Use of linux chmod command

Others 2022-04-27 18:23:35 views: 0

chmod命令用来变更文件或目录的权限。In the UNIX system family, the control of file or directory permissions is 读取、写入、执行distinguished by 3 general permissions, and there are 3 special permissions available for use. Users can use the chmod command to change the permissions of files and directories, and the setting method 文字或数字can use code names. The permissions of the symbolic link cannot be changed. If the user modifies the permissions on the symbolic link, the change will be applied to the linked original file.

Linux users are divided into: owner, group (Group), other (other)

1. All account and general identity users in the system, as well as root-related information, are recorded in the /etc/passwdfile.
cat /etc/passwd

write picture description here

 注册名:密码:用户id:组id:用户名:用户主目录:命令解释程序
  • 1. Login name (login_name): used to distinguish different users. Registration names are unique within the same system. On many systems, this field is limited to 8 characters (letters or numbers) in length; and be aware that in Linux systems are usually case sensitive. This is different from MSDOS/Windows.
  • 2. Password (passwd): The system uses the password to verify the legitimacy of the user. The super user root or some advanced users can use system commands to change the passwords of all users in the system, and ordinary users can also use commands to change their own passwords passwdafter logging in to the system .passwd
  • 3. In the current Unix/Linux system, the password is no longer directly stored in the passwd file. Usually, the password field in the passwd file is replaced by an "x", which will be /etc/shadowused as a real password file to save the password including the personal password in the file. data within. Of course, shadow files cannot be read by ordinary users, only 超级用户they have the right to read them.
    In addition, it should be noted that if the first character in the password field is “*”yes, it means that the account is blocked, and the system does not allow the user who holds the account to log in.  
  • 4. User identification number (UID): UID is a numerical value and is the only user identification in the Linux system, which is used to distinguish different users. The UID field is used when managing process and file protection internally in the system. In Linux systems, 注册名和UIDit can be used to identify users, but UID is more important for the system; and the registered name is more convenient for users to use. For some specific purposes, there may be multiple users with different registered names but the same UID in the system. In fact, these users with different registered names are actually the same user.
  • 5. Group ID (GID): This is the default workgroup ID of the current user. Multiple users with similar attributes can be assigned to the same group, and each group has its own group name and is distinguished by its own
    group ID. Like the UID, the user's group identification number is also stored in the passwd file. In modern Unix/Linux, each user can belong to multiple groups at the same time. In addition to specifying the basic group to which it belongs in the passwd file, it also /etc/groupspecifies the users that a group contains in the file.
  • 6. User name (user_name): Contains some information about the user, such as the user's real name, office address, contact number, etc. In Linux systems, programs such as mail and finger use this information to identify users of the system.
  • 7. User home directory (home_directory): This field defines the home directory of an individual user. When the user logs in, his Shell will use this directory as the user's working directory. In Unix/Linux systems, the working directory of the super user root is /root; while other individual users /homehave their own independent working environment in the directory, the system configures their own home directory for each user in this directory. Individual user files are placed in their respective home directories.

  • 8. Command Interpreter (Shell): Shell is the name of the program that runs when the user logs in to the system, usually the full path name of a Shell program, such as /bin/bash.

1. It should be noted that system administrators usually do not need to modify the passwd file directly. Linux provides some account management tools to help system administrators create and maintain user accounts.
2. The Linux password management /etc/passwdfile is one of the key files for Linux/UNIX security. This file is used to verify the user's password when logging in, of course, it should only be writable by root. The general format of each line in the file is:

 LOGNAME:PASSWORD:UID:GID:USERINFO:HOME:SHELL

The first two items of each line are the login name and the encrypted password, the last two numbers are the UID and GID, the next item is any information about the user that the system administrator wants to write, and the last two items are the two paths Name: One is the HOME directory assigned to the user, and the second is the shell that will be executed after the user logs in (defaults to a space /bin/sh).

