7

I was under the impression that basically all files in a Unix system are editable, at the very least viewable.

What steps can I take when I encounter a file which looks like this in nano:

screenshot of the binary greeter-dconf-defaults file viewed in Nano

How do I figure out what type of file it really is, if it's a running file and what I need to find out both its code and what the file imports/exports/is dependent on?

Zanna
  • 70,465
Emil Johansson
  • 71

1 Answers1

9

All files that live on filesystem or memory are technically editable just gotta use the right methods. You encountered a binary data file, particularly pertaining to dconf database of settings judging by the name in the nano's filename line, and the keyword GVariant in the file itself. Accordingly, you should use dconf-editor GUI tool or dconf command-line tool.

How do I figure out what type of file it really is, if it's a running file and what I need to find out both its code and what the file imports/exports/is dependent on.

Typically you can make use of file command to figure out the particular file type. 

$ file /etc/passwd
/etc/passwd: ASCII text

Whether the file is executable, you can use ls -l filename or stat to determine whether the executable bit is set for owner, group, and other users. See a related post that explains permissions on files quite well. There's also Access Control Lists, which are used to create more fancy permissions than the basic Unix permissions allow.

As to what software to use, it depends on each file, and there's many types of software for same filetype. Binary files in general often can be viewed via hexdump or od commands in hex format, and to edit - there's hex editors, which are often used in reverse engineering and security applications.

I was under the impression that basically all files in a Unix system are editable, at the very least viewable.

Well, there's a bit of truth that has to be shed on the words "Everything is a file in Unix/Linux". There's files that can live in filesystem, and that's what most people know as files. In reality, a file ( i.e. a particular chunk of data organized together somewhere) can live in memory or filesystem, i.e. there can be anonymous files. Sockets and unnamed pipes are files, they just don't have a name, only a handle which kernel keeps track of. Can all of them be edited ? Yes, again, with the right methods. Pipes have one process writing to it, while another reads, so writer can edit the pipe. Files mapped in memory can be edited if your program can access that particular memory chunk. So everything is a file, you just need to understand in which context the file is applied.

Sergiy Kolodyazhnyy
  • 105,154
  • 20
  • 279
  • 497
  • /dev/random aint a file. – Rinzwind Jun 13 '18 at 06:10
  • 4
    @Rinzwind It is a file, to be precise a special character device file. See also https://unix.stackexchange.com/a/18534/85039 – Sergiy Kolodyazhnyy Jun 13 '18 at 06:33
  • https://www.howtogeek.com/117939/htg-explains-what-everything-is-a-file-means-on-linux/ – Rinzwind Jun 13 '18 at 07:46
  • @Rinzwind The article sweeps the word "file" under the same definition which most users think about - a file that lives on filesystem, but again - there's files that are not stored on filesystem. Although I do like the “everything is a stream of bytes” definition, because that's what any file is. – Sergiy Kolodyazhnyy Jun 13 '18 at 08:14
  • 4
    @Rinzwind - you have to understand "everything is a file" as "(nearly) everything is accessible through a file API". You can do fopen("/dev/random", "rb"), so /dev/random is a file, regardless of a representation (or lack thereof) on the disk. – Edheldil Jun 13 '18 at 08:28