Linux bird brother-Chapter 5: Linux file permissions and directory configuration
1. Linux file permissions
Linux file attributes
[External chain image transfer failed, the source site may have an anti-theft chain mechanism, it is recommended to save the image and upload it directly (img-TKB07VxZ-1585567423886) (C: \ Users \ lee \ Desktop \ linux \ 1 file attribute diagram.png)]
The schematic diagram of Linux file attributes is shown in the figure above, and it will be explained one by one below:
-
File type permissions :
There are 9 basic permissions for Linux files, namely the owner, the group, and others. Each of the three identities has its own read, write, and execute permissions ( execute) permission.
Permission character — r w x r w x — — — Character position 1 2 3 4 5 6 7 8 9 10
[1st character]: The first character represents whether the file is a directory, file, or linked file, etc .:
[D] stands for directory, as in the picture above
.tmp[-] On behalf of the document, as in the picture above
.tcshrc[L] on behalf of the connection file
[B] represents a device that can read and write randomly by block
[C] Represents the peripheral devices available for storage of device files, such as keyboard, mouse, etc.
[2-9th character]: Take three as a group, and all are
[rwx]a combination of three parameters, whichrstands for read,wwritex, and execute, and The location of these permissions will not change. If there is no permission, it is——replaced by:Among them, [bit 2-4] represents the owner of the file, that is, the user's permissions on the file, [bits 5-7] represents the permission of the user group to which the user belongs, and [bits 8-10] represents others (Others) permissions on this file
-
Number of connections
Each file records its permissions and attributes in the inode of the file system, and the number of connections represents how many file names are connected to this node
-
user
On behalf of the owner account of this file or directory
When you need to make changes to the user to whom this file or directory belongs, you can proceed as follows
chown [-R] 账号名 文件或目录However, the premise is that it
用户名must/etc/passwdexist in the file. -
user group
The permissions for this file or directory are the same in the same user group.
When you need to make changes to the user group to which this file or directory belongs, you can perform the following operations
chgrp 用户组名 文件名或目录However, the premise is that it
用户组名must/etc/groupexist in the file, and kfk represents the user group name to be modified. -
Modify file permissions
Authority digital comparison table Numerical value r 4 w 2 x 1
The command to modify permissions can perform the following operations:
chmod [-R] xyz 文件目录When the permissions are
[-rwxrwx---], the numbers are:owner =rwx=4+2+1=7 group =rwx=4+2+1=7 others =---=0+0+0=0Therefore,
.bashrcthe command to modify the permissions of the file ischmod 770 .bashrc -
File size
The default unit is Bytes
-
Modified date
This date is the date of the most recent creation or modification
-
file name
When more than one file name in front
[.], then on behalf of this file is a hidden file, you can usels -ato view.
Two, Linux directory configuration
The basis of Linux directory configuration-FHS
FHS(Filesystem Hierarchy Standard)
FHSAccording to whether the file system is frequently used and whether users are allowed to modify it at will, the directory is defined as four forms of interaction, as shown in the following table:
| Shareable | Unshareable | |
|---|---|---|
| Unchanged | / usr (software storage) | / etc (configuration file) |
| / opt (third-party auxiliary software) | / boot (boot and kernel files) | |
| Variable | / var / mail (user mailbox) | / var / run (program related) |
| / var / spool / news (newsgroup) | '' / var / lock (program related) |
FHSThree levels of directories are defined:
- / (Root, root directory), related to starting the system
- / usr (unix software resource): related to software installation / execution
- / var (variable): related to the system running process
1. The meaning and content of the root directory (/)
| Part 1: The catalogue that FHS requires must exist | File content |
|---|---|