2. Everyone's password is recorded in the /etc/shadowfile.
cat /etc/shadow

write picture description here

  • 1. Account name: Since the password also needs to correspond to the account number~ Therefore, the first column of this file is the account number, which must be the /etc/passwdsame as !
  • 2. Password: This is the real password, and it is an encoded password! You will only see letters with some special symbols and that's it! It should be noted that although these encrypted passwords are difficult to be solved, 'difficult' does not mean 'won't', so the default attribute of this file is '-rw——-' or '- r——–', that is, rootonly can read and write! You have to pay attention at all times, don't accidentally change the properties of this file! In addition, if the first character in the password field is ' * ' or ' ! ', it means that this account will not be used to log in. So in case one of your users is not good, you can add one more to the front of his password field in this file first *! Hey-hey! He can't use the account! Until he becomes obedient, enable him again!
  • 3. Date of the latest password change: This field records the date of the 'the day when the password was changed', but it's very strange! How could it be 12959 in my example? Oh, this is because the time to calculate the Linux date is January 1, 1970 as 1, and January 1, 1971 is 366! So this date is cumulative! Please pay attention to this information! Then the most recent January 1, 2005 is 12784.
  • 4. The number of days that the password cannot be changed: The fourth column records the number of days before the password of this account can be changed! If it is 0, it means that the password can be changed at any time. This restriction is designed to fear that the password will be changed again and again by some people! If it is set to 20 days, then after you set a password, you cannot change the password within 20 days!
  • 5. The number of days that the password needs to be re-changed: Because of the fear that the password will be stolen by some 'intelligent people' and endanger the security of the entire system, this field is designed. You must reset your password within this time, otherwise the account will be temporarily invalid. And if it is like 99999 above, it means, hehe, the password does not need to be re-entered! However, if it is for security, it is best to set a period of time and strictly require users to change their passwords!
  • 6. The warning period before the password needs to be changed: when the password expiration period of the account is about to expire, which is the time when the above 'password must be changed', the system will issue a 'warning' statement according to the setting of this field Give this account, remind him 'in another n days your password will expire, please reset your password as soon as possible! ', as in the above example, within 7 days before the password expires, the system will warn the user.
  • 7. The time limit for password expiration: If the user does not re-enter the password after the warning period, the password will be invalid, that is to say, you have not changed your password before the period of 'must change the password! 'Then this group of passwords is called 'invalid password'~ What should I do? It doesn't matter, there is also the design of the number of days in this field~ It means that when the password expires, you can still use this password to log in within n days. And if the password is still not changed after this number of days, huh! Then your account is invalid! Can't log in!
  • 8. Account expiration date: This date, like the third field, is set using the total number of days since 1970. This field means: This account will no longer be available after the date specified in this field. This field will usually be used in 'paid service' systems, you can specify a date when the account can no longer be used!
  • 9. Reserved: The last field is reserved, see if there are new functions added in the future.
3. All group names are /etc/grouprecorded !
cat /etc/group

write picture description here

  • 1. Group name: The group name is the name of the user group, which consists of letters or numbers. As with login names in /etc/passwd, group names should not be repeated.
  • 2. Password: The password field stores the encrypted password of the user group. Generally, the user groups of Linux systems do not have passwords, that is, this field is generally empty or *.
  • 3. Group identification number: The group identification number is similar to the user identification number, and is also an integer, which is used internally by the system to identify the group. Also known as GID.
  • 4. User list in the group: It is a list of all users belonging to this group. Different users are separated by commas (,). This user group may be the user's primary group, or it may be an additional group.
parameter meaning
u User, the owner of the file or directory
g Group, that is, the group to which the file or directory belongs;
O Other, except for the file or directory owner or group, other users belong to this scope;
a All, that is, all users, including the owner, the group they belong to, and other users;
r Read permission, the number code is "4";
w Write permission, the digital code is "2";
x Execute or switch permissions, the digital code is "1";
- Does not have any authority, the digital code is "0";
s Special function description: Change the permissions of files or directories.

example:

chmod a+x app.txt  //为app.txt的文件添加执行权限
chmod a-x app.txt  //为app.txt的文件去除执行权限
chmod u+x,g+x,o+x app.txt
chmod 111 app.txt

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325766623&siteId=291194637
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com