Access Control, Special Files, etcContentsMMAPMMAPProtection and Access ListsAccess Lists ExampleAccess Control sys/stat.hFile Access ExampleReminderTables in kernel for filesFilters and RedirectionPipesExample: Parent writes string to ChildParent writes string to ChildPipelines in UNIX ShellRedirectionSimple Redirect (child)Simple Redirect (parent)FIFOsMkfifoExample of Using FIFO: Modeling Producer-ConsumerExampleSlide 23Copyright ©: Nahrstedt, Angrave, Abdelzaher 1Access Control, Special Files, etcCopyright ©: Nahrstedt, Angrave, Abdelzaher2ContentsMMAPOpen Close & Access ControlsSpecial FilesPipes & FIFOTerminal ControlCopyright ©: Nahrstedt, Angrave, Abdelzaher3MMAPmemory mapped file the file is mapped into virtual memory file access is at the instruction level page faults may read a page of file data from disk to memory an address of a logical record within a file is given by a virtual memory address offset of that record from the beginning of the fileAStackHeapATextVirtual MemoryDiskCopyright ©: Nahrstedt, Angrave, Abdelzaher4MMAP#include <sys/mman.h>void *mmap(void *addr, size_t len, int prot, int flags, int fd, off_t off);Copyright ©: Nahrstedt, Angrave, Abdelzaher5Protection and Access ListsAssociate each file and directory with access listLists who is authorized to access the fileFor each person, lists the mode in which access is authorized (e.g., read/write/execute/append/delete/list) Problem with access list: lengthSolution: condensed version of the access list owner - user who created the filegroup - a set of users who are sharing the file and need similar accessuniverse - all other usersCopyright ©: Nahrstedt, Angrave, Abdelzaher6Access Lists ExampleUNIX - 3 fields of length 3 bits are used. User categories:user(u),group(g),others(o)Access bits: read(r), write(w), execute(x) - The change mode (chmod) command:chmod go+rw myfileCopyright ©: Nahrstedt, Angrave, Abdelzaher7Access Control sys/stat.hR W X R W X R W Xusergroup othersS_IRUSRS_IWUSRS_IXUSRS_IRWXUS_IRGRPS_IWGRPS_IXGRPS_IRWXGS_IROTHS_IWOTHS_IXOTHS_IRWXOS_ISUID – set user ID on executionS_ISGID – set group ID on executionCopyright ©: Nahrstedt, Angrave, Abdelzaher8File Access Exampleint fd;mode_t fdmode = (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);If ((fd = open(“info.dat”, O_RDWR | O_CREAT, fdmode)) == -1) perror(“Failed to open info.dat”);Opens a file info.dat in current directory rewriting any existing file dataif present.Copyright ©: Nahrstedt, Angrave, Abdelzaher9ReminderFile positionR/WPointer to inodeFile positionR/WPointer to inodeModeLink CountUIDGIDFile sizeTimesAddress of first 10 disk blocksSingle IndirectDouble IndirectTriple IndirectIn memory Inode tableParent File descriptortableChildFile descriptortableUnrelated processFile descriptor tableSystem file tableCopyright ©: Nahrstedt, Angrave, Abdelzaher10Tables in kernel for filesFile Descriptor TableOne per process0 stdin, 1 stdout, 2 stderr + files, directories, block or character devices (also called "special files"), sockets, FIFOs (also called named pipes), or unnamed pipes. System File TableOne per system – is in kernelContains file offset, access mode, count of file descriptor entries using itSeveral entries may correspond to one fileThe in-memory inode table has one entry for each active file.Copyright ©: Nahrstedt, Angrave, Abdelzaher11Filters and RedirectionFilters in UNIX shellhead, tail, more, catsort, grep, awk Redirection uses < >Example: Redirect output to my.filecat >my.fileCopyright ©: Nahrstedt, Angrave, Abdelzaher12PipesPipe--- communication between two processes on the same machine find . –name “*.c” –print | grep cs241#include <unistd.h>int pipe(int fildes[2]);Creates 2 file descriptorsint fd[2];if (pipe(fd) == -1) perror(“Failed to create the pipe”);Creates two fds:• fd[0] is for reading.• fd[1] is for writing.Copyright ©: Nahrstedt, Angrave, Abdelzaher13Example: Parent writes string to Child#include <stdio.h>#include <string.h>#include <unistd.h>#include <sys/types.h>#define BUFSIZE 10 int main(void) { char bufin[BUFSIZE] = "empty"; char bufout[] = "hello"; int bytesin; pid_t childpid; int fd[2]; if (pipe(fd) == -1) { perror("Failed to create the pipe"); return 1; }Copyright ©: Nahrstedt, Angrave, Abdelzaher14Parent writes string to Child bytesin = strlen(bufin); childpid = fork(); if (childpid == -1) { perror("Failed to fork"); return 1; } if (childpid) /* parent code */ write(fd[1], bufout, strlen(bufout)+1); else /* child code */ bytesin = read(fd[0], bufin, BUFSIZE); fprintf(stderr, "[%ld]:my bufin is {%.*s}, my bufout is {%s}\n", (long)getpid(), bytesin, bufin, bufout); return 0;}Copyright ©: Nahrstedt, Angrave, Abdelzaher15Pipelines in UNIX Shellls –l | grep mystringSearch for mystring in output of lsInvolves redirectionCopyright ©: Nahrstedt, Angrave, Abdelzaher16Redirection#include <errno.h>#include <stdio.h>#include <unistd.h>#include <sys/types.h> int main(void) { pid_t childpid; int fd[2]; if ((pipe(fd) == -1) || ((childpid = fork()) == -1)) { perror("Failed to setup pipeline"); return 1; }Copyright ©: Nahrstedt, Angrave, Abdelzaher17Simple Redirect (child) if (childpid == 0) { /* ls is the child */ if (dup2(fd[1], STDOUT_FILENO) == -1) perror("Failed to redirect stdout of ls") else if ((close(fd[0]) == -1) || (close(fd[1]) == -1)) perror("Failed to close extra pipe descriptors on ls") else { execl("/bin/ls", "ls", "-l", NULL); perror("Failed to exec ls"); } return 1; }Copyright ©: Nahrstedt, Angrave, Abdelzaher18Simple Redirect (parent)if (dup2(fd[0], STDIN_FILENO) == -1) perror("Failed to redirect stdin of sort") else if ((close(fd[0]) == -1) || (close(fd[1]) == -1)) perror("Failed to close extra pipe file descriptors on sort") else { execl("/bin/grep", ”grep", ”mystring", NULL); perror("Failed to exec sort"); } return 1; }Copyright ©: Nahrstedt, Angrave, Abdelzaher19FIFOsPipes disappear when no process has them open.FIFOS are named pipes that are special files that persist even after all the processes have closed them.Copyright ©: Nahrstedt, Angrave, Abdelzaher20Mkfifo#include <sys/stat.h>int mkfifo(const char *path, mode_t mode);Mode is for access control (file permissions)Copyright ©: Nahrstedt, Angrave, Abdelzaher21Example
View Full Document