceden bildirirler.Bunada dikkat etmelisiniz.Mutlaka kullanmadan önce çalıştıracağınız dosyaların varsa açıklama yazılarını inceleyin.
Chmod`un anlamı aslında yol,biçim değiştirmektir. Böylece klasör ya da dosyaya işlerlik kazandırıla biliniyor. Bu özellik (CHMOD) o dosyaya bir ayrıcalıklar sağlar.

Nasıl Değiştirilir?
Bunun için öncelikle bir FTP programı kurmalısınız.Tavsiyem FileZilla’dır.
FTP programınızla sitenize bağlandıktan sonra açınız. Burada herhangi bir dosyayı seçerek mousenuzun sağ tuşuna tıklayınız. Bir pencere açılacak ve burada bazı özellikler yer alacaktır.(Yeni klasör oluşturma,doğal özellik değiştirme,isim değiştirme,silme gibi.).
Bu pencere Doğal özellik değiştirme (“Change File Attributes”) özelliğini seçiniz. Buraya mousenuzun sol tuşu ile bir kere basarsanız ufak bir pencere açılır. Burada 9 farklı kontrol kutusu ve 1 tane de yazı kutusu yer almaktadır. Tavsiyemiz yazı kutusuna (ufak pencerenin en altındaki kutucuk) chmod değerini (genelde bu ayar php dosyalarınız için 755 tir.) yazınız. Veya 9 kontrol kutusundan şunları işaretleyiniz :

User : Read , Write , Execute
Group : Read , Execute
World : Read , Execute

Bu işlemi yaptıktan sonra “Tamam” veya “Ok” butonuna tıklayınız. Bu işlemden sonra da orta büyüklükte pencere çıkacak. Bu pencere sadece sizden onay beklemek içindir. Buna da “Ok” veya “Tamam” demezseniz scriptiniz yine çalışmaz. Bu işlemden sonra scriptiniz web üzerinden çalışır duruma gelecektir. Yani CHMOD değişmiş olacaktır.

Php ile alakalı bazı dosya veya klasörlerin bu CHMOD ayarının 666 ya da 777 olması istenir bu değişikliklerin yapılmaması halinde yine normal olarak dosyanız gerektiği gibi çalışmayacaktır.

Örneğin; Php Nuke için ana dizindeki config.php dosyası CHMOD ayarı (666) olmalıdır ki sizin sitenizde yapacağınız tüm değişiklikleri algılayıp dosyayı gerektiği (sizin yaptığınız değişikliği) gibi çalıştırabilsin.

chmod is a Unix command that lets you tell the system how much (or little) access it should permit to a file.

chmod changes the permissions of  a file…

Syntax:

chmod [OPTION]… MODE[,MODE]… FILE…
chmod [OPTION]… OCTAL-MODE FILE…
chmod [OPTION]… –reference=RFILE FILE…

What text permissions values mean:

Numeric Permissions:
CHMOD can also to attributed by using Numeric Permissions:

400 read by owner
040 read by group
004 read by anybody (other)
200 write by owner
020 write by group
002 write by anybody
100 execute by owner
010 execute by group
001 execute by anybody

Examples:

The above numeric permissions can be added to set a certain permission, for example, a common HTML file on a Unix server to be only viewed over the Internet would be:

chmod 644 file.htm

This gives the file read/write by the owner and only read by everyone else (-rw-r–r–).

Files such as scripts that need to be executed need more permissions. Below is another example of a common permission given to scripts.

chmod 755 file.cgi

This would be the following 400+040+004+200+100+010+001 = 755 where you are giving all the rights except the capability for anyone to write to the file.cgi file(-rwxr-xr-x).

Finally, another common CHMOD permission is 666, as shown below, which is read and write by everyone.

chmod 666 file.txt

Additional information:

Below is an example of how a file may be listed when typing ( ls -l ) at the prompt as well as information on how to interpret it.

-rw-rw-r– 1   hope  123   Feb 03 15:36   file.txt

Todos sabem que o novo sistema de notificação de atualizações é bem polêmico. Ao invés de mostrar um ícone na barra de tarefas, ele exibe a janela de atualizações, o que pode ser irritante. Outra mudança é que ele só irá notificá-lo diariamente de atualizações de segurança, avisando de updates menores apenas uma vez por semana.

Mas esse não é o objetivo desse artigo. A idéia aqui é resolver um problema que algumas pessoas (como eu ) vem tendo. O sistema não verifica atualizações nunca! Ao abrir o Gerenciador de Atualizações você pode ver que nada foi atualizado a vários dias. Isso é fácil de resolver. O que acontece é que o script que faz a verificação da cache do apt-get está sem permissão de execução. Para resolver, basta adicionar essa permissão para ele:

$ sudo chmod +x /etc/cron.daily/apt

As permissões irão passar de 644 para 755, que é o correto. Esse problema ocorreu com quem fez a atualização automática do 8.10 para o 9.04 e já possuir uma entrada no Launchpad. Com isso já estará OK. Se você quiser testar, apague o arquivo /var/spool/anacron/cron.daily:

$ sudo rm /var/spool/anacron/cron.daily

E reinicie. Esse arquivo diz ao cron (agendador de tarefas) quais ações já foram feitas hoje. Ao apagar o arquivo e reiniciar, ele irá achar que ainda não fez nada e realizará as ações novamente. Isso não é necessário para o tutorial funcionar, já que ele iria verificar novamente no dia seguinte de qualquer maneira. Esse procedimento é só para testar se tudo está funcionando.

Espero que tenha ajudado, até a próxima.

Ogni file esistente sul computer ha un proprietario e solo il superuser, che noi chiameremo sempre root (non sempre è identificato con questo nome ma se andiamo nel file /etc/passwd sarà l’utente contraddistinto dal UID 0), può cambiare le proprietà.

