1. User, Group and Others
Linux is a multi-user and multi-task operating system. There may be multiple users logging in to the system at the same time. Considering the security of files and other issues, all files under Linux belong to a specific user (user). For example, we use the username user1 logs in to the system, user1 creates a file diary.txt in his working directory to record his diary, then the user of diary.txt is user1, there may be other users in the system, and user1 does not want others to read him At this time, user1 can control the access of all users on the host to his diary by setting the permissions of the diary (set it to be readable and writable by himself, and other users have no permission). With users, why should there be a concept of a group? Sometimes for a file, we want to set one permission for users in the same group and another permission for users outside the group. Imagine a situation where user1 suddenly wants another user user2 on the host to read it. My own diary, but the permission set before is that only oneself can read and write, others have no access rights, and user1 only wants to increase the access rights of user2, then it can be easily solved through the group, the method is to add user1 and user2 to In the same group group1, then add read permission to group1, so that user2 in group group1 can also read user1's journal, and other users (Others) not in the group still cannot access user1's journal.
Under Linux, users are recorded in the /etc/ passwd file, user passwords are recorded in the /etc/shadow file, and group names are recorded in the /etc/group file.
2. File permissions under linux
You can use the command ls -al to view the file permissions in the current directory. For example, after I enter the download directory, ls -al , as shown below
The first column represents the type and permissions of the file. Take -rwxrwxrwx as an example , we can divide it into 4 parts, as shown below:
where type indicates the type of file:
- When it is [ d], it is a directory;
- When it is [ -], it is a normal file;
- If it is [ l ], it is represented as a link (link file);
- If it is [ b ], it means the interface device (random access device) that can be stored in the device file;
- If it is [ c ], it means the serial port device in the device file, such as keyboard, mouse (one-time read device).
The characters after [-] analyze their meanings in groups of 3, where r stands for read, w stands for write, and x stands for execute, so the above meaning is the file data_format.zip pair The file owner is readable, writable and executable (rwx), readable, writable and executable (rwx) for users in the group to which the file belongs, and readable, writable and executable (rwx) for other users, that is, for all users. Readable, writable and executable.