### Permissions
Change the owner of the file: chown
````
chown [OPTION]... [OWNER][:[GROUP]] FILE...
Usage:
OWNER
OWNER:GROUP The colon in the
:GROUP command can be used. Replace - R: Recursive chown [OPTION]... --reference=RFILE FILE... ``` Example: ``` su root -c 'chown zhang1.zhang1 ff1' Password: [zhangxiao@localhost ~]$ ``` - #### Modify the group of files: chgrp ``` chgrp [OPTION]... GROUP FILE... chgrp [OPTION]... --reference=RFILE FILE... `` ` Example``` chgrp zhangxiao ff1 [zhangxiao@localhost ~]$ ll ff1
-rw-rw-r--. 1 zhang1 zhangxiao 0 Apr 5 10:07 ff1
[zhangxiao@localhost ~]$
```
-R recursion
A user's token is obtained when logging in, so once we change the user's After attribute, the new token needs to be logged in again to take effect
- the basic permissions of the directory have three
files :
```
r: You can use the file viewing tool to get its content
w: You can modify its content
x: You can bring this file to the kernel to start as a Process
Directory:
r: You can use ls to view the list of files
in this directory w: You can create files in this directory, or delete files in this directory
x: You can use ls -l to view the list of files in this directory, you can cd to enter This directory
X: only give permission to directory x, not to file x``` #### The permissions of files are basically for three types of people `
` ` owner: owner, u group: group, g other: other, o ``` - #### Modify file permissions: chmod syntax: chmod (option) (parameter) > common options: -R or --recursive: recursive processing, process all files and subdirectories in the command directory together;
> --reference=<reference file or directory>: Set the group of the specified file or directory to the same group as the reference file or directory;
```
chmod u+x,g+w ff1 //For The file f01 can be executed by itself, and the group members can write permissions
chmod u=rwx,g=rw,o=r f01
chmod 764 f01
chmod a+x f01 //Set the u,g,o of the file f01 to be executable Attribute
```
- #### umask
The essential meaning of umask is to cancel the corresponding permissions (binary pair cancellation)
> Normally, the newly created file permissions are: 666-umask (parallel subtraction)
> The newly created folder is full yes yes: 777-umask
umask usage
umask (022)
- #### SUID permissions are represented by the number 4
```
When a user executes a program, temporarily integrate the permissions of its program owner
Only valid for binary executable programs
SUID is set in Meaningless on a directory
Permission setting:
chmod u+s FILE...
chmod us FILE...
```
SGID: number 2 means
```
Whether any executable program file can be started as a process: depends on the initiator Whether to have execute permission on the program file
After starting as a process, the group
of the process is the group of the original
program file The group to which the newly created file integration directory belongs - #### Sticky bit: sticky is represented by a number 1. Generally , the sticky bit is used for folders, so that files in the folder can only be deleted by the owner of the file. Usage: chmod o+ t diename - #### chattr syntax: chattr (option) + (attribute) file or directory option : ``` -R: Recursive processing, process all files and subdirectories under the command directory together; -V: Display Command execution process; +<attribute>: open the attribute of the file or directory; -<attribute>: close the attribute of the file or directory; =<attribute>: specify the attribute of the file or directory. ```` Attribute: ``` a: (Only append content to the file) A: Lock the read time b: Do not update the last access time of the file or directory; c: Compress the file or directory and store it; d: Compress the file or directory or the directory is excluded from the dumping operation; i: no file or directory may be altered arbitrarily; s: confidential deletion of the file or directory;
S: Instantly update files or directories;
u: Prevent accidental deletion
```
Note: lsattr can view locked files
- ### ACL
ACL permissions are given to files or directories for people other than the owner, the group they belong to, and others Set permission
command
setfacl
```
-m increase permission
-x delete permission
-b delete all acl permissions of a file or directory
-K: delete the default ACL permission
Example :
[zhangxiao@localhost ~]$ setfacl -mu:zhang1:6 ff2
[ zhangxiao@localhost ~]$ getfacl ff2
# file: ff2
# owner: zhangxiao
# group: zhangxiao
user::rw-
user:zhang1:rw-
group::rw-
mask::rw-
other::r--
[zhangxiao@ localhost ~]$
```
Use getfacl+file name to view all permissions of files including acl permissions
##### mask permissions
The mask gives the file a high permission limit, which is valid for everyone except the owner and other.
Use setfacl -m mask::[0 (permission)] | + file name
- ### Text processing tool
- WC
syntax wc (option) (parameter )
WC+ filename defaults to display the number of lines of the file: words (space separated): bytes:
```
-c or --bytes or --chars: only display the number of bytes;
-l or --lines: only display the number of columns ;
-w or --words: Display only word counts.
