≡ Menu

Security-Enhanced Linux (SELinux)

Tutorials and howtos about SELinux that provides the mechanism for supporting access control security policies, mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel ( rss feed ).

Find the file permission without using ls -l command

Q. I need to find file permission and store the same to a shell variable. How do I find out the file permission without parsing ls -l output?

A. Use GNU stat command to display file or file system status. It has option to display output in specific format.

Display stat for /etc/passwd file

Type the following command:
$ stat /etc/passwd

  File: `/etc/passwd'
  Size: 1675            Blocks: 8          IO Block: 4096   regular file
Device: 802h/2050d      Inode: 7899368     Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2007-12-05 08:20:31.000000000 +0530
Modify: 2007-12-04 23:36:50.000000000 +0530
Change: 2007-12-04 23:36:50.000000000 +0530

Print access rights in octal format:
$ stat -c %a /etc/passwd


Print access rights in human readable format, enter:
$ stat -c %A /etc/passwd


Store access rights in octal format to a shell variable:
$ VAR=$(stat -c %a /etc/passwd)
$ echo $VAR

Other valid format sequences for files

  • %b : Number of blocks allocated (see %B)
  • %B : The size in bytes of each block reported
  • %d : Device number in decimal
  • %C : SELinux security context
  • %D : Device number in hex
  • %f : Raw mode in hex
  • %F : File type
  • %g : Group ID of owner
  • %G : Group name of owner
  • %h : Number of hard links
  • %i : Inode number
  • %n : File name
  • %N : Quoted file name with dereference if symbolic link
  • %o : I/O block size
  • %s : Total size, in bytes
  • %t : Major device type in hex
  • %T : Minor device type in hex
  • %u : User ID of owner
  • %U : User name of owner
  • %x : Time of last access
  • %X : Time of last access as seconds since Epoch
  • %y : Time of last modification
  • %Y : Time of last modification as seconds since Epoch
  • %z : Time of last change
  • %Z : Time of last change as seconds since Epoch

Apache Address already in use: make_sock: could not bind to port 80 or 443 error and solution

Q. How do I fix an error, while restarting Apache ~ Address already in use: make_sock: could not bind to port 80?

A. If you are running SELinux disable temporary for port 80.

Apache Address already in use: make_sock: could not bind to port 80 error and solution

First make sure port 80/443 is not used by any other service or application with netstat command:

# netstat -tulpn| grep :80

If port 80 is bind to httpd, kill all process:
# killall -9 httpd

Now start the httpd:
# /etc/init.d/httpd start

Also make sure you are root while starting the httpd.