3.2 Linux file directories and permissions
3.2.1 Types of documents
Common files: plain text files, binary files, data format files
Directory
connection files
Device and device files
Socket: Data interface file, usually used for data connection on the network. The first attribute is s, and this file type can usually be seen in the /var/run directory.
Pipeline (FIFO, pipe): Its main purpose is to solve the error problem caused by multiple programs accessing a file at the same time. The first attribute is p
3.2.2 Linux system directory structure
Directory structure of Linux system directories
table of Contents | Description |
---|---|
/bin | bin is the abbreviation of Binary, this directory stores the most frequently used commands |
/boot | Stored here are some core files used when starting Linux, including some connection files and mirror files |
/dev dev | It is the abbreviation of Device (device). The directory stores the external devices of Linux. The way of accessing the device in Linux is the same as that of accessing files. |
/etc | This directory is used to store all the configuration files and subdirectories needed for system management |
/home | The user’s home directory. In Linux, each user has its own directory. Generally, the directory name is named after the user’s account. |
/lib | The most basic dynamic link shared library of the system is stored in this directory, and its function is similar to the DLL file in Windows. Almost all applications need to use these shared libraries |
/lost+found | This directory is generally empty. When the system is shut down illegally, some files are stored here |
/media | The linux system will automatically recognize some devices, such as U disk, CD-ROM, etc., after recognition, linux will mount the recognized device to this directory |
/ mnt | The system provides this directory to allow users to temporarily mount other file systems. We can mount the CD-ROM drive on /mnt/, and then enter the directory to view the contents of the CD-ROM drive |
/opt | This is the directory for installing additional software on the host. For example, if you install an ORACLE database, you can put it in this directory. Default is empty |
/proc | This directory is a virtual directory, it is a mapping of system memory, we can directly access this directory to obtain system information. The content of this directory is not on the hard disk but in the memory. We can also directly modify some files in it. For example, you can use the following command to block the host's ping command so that others cannot ping your machine echo 1> /proc/ sys/net/ipv4/icmp_echo_ignore_all/root: This directory is the user home directory of the system administrator, also known as the super authority. |
/sbin | s is the meaning of Super User, here is the system management program used by the system administrator |
/selinux | This directory is unique to Redhat/CentOS. Selinux is a security mechanism, similar to windows firewall, but this mechanism is more complicated. This directory is for storing selinux related files. |
/srv | This directory stores some data that needs to be extracted after the service is started |
/sys | This is a big change in the linux2.6 kernel. A new file system in the 2.6 kernel is installed in this directory. The sysfsysfs file system integrates the following three file system information: the proc file system for process information, the devfs file system for devices, and the devpts file system for pseudo-terminals. The file system is an intuitive reflection of the kernel device tree. When a kernel object is created, the corresponding files and directories are also created in the kernel object subsystem |
/tmp | This directory is used to store some temporary files |
/usr | This is a very important directory. Many user applications and files are placed in this directory, similar to the program files directory under windows |
/usr/bin | Applications used by system users |
/usr/sbin | More advanced management programs and system daemons used by super users |
/usr/src | The default storage directory of the kernel source code |
/where | This directory contains things that are constantly expanding, and we are accustomed to placing those frequently modified directories in this directory. Includes various log files |
/run | It is a temporary file system that stores information since the system was started. When the system restarts, the files in this directory should be deleted or cleared. If you have a /var/run directory on your system, you should make it point to run |
3.2.3 Linux file attributes
After logging in to Linux as the root user, execute the ls -al command to display detailed information about all files and folders in the current directory, including hidden. And...
The file attribute diagram is as follows:
character | Means |
---|---|
d | table of Contents |
- | file |
l | Link file |
b | Interface devices available for storage in the device file |
c | Serial port devices in the device file, such as mouse, keyboard, etc. |
The 9 characters after the file attribute are grouped with 3 bits, which are all combinations of rwx. Where r stands for readable, w stands for writable, and x stands for executable. Note that the position of the 3 permissions will not change. If there is no permission, a minus sign (-) will appear.
- The first group is "the permissions of the file owner"
- The second group is "user group permissions"
- The third group is the
number of connections for "other than this user group's permissions" : it indicates how many file names are connected to this node.
File owner: indicates the
user group of the file's "owner's account" file belongs to:
file size: indicates this file The default unit is
the time when the B file was last modified: the file’s creation date or the most recent modification date.
File name: the file name of the corresponding file.
If there is a "." before the file name, it means that the file is a "hidden file". When the list of hidden files is displayed, the -a parameter can be added. ls -al.
3.2.4 Change file permissions and attributes
chgrp: change the user group to which the file belongs
chown: change the file owner
chmod: change the file permissions
Change the user group the file belongs to
chgrp 【-R】 dirname/filename ...
-R: Carry out recursive continuous changes, and all files and directories in the subdirectories are updated to the meaning of this user group. It is often used to change all files in a directory.
example:
chgrp hy install.log
Change the user group of the install.log file to the hy user group. Note that the hy user group must exist in the /etc/group file.
Change the owner of the file
chown [-R] 账号名称 文件或目录
chown [-R] 账号名称:组名 文件或目录
-R: Also a recursive subdirectory.
example:
chown bin install.log
chown root:root install.log
改变文件所有者和用户组的这两个命令的应用场景:复制文件,由于复制行为会复制执行者的属性和权限,因此复制后需要改变文件所属用户、用户组等。
改变文件的权限
文件权限有两种设置方法:数字类型改变权限和符号改变权限。
首先说明各个权限对应的数字:
- r: 4
- w: 2
- x: 1
每种身份各自的三个权限分数是需要累加的。
例如:权限为(-rwxrwx—)分数分表是: - owner = rwx = 4+ 2 + 1 = 7
- group = rwx = 4+ 2+ 1 = 7
- others = — = 0+0 +0 = 0
所以在设置权限时,该文件的权限数字就是770.
- 数字类型改变文件权限方式
命令:
chmod [-R] xyz 文件或目录
- xyz : 代表权限数字。如770.
- -R : 进行递归的持续更改。
范例:
chmod 777 .bashrc
将文件.bashrc这个文件的所有权限设置都启用。
2) 符号类型改变文件权限方式
使用u、g、o三个字母代表user、group、others 3中身份。此外a代表all,即所有身份。
范例:
chmod u=rwx,go=rx .bashrc
也可以增加或去除某种权限。
chmod a+w .bashrc
chmod a-x .bashrc
3.2.5 目录和文件权限的意义
权限对于文件的意义
- r(read):可读取此文件的实际内容
- w(write):可以编辑、新增或修改文件的内容(但是不含删除该文件)
- x(execute):该文件具有可以被系统执行的权限。
The relationship between files and directories The
main content of the directory is to record a list of file names, which are strongly related to the directory.
r (read): It means that you have the permission to read the directory structure list. When you have the permission to read a directory, it means that you can query the file name data in the directory, and you can use the ls command to display the contents of the directory.
w (write): It is very powerful for directories. Indicates that you have the authority to change the directory structure.
- Create new files and directories
- Delete existing files and directories
- Rename an existing file or directory
- Transfer files and directories in the directory
x (execute): The x permission of the directory represents whether the user can enter the directory and become the working directory.
Therefore, when you want to open the directory for anyone to browse, you should at least grant r and x permissions, but w permissions can't be given casually.