``` `Example````
[ root@localhost data]# wc fstab 12 60 541 fstab ``` - #### cut cuts the text in a column and displays it Syntax : cut [options] + parameters ``` Options: -d: The delimiter of the specified field, the default field delimiter is "TAB"; -f: Display the content of the specified field; -f can output a single field or multiple fields, and multiple consecutive fields are connected with (-) to be discontinuous Fields are connected with (,) --out-delimiter=<field delimiter>: specify the field delimiter that the output content is; -c: display only the characters in the specified range in the line `` ` example```
[root@localhost data]# cut fstab -d' ' -f3
#
by
#
filesystems,
man
#
[root@localhost data]#
```
- #### sort
syntax: sort[
options
options```
:-f: When sorting, treat lowercase letters as uppercase letters;
-r: Sort in reverse order;
-t<separation character>: Specify the column separation character used in sorting;
-k: Indicates that the specified field is sorted
-n: sort by numerical size
-u: remove duplicates
````
```
Example:
[root@localhost data]# sort -t: -k3 /etc/passwd
root:x:0:0:root:/root: /bin/bash
zhangxiao:x:1000:1000:zhangxiao:/home/zhangxiao:/bin/bash
xiaoxiao:x:1001:1001::/home/xiaoxiao:/bin/bash
zhang:x:1002:1002:: /home/zhang:/bin/bash
zhang1:x:1003:1003::/home/zhang1:/bin/bash
zhang3:x:1004:1004::/home/zhang2:/bin/bash
tomcat:x:1005:1005::/home/tomcat: /bin/bash
qemu:x:107:107:qemu user:/:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/ :/sbin/nologin
bin:x:1:1:bin:/bin:/sbin/nologin
```
- #### uniq
usage: uniq [Option] Usually use ``` -c
with sort to display each line number of repetitions -d show only duplicated lines -u show only non-duplicated lines ``` - #### diff ``` The output of the diff command is saved in a file called a "patch" Use -u Option to output "unified" diff format files, best for patch files
$ diff -u foo.conf foo2.conf > foo.patch
$ patch -b foo.conf foo.patch
```
Change the owner of the file: chown
````
chown [OPTION]... [OWNER][:[GROUP]] FILE...
Usage:
OWNER
OWNER:GROUP The colon in the
:GROUP command can be used. Replace - R: Recursive chown [OPTION]... --reference=RFILE FILE... ``` Example: ``` su root -c 'chown zhang1.zhang1 ff1' Password: [zhangxiao@localhost ~]$ ``` - #### Modify the group of files: chgrp ``` chgrp [OPTION]... GROUP FILE... chgrp [OPTION]... --reference=RFILE FILE... `` ` Example``` chgrp zhangxiao ff1 [zhangxiao@localhost ~]$ ll ff1
-rw-rw-r--. 1 zhang1 zhangxiao 0 Apr 5 10:07 ff1
[zhangxiao@localhost ~]$
```
-R recursion
A user's token is obtained when logging in, so once we change the user's After attribute, the new token needs to be logged in again to take effect
- the basic permissions of the directory have three
files :
```
r: You can use the file viewing tool to get its content
w: You can modify its content
x: You can bring this file to the kernel to start as a Process
Directory:
r: You can use ls to view the list of files
in this directory w: You can create files in this directory, or delete files in this directory
x: You can use ls -l to view the list of files in this directory, you can cd to enter This directory
X: only give permission to directory x, not to file x``` #### The permissions of files are basically for three types of people `
` ` owner: owner, u group: group, g other: other, o ``` - #### Modify file permissions: chmod syntax: chmod (option) (parameter) > common options: -R or --recursive: recursive processing, process all files and subdirectories in the command directory together;
> --reference=<reference file or directory>: Set the group of the specified file or directory to the same group as the reference file or directory;
```
chmod u+x,g+w ff1 //For The file f01 can be executed by itself, and the group members can write permissions
chmod u=rwx,g=rw,o=r f01
chmod 764 f01
chmod a+x f01 //Set the u,g,o of the file f01 to be executable Attribute
```
- #### umask
The essential meaning of umask is to cancel the corresponding permissions (binary pair cancellation)
> Normally, the newly created file permissions are: 666-umask (parallel subtraction)
> The newly created folder is full yes yes: 777-umask
umask usage
umask (022)
- #### SUID permissions are represented by the number 4
```
When a user executes a program, temporarily integrate the permissions of its program owner
Only valid for binary executable programs
SUID is set in Meaningless on a directory
Permission setting:
chmod u+s FILE...
chmod us FILE...