| /bin | Perform file system storage directory, mainly by the cat, chmod, chown, date, mv, mkdir, cp, bashand other commonly used commands |
| /boot | Store files that will be used during startup, including Linux kernel files, startup options and configuration files needed for startup |
| /dev | Equipment and interface devices are in the form of files in this directory which, mainly by the /dev/null, dev/zero, /dev/tty, /dev/loop*, /dev/sd*, etc. |
| /etc | Configuration files are placed in this directory, such as personnel account password files, startup files for various services, etc. The more important files are: /etc/modprobe.d/, / etc / password, / etc / fstab, / etc / issue, etc. |
| /lib | Placed is the function library that the system will use when it starts, and the function library that will be called by the commands under / bin or / sbin |
| /media | The device is removable |
| /opt | Directory where third-party auxiliary software is placed |
| /run | Place all information generated after system startup |
| /sbin | Place the commands needed to start, repair, and restore the system |
| /tmp | Temporary file directory |
| /usr | Second layer FHS settings |
| /where | Second layer FHS settings |
| Part II: FHS recommended directories that can exist | File content |
|---|---|
| /home | The system default user home directory. When a general user account is added, the default user home directory will be standardized here. ~: Represents the current home directory of this user |
| /lib | Used to store binary function libraries in different formats from / lib, such as the 64-bit / lib64 function library |
| /root | The home directory of the system administrator (root), |
2. The meaning and content of / usr
/ usr is UNIX Software Resourcethe abbreviation, which is the Unixoperating system software resources placed in a directory, rather than the user's data. Therefore, FHS recommends that all software developers should reasonably place their data in subdirectories under this directory, and do not create their own independent directories for the software. In general, /usrthe subdirectories are recommended to include the following:
| Part 1: The catalogue that FHS requires must exist | The content of the file should be placed |
|---|---|
| /usr/bin/ | CentOS 7已经将全部的用户命令放置到/bin下,使用连接文件的方式将/bin连接到此处。/usr/bin与/bin是一模一样的,FHS要求此目录下不应该有子目录 |
| /usr/lib/ | 与/lib相同,/lib也是连接到此处 |
| /usr/local/ | 系统管理员在本机上安装自己下载的软件,便于管理建议安装在此。 |
| /usr/sbin/ | 非系统正常运行需要的系统命令 |
| /usr/share/ | 放置只读的数据文件,包括共享文件,几乎都是文本文件。常见的子目录:/usr/share/man:在线帮助文件;/usr/share/doc:软件的说明文档;/usr/share/zoneinfo:与时区有关的时区文件 |
| 第二部分:FHS建议可以存在的目录 | 应放置的文件内容 |
|---|---|
| /usr/games/ | 与游戏比较相关的数据放置处 |
| /usr/include/ | c/c++等程序语言的头文件(headrer)与包含文件(include)放置处。当以Tarbal方式(*tar.gz的方式安装软件)安装某些程序时,会使用到里面的许多文件 |
| /usr/libexec/ | 某些不被一般用户常用的执行文件或脚本等,例如,大部分x窗口下的操作命令,很多是放置在此目录下。 |
| /usr/src | 一般源代码建议放置在这里 |
3./var的意义与内容
/usr是安装时会占用比较大硬盘容量的目录,/var则是系统运行之后才会渐渐占用硬盘容量的目录。/var目录主要针对经常性变动的文件,包括缓存(cache)、日志文件(log file)以及某些软件运行时所产生的文件,包括程序文件(lock file、run file),或Mysql数据库的文件等。常见的子目录有:
| 第一部分:FHS要求必须存在的目录 | 应放置文件内容 |
|---|---|
| /var/chche | 应用程序本身运行过程中会产生的一些缓存 |
| /var/lib | 应用程序执行过程中,需要使用到的数据文件放置的目录。例如,Mysql的数据库放置到/var/lib/mysql中 |
| /var/lock | 对某些设备或者是文件资源加锁的文件,防止运行冲突。已经挪到—>/run/lock中。 |
| /var/log | 日志文件放置的目录,包括/var/log/message、/var/log/wtmp(记录登陆信息)等 |
| /var/mail | 放置个人电子邮箱的目录,这个目录也被放置到/var/spool/mail/目录中,通常这两个目录互为连接文件。 |
| /var/run | 某些程序或者是服务启动之后,会将它们的PID放置在这个目录下,与/run相同,互为连接。 |
| /var/spool/ | 放置等待其他程序使用的队列数据,使用完毕会被删除 |
三、重点回顾
- Linux的每个文件中,可以分别赋予用户、用户组与其他人三种身份的rwx权限
- 用户组最有用的功能之一就是:当在协同工作的时候,每个账号都可以有多个用户组的支持
- 利用
ls -l显示的文件属性中,文件权限属性共有10位,第1位是文件类型,接下来三个为一组共三组,为用户、用户组、其他人的权限,权限有r、w、x三种 - 如果文件名前多一个
.,则代表这个文件为隐藏文件 - 如果需要
root用户的权限时,可以使用su —来切换身份,操作完毕时,使用exit离开su的命令环境 - 更改文件所属用户组,可以使用
chgrp,修改文件的拥有者可用chown,修改文件的权限可用chmod - chmod修改权限的方法由两种,分别是符号法与数字法,数字法中的
r、w、x数字分别为4/2/1 - 对于文件而言,权限的功能为:
r:可读取此文件的实际内容,如读取文本文件的文字内容等w:可以编辑、新增或是修改文件的内容(但是不含删除该文件)x:该文件具有可以被系统执行的权限
- 对于目录而言,权限的功能为:
r:读取目录中的内容w:修改目录中的内容x:访问目录
- 要开放目录给任何人浏览时,应该至少给予
r及x的权限,但是w的权限不能随便给 - 是否读取到某个文件的内容,跟该文件所在的目录也有关系(至少需要由
x可执行权限) - FHS制定出来的四种目录为:shareble、unshareable、static、variable等四类
- FHS所定义的三层主目录为:/、/var、/usr三层
- 绝对路径为从
根目录/开始写起,否则就是相对路径
