Commands learned in this section: chown, chgrp, chmod, openssl, umask
Skills learned in this section:
Detailed explanation of file permissions and their operations
Generating random password commands
Modifying user permissions with mask codes
From the perspective of user login, SHELL type
Talking about the bash configuration file
profile class, the explanation of bashrc class files for
login users and non-login users How Shell reads configuration files
authority management:
r: read , w: write, x: execute
Three types of users :
u: owner, g: group , o: other users
chown USERNAME file,... : Change the file owner (only administrators can use this command)
-R: Change the owner of the directory and its internal files
--reference=/path/to/somefile file,... (refer to the somefile file, set the new file to be the same as the reference file owner and group)
chown USERNAME:GRPNAME file,... : Change the owner and group of the file at the same time
chown USERNAME.GRPNAME file,... : Change the owner and group of the file at the same time
chgrp GRPNAME file,... : Change the file's group (only administrators can use this command)
-R: Modify the group of the directory and its internal files
--reference=/path/to/somefile file,... (refer to somefile file, set the new file and the reference file to belong to the group, the owner is the same)
chmod: modify file permissions
Modify the permissions of three types of users:
(1). Modify three types of user permissions
(2). Modify certain types of users or certain types of user permissions
(3). Modify a certain or certain permissions of a certain type of user
chmod MODE file,...: Modify three types of user permissions
-R: modify directory files together
--reference=/path/to/somefile file,...
chmod user class=MODE file,... : Modify a certain type of user or certain types of user permissions
User category: u,g,o,a
chmod user class +|-MODE file,... : Modify a certain or certain permissions of a certain kind of user
User category: u,g,o,a
openssl: generate password command
practise:
1. Create a new user openstack without a home directory;
# useradd -M openstack
2. Copy /etc/skel to /home/openstack;
# cp -r /etc/skel /home/openstack
3. Change the owner and group of /home/openstack and its internal files to be openstack;
# chown -R openstack:openstack /home/openstack
4. /home/openstack and its internal files, the group and other users do not have any access rights
# chmod -R go= /home/openstack
Verification: su – openstack
5. Manually add user hive, the basic group is hive (5000), and the additional group is mygroup
User permission modification command:
umask: mask code
666-umask: When creating a file, the permission conversion method of the file (the file cannot have execute permission by default, and it will automatically increase by 1)
777-umask: When creating a directory, the file permission conversion method
umask : View the current user's mask code
umask 022 : Modify the mask code of the current user
The file cannot have execute permission by default. If the calculated result has execute permission, add 1 to its permission;
From the perspective of user login, the type of SHELL:
Login shell:
Normally, log in from a terminal
su - USERNAME
su -l USERNAME
Non-login shell:
su USERNAME
Open a command window in the graphical terminal
Automatic execution of shell scripts
bash configuration file:
Global configuration
/etc/profile, /etc/profile.d/*.sh, /etc/bashrc
Personal configuration
~/.bash_profile, ~/.bashrc
Profile class file:
Set environment variables
Run a command or script
bashrc class file:
set local variable
Define command aliases
How does the login shell read configuration files?
/etc/profile --> /etc/profile.d/*.sh --> ~/.bash_profile --> ~/.bashrc --> /etc/bashrc
How to configure files for non-login shell?
~/.bashrc --> /etc/basrc --> /etc/profile.d/*.sh
bash: script interpreter