Having Trouble Changing Permissions (long-ish)

I’m have a couple of problems with file and folder permissions. They may be related, they may not be, so I’ll cover each one separately. Before that, though, some background:
I’m running an HP Pavilion dv6636nr with openSUSE 11.0, fresh install last week, though I’ve been using 10.3 as my day-to-day OS for a few months. It’s only recently that I’ve gotten bold enough to deviate from the default options or wander into Terminal territory. I am the person who knows the root password, but I run day-to-day as a normal user.

Problem the First:
I downloaded and installed the BOINC Manager and BOINC Client applications. BOINC is supposed to runs in the background, then when the system is idle, it uses that downtime to crunch numbers for cancer research, calculate climate patterns, search for extraterrestrial life (no kidding), and so forth. Unfortunately, it only appears to run when I open a Terminal, get root access, and enter
/root/BOINC/run_manager
When I close the terminal window, the BOINC Manager closes too.

I’d like BOINC to start automatically at boot, or if that can’t be done, to be able to use a desktop launcher to make it start. I tried (as root)
chmod 700 /root/BOINC/
and
chmod 700 /root/BOINC/run_manager
but the launcher still only gives me a “permission denied” error. Maybe because I don’t want to give my normal-user self permission to /root/ ? Can I convince this program to start, either at boot or on command, without having to leave a terminal window open? I run Ubuntu on another computer, and BOINC sprung right into action as soon as I installed it*.

Problem the Second:
I’m also getting back into programming*, so I’ll be creating and testing lots of little programs for assignments and experiments. Even though I create these files within my normal user’s /home directory, I have to chmod every file I create before I can execute it.
Trying to change permissions for the folder gets the same non-response as the BOINC request, so I can’t tell if it even understands what I’m asking for. Can I set the folder permissions to allow normal-me to execute any program in that folder? (If you feel that that’s not a very wise thing to do, and that I should continue authorizing each individual file, please say so.)


MJ

  • The last program I wrote was in BASIC for an Apple ]e; I’m currently learning Ruby, but I also have a class this fall that’ll make extensive use of C++.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Why do you have your boinc stuff in /root to begin with? You’ll never
get anything for non-root working in there and nor would I recommend it.
Either create something like I do (‘apps’ in my user’s home directory)
to house your boinc application or put it somewhere else in the
filesystem like /opt and then create a script (
http://boinc.berkeley.edu/wiki/Starting_BOINC_on_boot_(Unix) ) to start
it from wherever it runs… you can even create your own user to run it
(boincuser in my case) so it doesn’t run as ‘root’ but still has access
to the files wherever (because you give it permissions to the
appropriate part of the filesystem). This is what I do and it works
really well.

The second problem you are having can maybe be overcome with a umask but
I wouldn’t recommend it. One reason Linux is more-secure than windows
is because you cannot arbitrarily execute some file that gets on your
filesystem and have it actually do anything except open with a text
editor or something. If you modify your system or user settings to
change this anytime you double-click on something it may try to run and
will probably be ugly more often than not. Instead perhaps create a
script or something (‘mygcc’ for C programs for example) that not only
compiles but then sets the executable bit for you (though really I
thought that ‘gcc’ did this automatically). You could do this for any
language and it would have you doing what you are already doing but with
your desired result.

Good luck.

MaddJoka wrote:
> I’m have a couple of problems with file and folder permissions. They
> may be related, they may not be, so I’ll cover each one separately.
> Before that, though, some background:
> I’m running an HP Pavilion dv6636nr with openSUSE 11.0, fresh install
> last week, though I’ve been using 10.3 as my day-to-day OS for a few
> months. It’s only recently that I’ve gotten bold enough to deviate
> from the default options or wander into Terminal territory. I am the
> person who knows the root password, but I run day-to-day as a normal
> user.
>
> PROBLEM THE FIRST:
> I downloaded and installed the BOINC Manager and BOINC Client
> applications. BOINC is supposed to runs in the background, then when
> the system is idle, it uses that downtime to crunch numbers for cancer
> research, calculate climate patterns, search for extraterrestrial life
> (no kidding), and so forth. Unfortunately, it only appears to run when
> I open a Terminal, get root access, and enter
> /root/BOINC/run_manager
> When I close the terminal window, the BOINC Manager closes too.
>
> I’d like BOINC to start automatically at boot, or if that can’t be
> done, to be able to use a desktop launcher to make it start. I tried
> (as root)
> chmod 700 /root/BOINC/
> and
> chmod 700 /root/BOINC/run_manager
> but the launcher still only gives me a “permission denied” error.
> Maybe because I don’t want to give my normal-user self permission to
> /root/ ? Can I convince this program to start, either at boot or on
> command, without having to leave a terminal window open? I run Ubuntu
> on another computer, and BOINC sprung right into action as soon as I
> installed it*.
>
> PROBLEM THE SECOND:
> I’m also getting back into programming*, so I’ll be creating and
> testing lots of little programs for assignments and experiments. Even
> though I create these files within my normal user’s /home directory, I
> have to chmod -every file I create- before I can execute it.
> Trying to change permissions for the folder gets the same non-response
> as the BOINC request, so I can’t tell if it even understands what I’m
> asking for. Can I set the folder permissions to allow normal-me to
> execute any program in that folder? (If you feel that that’s not a
> very wise thing to do, and that I should continue authorizing each
> individual file, please say so.)
>
> –
> MJ
> * The last program I wrote was in BASIC for an Apple ]e; I’m currently
> learning Ruby, but I also have a class this fall that’ll make extensive
> use of C++.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIpK3c3s42bA80+9kRAjhpAJ0fOQCYIXy5VQ7Fc7Pw/zl5qZrfjQCfQH9h
05JcKuH0AoqnDUR37hnJidk=
=76OD
-----END PGP SIGNATURE-----

That’s just where it installed; I don’t believe I had any say in the matter. Ubuntu has boinc-client and boinc-manager in its repositories, but for SUSE I had to download and run a shell script* (which I only did because I’ve used BOINC for years on XP, Vista, and Ubuntu with no ill effect), and that’s where it set up shop. If I can move BOINC without breaking it, that works fine for me.