I comandi per cambiare la proprietà di un file sono:

chown utente file                                 Cambia il proprietario.

chgrp gruppo file                                Cambia il gruppo.

chown utente:gruppo file Cambia l’utente e il gruppo.

L’utente root può anche cambiare tutti i permessi  d’accesso ai file. Per vedere i permessi d’accesso ai file da terminale digitiamo il comando ls seguito dal suffisso -l:

mattia@ubuntu:~$ ls -l
totale 4944
-rw-r–r–  1 mattia mattia     121 2009-06-26 11:10 script.sh~
drwxr-xr-x  2 mattia mattia    4096 2009-06-26 18:34 bash
-rw-r–r–  1 mattia mattia     132 2009-06-26 11:02 cleanup
-rwxr-xr-x  1 mattia mattia     143 2009-06-26 11:04 cleanup.sh
-rw-r–r–  1 mattia mattia     1094375 2009-07-08 18:06 immagine.jpg
drwxr-xr-x  2 mattia mattia    4096 2009-06-01 21:30 Documenti

Come potete notare i nomi dei file sono preceduti da lettere e da numeri, quello che ci interessa a noi sono i gruppi di 10 caratteri all’inizio della riga.

Analisi dei permessi

Il primo carattere sta ad indicare se si tratta di un file o di una directory, per tanto quando sarà presente un trattino ‘ – ‘ parleremo di file altrimenti se ci sarà la lettera d si tratterà di un directory. I restanti 9 caratteri sono suddivisi in 3 gruppi, i primo 3 caratteri definiranno i permessi concessi al proprietario del file, i seguenti 3 definiranno i permessi concessi agli utenti membri del gruppo a cui appartiene il file e i restanti 3 i permessi concessi a tutti gli altri.

Ogni gruppo di 3 caratteri indica il permesso di lettura, scrittura ed esecuzione di un file:

• r o - permesso di lettura concesso o negato.
• w o -     permesso di scrittura concesso o negato.
• x o -      permesso di esecuzione concesso o negato.

Per le directory il significato dei permessi è:

• r permesso di  listare il contenuto della cartella (comando ls).
• w consente di aggiungere file alla directory e di cancellarli.
• x permesso di fare riferimento nel percorso (pathname) alla directory  (comando cd).

Cambiare i permessi

Per cambiare i permessi di un file si usa il comando chmod utilizzando la forma simbolica o la forma ottale.

La forma simbolica

La forma simbolica è caratterizzata da una combinazione tra codice utente, operatore e codice di permesso.

I codici utenti sono:

• u proprietario
• g gruppo
• o altri
• a tutti

Gli operatori sono:

• + aggiunge il permesso
• - rimuove il permesso

I codici di permesso sono:

• r lettura
• w scrittura
• x esecuzione

Ecco alcuni esempi:

mattia@ubuntu:~$ sudo chmod go+w file1   Da il permesso di scrittura al gruppo e agli altri

mattia@ubuntu:~$ sudo chmod u+x file1       Da il permesso di esecuzione al proprietario

La forma ottale

Nella forma ottale si fa uso di 4 cifre per definire i permessi di utente, membri gruppo utente e altri assegnando alle cifre un significato particolare:

4 permesso di scrittura  2 permesso di lettura  1 permesso di esecuzione  0 nessun permesso

Ecco alcuni esempi:

mattia@ubuntu:~$ sudo chmod 764    Da il permesso di scrittura, lettura ed esecuzione all’utente proprietario, ai membri del gruppo utente solo il permesso di lettura e scrittura mentre algli altri solo il permesso di lettura.

Quando viene creato una directory o un file il sistema assegna automaticamente un insieme predefinito di permessi:

• Le directory 777 cioè rwxrwxrwx
• I file 666 cioè rwxrwxrw-

Solo i file creati da un compilatore ricevono il permesso 777 che da l’accesso completo.

Per modificare i permessi della definizione automatica in maniera restrittiva si usa il comando umask seguito dalle 3 cifre ottali che servono a togliere e non a definire i permessi di default. Ecco qualche esempio:

mattia@ubuntu:~$ sudo umask 022 toglie i permessi di scrittura a tutti tranne che l’utente.

mattia@ubuntu:~$ sudo umask 077nega l’accesso a tutti tranne che al proprietario.

Spero di essere stato chiaro nella spiegazione, alla prossima!!

Condividi su:      

Comandos básicos do GNU/Linux

chmod - (man 1)
Altera a permissões de acesso aos arquivos

‘[ugoa...][[+-=][rwxXstugo...]…][,...]’.

-c, –changes

Detalhadamente descreve a ação para cada arquivo cujas permissões estão sendo alteradas.

-f, –silent, –quiet

Ternyata untuk menyembunyikan dan mengunci file atau folder di linux ubuntu cukup mudah, tanpa perlu sopwer.
Untuk mnyembunyikan file/folder cukup menambahkan titik pada nama file/folder anda. Jadi, umpama nama foldernya adalah mbahnya maka rubah menjadi [.mbahnya]-tanpa tnda kurung. Kemudian tekan F5. Jreeng….. Eng ing eng, hilang dech.
Sedang untuk mengunci file ikuti langkah berikut ;
1. Buka terminal;
2. Ketikkan : sudo chmod -R 0444 file/folder -v
* file/folder = nama dan lokasi file/folder anda.

Sekarang ktika filenya sudah “hilang” dan terprotek, maka untuk melihat file tersembunyi tersebut tekan ctrl+H. Begitu juga sbaliknya, untuk menyembunyikannya juga tekan ctrl+H. Adapun untuk unprotect file di linux, angka 444 diganti 744.
Ada yang kurang ato salah? Koreksi ya……