Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Okay. Here it is... The output will look like this..
[user@machine ~]$ ls -l git-clones/scripts/python_scripts/README
-rw-rw-r--. 1 user user 69 Feb 15 12:26 git-clones/scripts/python_scripts/README
Where the first "-" represents a regular file.
rw- = Permissions for the owner
rw- = Permissions for the group user
r-- = Permissions for others
From "rw-rw-r--" represents the owner and group user have read,write permissions and where as other have read permissions.
from what I can tell the question is about sudo and shell globbing not options/flags/switches of ls (or even really ls: the same behaviour would be seen for any command).
It seems that what OP is trying to understand is the result of the fact that the shell can't glob files it can't see, where as ls can list such file because it is being run with higher privileges via sudo.
It is the standard problem of handling parameters through the shell - "Where is it interpreted?".
Before the command line can be executed it must be parsed - and that parse breaks up the line into tokens.
If one of those tokens has shell metacharacters then it will be replaced - unless something prevents it.
The "something to prevent it" is an apostrophe quote ('), or a back slash (\). In either case, the escape character is removed (the apostrophe quoting as well as any double quote character ") and the resulting token is treated as a parameter.
In the "\*" above, the command line 'ls -1 /var/www/Peter/test7/*.cel' is then reprocessed by the shell started by sudo - and hence gets a different environment.
Now SOMETIMES that doesn't quite work as expected - nested shells can reinterpret, or not reinterpret depending on how the shell gets invoked. If the shell is invoked through the system or popen library functions, reinterpretation is more obvious. If, however, it is invoked via exec sequence then the parameters may not be reinterpreted - until they get used in a command line. If that command line is another shell (such as a script) then how it gets quoted again makes a difference- the script is attempting to pass a metacharacter to yet another shell - which may require that metacharacter to be escaped... but the escape character has already been removed...
This is also a source of security problems when using sudo/su and having it run a shell script. An escaped metacharacter can be passed to a more privileged script causing the script to do "bad things".
Consider this variant of the ls example: "sudo ls -1 /var/www/Peter/test\`rm -rf /home\`" (CAUTION: CAN DELETE THE HOME DIRECTORIES)
sudo attempts to prevent this via the "noexec" option, but that makes it hard to use a shell script as the command to execute via sudo... perl or python would be a better language in that case due to the more complete programming environment built into the interpreter. BTW, noexec would work for the ls example as ls is the only thing executed... but then, the previous example would not have worked either (I don't believe the shell is invoked when the noexec is used by sudo, I do know that use of the exec system call is blocked by a dummy function).
Thank you to everyone for your help. My underlying problem was actually due to a logical bug in my PHP code. However I did not realise that the expansion of the wildcard happened before the sudo call. That was the issue in my test case.