The second problem you are having can maybe be overcome with a umask but I wouldn’t recommend it.

Fair enough; that was a relatively minor nuisance, and I figured it was probably for my own good.

Thanks!


MJ

  • In the initial post, I kind of left a footnote hanging; I was going to make a comment about the differences between installing in Ubuntu and in SUSE, but eventually thought better of it.

Not sure why you’re having a problem. When I compile a C program with

gcc -o foo foo.c

foo has execute permissions. Unless you mean shell scripts, which only need to be chmod’ed once to be executable.

And of course you need to use ./foo, but that’s because of the PATH, not the permissions.

I’ve never used gcc, though I’m sure I’ll get my chance soon*; as I understand it, Ruby is generally interpreted rather than compiled (although a few people have written compilers, if only to prove it can be done.) All I can really say with confidence is that my programs are text files I created in gedit or emacs, they carry an .rb extension, and that I had to install the package “ruby” before the machine could understand them.


MJ

  • To clarify what I said earlier, I’ll be taking a freshman-level programming class using C++ . Right now I have no experience in anything C, and I’ve heard that C++ isn’t the best choice of first languages, so I thought I’d brush up on my BASIC and get a basic understanding of something modern (suggestions included Perl or Python, I chose Ruby) before school starts.

Are you still confused as to why you need to add permissions to each file to
execute them?

like you stated, each ruby file is just a text file. Just like everything
else in linux… they’re just files. When you ‘chmod +x myfile.rb’, you’re
adding an indicator to the operating system that says THIS file is executable.
Remember that linux (being a proper os), doesn’t base a file’s
interpretation on its extension or filename in particular. Have to be
careful how I phrase that, as some ‘conventions’ have arisen… such as
the .rb extension for the ruby script, .c for C source, .cpp for C++
source, .zip, .tar, .gz,…

That script could be named anything… “myfile.jpg” could hold ruby
statements and really be a text file… but the NAME (which really has nothing
to do with the contents on linux) is myfile.jpg… which implies to a
user that it’s a jpg file.

linux doesn’t know. doesn’t really care either. If you set the
‘execute’ permission (x), then linux looks at the file and extracts some
‘magic numbers’… some examples of magic numbers are:

elf executables -> “ELF”, starting at byte 1 of file
jpg files -> “JFIF”, starting at byte 6 of file
gif files -> “GIF89”, starting at byte 0
zip files -> “PK”, starting at byte 0 (Thank you Phil Katz!)

and so on…

If the command processor determines that the file is a text file, it looks
for the magic string “#!” (splat bang!) as the first characters… they
signal that the first line specifies which program to use to ‘execute’ or
interpret this file.

So PERL scripts have “#!/usr/bin/perl”,
BASH scripts have “#!/bin/bash”
RUBY scripts have “#!/usr/bin/ruby”

And so on as well…

If you don’t make a text file executable, then you must start it by running
the appropriate program, then supplying the text file as an argument…

ruby myfile.rb
perl tinyscript

Remember that the filename has nothing to do with the contents, so
‘tinyscript’ is just as valid a name as ‘tinyscript.pl’.

Why do you need to type “./myfile.rb” (the leading ‘dot slash’) to run your
scripts?

That’s because the shell (often BASH) does not search the current directory
for executable commands. This feature CAN be enabled, but it’s considered a
VERY BAD THING, as you could hijack a system with a specially crafted
command which was named the same as some often used command… (‘ls’ for
example).

So for security issues, you need to type ‘./xxx’ to run ‘xxx’ if it’s in the
current subdir. If you think about it, that’s no different than running
‘/root/BOINC/something’ right? you’re just specifying the path to the file,
and ‘./’ says “right here in this subdirectory we’re in”.

Personally, I think this system is great! You’ll get used to it. And you
can’t be hijacked because someone named a file ‘balloons.jpg.exe’ and it was
automatically executable because of the filename. (BAD windows! BAD!)

Basically, you have to WANT to execute a file… otherwise linux just
determines if it’s supposed to do something by default (like for images and
zips/tars/gz files), or just ask you what to do with it (often it just loads
in a text editor, which is safe)

Hope I didn’t bore anyone, and really hope this helped explain some issues.

Loni


L R Nix
lornix@lornix.com

In that case there are two ways to execute a ruby program.

ruby foo.rb

or

chmod u+x foo.rb
./foo.rb

Of course the latter assumes that you have #!/usr/bin/ruby at the top of the file. In both cases you need the ruby interpreter as you have noted.

A similar thing applies to Perl, which is also interpreted.

No, I know why those permissions exist. My question was whether there was a way to change the default permissions in a way that allows me to run the files I’ve created, but doesn’t put the rest of the system in jeopardy. From what I’m hearing, that’s a no. And that’s fine; just a few more steps in the process.

Personally, I think this system is great! You’ll get used to it. And you
can’t be hijacked because someone named a file ‘balloons.jpg.exe’ and it was
automatically executable because of the filename. (BAD windows! BAD!)

Yep, I knew somebody who jacked up her office computer doing that. Although I think it was Q3Sales.ppt.exe or something like that. Certainly didn’t hurt that they left the “Hide extensions for common file types” option active.


MJ

You only need to do this once per file. Once the execute bit is set, the editor won’t turn it off. And you will be running the editor far more often anyway.