1. Basic introduction of linux group
In Linux, each user must belong to a group and cannot be independent of the group. In liunx, each file has the concept of owner, group, other groups,
-
owner
-
group
-
other groups
-
Change user group
2. File/directory owner
Generally, it is the creator of the file. Whoever creates the file naturally becomes the owner of the file.
2.1. View the owner of the file
-
Command: ls -ahl
-
Application example: create a group police, create a user tom, put tom in the police group, and then use tom to create a file ok.txt to see how it goes
2.2. Modify the file owner
-
Command: chown username filename
-
Applications
Requirement: Create a file apple.txt with root and change its owner to tom
2.3. Creation of groups
-
Basic instructions:
groupadd group name
-
Applications:
Create a group monster
Create a user fox and put it in the big monster group
3. The group where the file/directory is located
When a user creates a file, the default group of the file is the group of the user.
3.1. View the group where the file/directory is located
basic instructions
Is -ahl
-
Applications
3.2.
Modify the group where the file is located (key)
-
basic instructions
chgrp groupname filename
-
Applications
Use the root user to create the file orange.txt, see which group the file belongs to, and then modify the group where the file is located to the police group
3.3. Other groups
Except for the owner of the file and the user in the group, other users of the system are other groups of the file.
3.4. Change the user's group
When adding a user, you can specify which group the user is added to, and the same group that a user belongs to can be changed with root's administrative authority.
-
Change user group
1) usermod -g group name username
2) usermod -d directory name The user name changes the initial directory where the user logs in.
-
Applications
Create a bandit group (bandit) Change the user tom from the police group to the bandit group.
3.5. Basic introduction to permissions
What is displayed in Is -l is as follows:
-rwxrw-r-- 1 root root 1213 Feb 2 09:39 abc
0-9 bit description
1) Bit 0 determines the file type (d,-.I,c,b)
2) Bits 1-3 determine the permissions of the owner (the owner of the file) to have the file. one-User
3) Bits 4-6 determine that the group to which you belong (same user group) has the permission of the file, --Group
4) Bits 7-9 determine the permissions of other users to have the file -Other
4. Detailed explanation of rwx permissions
rwx works on files
1) [r] stands for readable (read): can read, view
2) [w] stands for writable (write): it can be modified, but it does not mean that the file can be deleted. To delete a file, the prerequisite is to have write permission to the directory where the file is located, in order to delete the file.
3) [x] represents executable (execute): can be executed
rwx acts on the directory
1) [r] stands for readable (read): can be read, Is to view the contents of the directory
2) [w] represents writable (write): can be modified, create + delete + rename directory in the directory
3) [x] represents executable (execute): you can enter the directory
5. Practical cases of file and directory permissions (
emphasis
)
What is shown in Is -I is as follows:
-rwxrw-r-- 1 root root 1213 Feb 2 09:39 abc
10 characters to determine what different users can do with the file
The first character represents the file type: file (-), directory (d), link (l)
Remaining characters in groups of 3 (rwx) read (r) write (w) execute (x)
The first group of rwx: the permissions of the file owner are read, write and execute
The second group rw-: the permissions of users in the same group as the file owner are read, write but cannot execute
The third group r--: the permissions of other users who are not in the same group as the file owner are read, write, and execute
Available numbers are expressed as: r=4,w=2,x=1 so rwx=4+2+1=7
1 file:hardlink number or directory:subdirectory number
root user
root group
1213 file size (bytes),
if it is a folder, display 4096 bytes
Feb2 09:39 Date last modified
abc filename
6. Modify permissions - chmod
6.1.
Basic instructions:
With the chmod command, you can modify the permissions of a file or directory.
6.2. The first way: +, 1, == change permissions
u: owner g: all groups o: others a: all (sum of u, g, o)
1) chmod u=rwx,g=rx,o=x file directory name
2) chmod o+w file directory name
3) chmod ax file directory name
6.3. Application examples
1) Give the owner of the abc file read and write permissions, give the group read and execute permissions, and give other groups read and execute permissions.
2) Remove the execute permission to the owner of the abc file and increase the group write permission
3) Add read permissions to all users of the abc file
6.4.
The second way: changing permissions through numbers
Rule: r=4 w=2 x=1 rwx=4+2+1=7
chmod u=rwx,g=rx,o=x file directory name
Equivalent to chmod 751 file directory name
6.5.
Case Demonstration
Requirement: Modify the permissions of the /home/abc.txt file to rwxr-xr-x, and use the method of giving numbers.
Command: chmod 755 /home/abc.txt
7. Modify the file owner - chown
7.1. Basic introduction
chown newowner file Change the owner of the file
chown newowner:newgroup file Change the user's owner and all groups
-R If it is a directory, make all sub-files or directories under it
recursively
take effect
7.2.
Case demonstration:
1) Please change the owner of the /home/abc.txt file to tom
2) Please change the owner of all files and directories in the /home/kkk directory to tom
First we should use the root user to operate.
8. Modify the group where the file is located - chgrp
basic introduction
chgrp newgroup file change all groups of the file
Case demonstration:
Please change the group of the /home/abc.txt file to bandit (bandit)
chgrp bandit /home/bac.txt
Please change the group of all files and directories in the /home/KKK directory to bandit (bandit)
chgrp -R bandit /home/KKK
9. Best Practices - Police and Bandit Games
police,bandit
jack, jerry: the police
xh, xq: bandits
(1) Create a group
bash> groupadd police
bash> groupadd bandit
(2) Create a user
(3) jack creates a file, which can be read and written by himself, and can be read by people in this group, and no one in other groups has any permissions
(4) jack modifies the file so that other groups can read and write, and this group can read and write
(5) xh turns to the police to see if he can read and write.
First use root to modify the group where xh is located:
Use jack to give the group where his home directory /hom/jack is located an rx permission
xh needs to log out, log in again to operate jack's files