```
SGID: number 2 means
```
Whether any executable program file can be started as a process: depends on the initiator Whether to have execute permission on the program file
After starting as a process, the group
of the process is the group of the original
program file The group to which the newly created file integration directory belongs - #### Sticky bit: sticky is represented by a number 1. Generally , the sticky bit is used for folders, so that files in the folder can only be deleted by the owner of the file. Usage: chmod o+ t diename - #### chattr syntax: chattr (option) + (attribute) file or directory option : ``` -R: Recursive processing, process all files and subdirectories under the command directory together; -V: Display Command execution process; +<attribute>: open the attribute of the file or directory; -<attribute>: close the attribute of the file or directory; =<attribute>: specify the attribute of the file or directory. ```` Attribute: ``` a: (Only append content to the file) A: Lock the read time b: Do not update the last access time of the file or directory; c: Compress the file or directory and store it; d: Compress the file or directory or the directory is excluded from the dumping operation; i: no file or directory may be altered arbitrarily; s: confidential deletion of the file or directory;
S: Instantly update files or directories;
u: Prevent accidental deletion
```
Note: lsattr can view locked files
- ### ACL
ACL permissions are given to files or directories for people other than the owner, the group they belong to, and others Set permission
command
setfacl
```
-m increase permission
-x delete permission
-b delete all acl permissions of a file or directory
-K: delete the default ACL permission
Example :
[zhangxiao@localhost ~]$ setfacl -mu:zhang1:6 ff2
[ zhangxiao@localhost ~]$ getfacl ff2
# file: ff2
# owner: zhangxiao
# group: zhangxiao
user::rw-
user:zhang1:rw-
group::rw-
mask::rw-
other::r--
[zhangxiao@ localhost ~]$
```
Use getfacl+file name to view all permissions of files including acl permissions
##### mask permissions
The mask gives the file a high permission limit, which is valid for everyone except the owner and other.
Use setfacl -m mask::[0 (permission)] | + file name
- ### Text processing tool
- WC
syntax wc (option) (parameter )
WC+ filename defaults to display the number of lines of the file: words (space separated): bytes:
```
-c or --bytes or --chars: only display the number of bytes;
-l or --lines: only display the number of columns ;
-w or --words: Display only word counts.
``` `Example````
[ root@localhost data]# wc fstab 12 60 541 fstab ``` - #### cut cuts the text in a column and displays it Syntax : cut [options] + parameters ``` Options: -d: The delimiter of the specified field, the default field delimiter is "TAB"; -f: Display the content of the specified field; -f can output a single field or multiple fields, and multiple consecutive fields are connected with (-) to be discontinuous Fields are connected with (,) --out-delimiter=<field delimiter>: specify the field delimiter that the output content is; -c: display only the characters in the specified range in the line `` ` example```
[root@localhost data]# cut fstab -d' ' -f3
#
by
#
filesystems,
man
#
[root@localhost data]#
```
- #### sort
syntax: sort[
options
options```
:-f: When sorting, treat lowercase letters as uppercase letters;
-r: Sort in reverse order;
-t<separation character>: Specify the column separation character used in sorting;
-k: Indicates that the specified field is sorted
-n: sort by numerical size
-u: remove duplicates
````
```
Example:
[root@localhost data]# sort -t: -k3 /etc/passwd
root:x:0:0:root:/root: /bin/bash
zhangxiao:x:1000:1000:zhangxiao:/home/zhangxiao:/bin/bash
xiaoxiao:x:1001:1001::/home/xiaoxiao:/bin/bash
zhang:x:1002:1002:: /home/zhang:/bin/bash
zhang1:x:1003:1003::/home/zhang1:/bin/bash
zhang3:x:1004:1004::/home/zhang2:/bin/bash
tomcat:x:1005:1005::/home/tomcat: /bin/bash
qemu:x:107:107:qemu user:/:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/ :/sbin/nologin
bin:x:1:1:bin:/bin:/sbin/nologin
```
- #### uniq
usage: uniq [Option] Usually use ``` -c
with sort to display each line number of repetitions -d show only duplicated lines -u show only non-duplicated lines ``` - #### diff ``` The output of the diff command is saved in a file called a "patch" Use -u Option to output "unified" diff format files, best for patch files
$ diff -u foo.conf foo2.conf > foo.patch
$ patch -b foo.conf foo.patch
```