1. set uid
This permission is for binary executable files, and ordinary users temporarily have the permission of the owner of the file when executing the file. The command to set this permission is: chmod u+s filename , and the command to remove this permission is chmod us filename
[root@test-01 ~]# ls -l /usr/bin/passwd
-rwsr-xr-x. 1 root root 27832 6月 10 2014 /usr/bin/passwd
[root@test-01 ~]# which ls
alias ls='ls --color=auto'
/usr/bin/ls
[root@test-01 ~]# ls -l /usr/bin/ls
-rwxr-xr-x. 1 root root 117616 6月 10 2014 /usr/bin/ls
[root@test-01 ~]# chmod u+s /usr/bin/ls
[root@test-01 ~]# !ls
ls -l /usr/bin/ls
-rwsr-xr-x. 1 root root 117616 6月 10 2014 /usr/bin/ls
[root@test-01 ~]# su lichao
[lichao@test-01 root]$ whoami
lichao
[lichao@test-01 root]$ ls
ls: 无法打开目录.: 权限不够
[lichao@test-01 root]$ ls
4 anaconda-ks.cfg
The above two pieces of code need to be interspersed. When the /use/bin/ls set_uid permission is not given at the beginning, ordinary users cannot use this command, and then execute the command chmod u+s /usr/bin/ls to make ordinary users When executing ls, I temporarily have root privileges, so I can execute it.
2. set gid
The set gid attribute can be applied to binary executables as well as directories. When used on executable files, it is similar to set uid, it will make ordinary users have the permissions of the group to which the file belongs when executing the file. After a directory is set to this attribute, any files created by users in this directory will have the same group as the group to which the directory belongs.
[root@test-01 tmp]# chmod g+s /tmp/1
[lichao@test-01 tmp]$ touch /tmp/1.txt
[lichao@test-01 tmp]$ touch /tmp/1/2.txt
[lichao@test-01 tmp]$ ls -l /tmp
总用量 4
drwxr-srwx. 3 root root 4096 12月 23 07:20 1
-rw-rw-r--. 1 lichao lichao 0 12月 23 07:17 1.txt
-rw-------. 1 lc1 lc1 0 12月 12 17:07 yum.log
[lichao@test-01 tmp]$ ls -l /tmp/1
总用量 4
drwxr-xr-x. 2 root root 6 12月 23 03:25 2
-rw-rw-r--. 1 lichao root 0 12月 23 07:20 2.txt
[lichao@test-01 tmp]$
三、sticky bit
Anti-deletion bit, whether the file can be deleted by the user mainly depends on whether the user has write permission to the directory where the file is located. If you add a new file but cannot delete files of other users, you need to change the attribute. After setting this attribute, even if the user has write permission to the directory, the files of other users cannot be deleted.
[root@test-01 tmp]# chmod 777 /tmp/1 给一个目录赋予777的权限
[root@test-01 tmp]# touch /tmp/1/123.t 在该目录下创建一个空文件
[root@test-01 tmp]# su lichao 切换到普通用户
[lichao@test-01 tmp]$ rm -f /tmp/1/123.t 使用普通用户删除该文件
[lichao@test-01 tmp]$ tree /tmp/1 成功删除
/tmp/1
├── 1.txt
├── 1_txt.swn
├── 1_txt.swo
├── 1_txt.swp
├── 2
└── 2.txt
[root@test-01 ~]# chmod o+t /tmp/1 给这个目录添加sticky bit 属性
[root@test-01 ~]# touch /tmp/1/123.t 使用root再次创建123.t空文件
[root@test-01 ~]# tree /tmp/1 查看创建结果
/tmp/1
├── 123.t
├── 1.txt
├── 1_txt.swn
├── 1_txt.swo
├── 1_txt.swp
├── 2
└── 2.txt
1 directory, 6 files
[lichao@test-01 tmp]$ rm -f /tmp/1/123.t 使用普通用户,再次删除该目录下的文件
rm: 无法删除"/tmp/1/123.t": 不允许的操作 无法删除
[lichao@test-01 tmp]$
Fourth, soft links, hard links
Soft link is equivalent to a shortcut in windows, its command is ln -s source file shortcut. Different from other commands, this command is executed, and the source file is placed in front
[root@test-01 ~]# cp /etc/passwd /tmp/1
[root@test-01 ~]# tree /tmp
/tmp
├── 1
│ ├── 123.t
│ ├── 1.txt
│ ├── 1_txt.swn
│ ├── 1_txt.swo
│ ├── 1_txt.swp
│ ├── 2
│ ├── 2.txt
│ └── passwd
├── 1.txt
└── yum.log
2 directories, 9 files
[root@test-01 ~]# ln -s /tmp/1/passwd /root/pawd
[root@test-01 ~]# ls -l /root
总用量 4
drwxr-xr-x. 2 root root 6 12月 19 08:17 4
-rw-------. 1 root root 973 12月 12 17:09 anaconda-ks.cfg
lrwxrwxrwx. 1 root root 13 12月 23 08:01 pawd -> /tmp/1/passwd
[root@test-01 ~]#
ln -s can also be used for directories, that is, directories can also be soft links, but once the source file is lost, the soft link will prompt an error.
Hard links Hard links cannot be used on directories, nor can they be made across partitions. The source files can be deleted after completing the hard links, and the hard links are not affected. Hard links are equivalent to a layer of skin on the source file