1. There are two types of users under Linux:
Super user ( root ) : can do anything under the system.
Ordinary users: do limited things
Ordinary users are restricted by superusers.
1. Basic permissions of the system
(1) r (read): For files, it has the permission to read the file, and for the directory, it has the permission to browse the directory
( 2) w (write): For files, it has the permission to modify the file, and for the directory, it has the permission to delete and move the directory.
( 3) x (execute): execute has the permission to execute the file for the file, and has the permission to enter the directory for the directory
3. The expression method of file permissions
( 1) Character representation
"-": indicates that the permission is not available
Example: r - read only
(2) Numerical representation
Example: wx: octal representation as 3 binary digits 011
4. Permission to enter the directory
( 1 ) How to change permissions
Letters: chmod u+r code through letters, make permission changes to g, u, o,
Number: change its Example: chmod 664 code
( 2 ) Permission authentication for entering the directory
chmod user1 f1
5. Execute actions such as adding, deleting, checking (touch, ls, rm, mv) and other files in the directory, and the required permissions (for example, the haha directory)
1:touch
( 1) First delete the readable and writable permissions (chmod u- rw). We enter haha, use touch to create a new test, and find that the permissions are not enough.
( 2) First add readable permission to haha (chmod u+r) to enter haha again, use touch, and find that the permission is still not enough.
( 3) When we delete read permission to haha
2: ls
Through the above touch test permission, perform ls and find that the permission is not enough. At this time, we return to the upper directory to add an r permission to new, enter haha again, and ls finds that test appears.
3:mv:
When the directory has only readable and executable permissions, the modification of the file name fails; when the readable and only executable permissions are deleted, the file name modification is successful test->test2.
4:rm
When the directory has only readable and executable permissions, deleting the file test2 fails; when deleting the readable and executable permissions only, the file test2 is successfully deleted.
Important directories under Linux /proc, /sys, /SElinux, /bin, /usr/lib, /usr/local, /var, /tmp
/proc is a file system provided in the linux kernel, a mechanism for accessing kernel data structures and changing kernel settings during operation. proc is a pseudo file system that only exists in memory and does not occupy external memory space. It provides an interface for accessing system kernel data in the manner of a file system. Users and applications can get system information through proc, and can change some parameters of the kernel. Since system information, such as processes, changes dynamically, when a user or an application reads a proc file, the proc file system dynamically reads the required information from the system kernel and submits it.
There are three important directories under /proc: net, scsi and sys
The /sys directory is writable and can be used to access or modify kernel parameters. A proc virtual file may have an internal format, such as /proc/scsi/scsi, which is readable and writable, and the formats for reading and writing are different, representing different operations. String parsing needs to be performed, and when writing, it is necessary to use string formatting to write strings in the specified format for operation; in contrast, the design principle of /sys is that a property file only does one thing, / The sys property file generally has only one value, which can be read or written directly. The entire /proc/scsi directory has been marked obsolete in the kernel and its functionality has been completely replaced by the corresponding /sys properties file. The newly designed kernel mechanism should try to use the /sys mechanism, and keep proc to the pure "process file system".
/SElinux (Security-Enhanced Linux) consists of Kernel SElinux module and user mode tools. When bringing the main value to linux: provides a flexible, configurable MAC mechanism. SElinux is a security architecture that is integrated into Linux Kernel 2.6.x through the LSM framework. It is a joint project of the NSA and SELinux community. Provides a flexible mandatory access control system embedded in the Linux Kernel. SElinux defines the access and transition permissions of each user, process, application, and file in the system, and then it controls the interaction between these entities using a security policy that specifies how strict or loose checks are to be made.
/bin basic command, available in single-user mode, available to any user.
/usr/lib contains more library files for user programs. (/lib is kernel level, /usr/lib is system level)
/usr/local Software installed locally by the system administrator, including bin, sbin, lib, etc. (/usr/local is user-level)
/var is used to store variable (or constantly changing) files, such as log files and printer spool files.
/tmp Temporary directory for users and programs. /tmp gives all system users read and write rights.
Know the following important commands. du, df, top, free, pstack, su, sudo(sudo -, sudo -s), adduser, password
du instruction
1. Command format:
du [options] [files]
2. Command function:
Display the disk space used by each file and directory.
3. Command arguments:
-a or -all Display the size of individual files in the directory.
-b or -bytes Display directory or file size in bytes.
-c or --total In addition to displaying the size of individual directories or files, also display the sum of all directories or files.
-k or --kilobytes output in KB (1024bytes).
-m or --megabytes Output in MB.
-s or --summarize only display totals, only the last summed value.
-h or --human-readable Use K, M, G as units to improve the readability of information.
-x or --one-file-xystem is based on the file system at the beginning of processing, and skips it if it encounters other different file system directories.
-L<symlink> or –dereference<symlink> Displays the source file size of the symlink specified in the options.
-S or --separate-dirs Display the size of an individual directory without the size of its subdirectories.
-X <file> or --exclude-from=<file> Specify a directory or file in <file>.
--exclude=<directory or file> Skip the specified directory or file.
-D or --dereference-args Display the source file size of the specified symbolic link.
-H or -si Same as -h parameter, but K, M, G are converted to 1000 units.
-l or --count-links Repeats counting of hardware-linked files.
df command
1. Command format
df[option][file]
2. Command function
displays the available disk space on the disk partition
3. Command parameter
-a or –all: include all file systems;
–block-size=<block size >: Display the number of blocks with the specified block size;
-h or --human-readable: Display information in a more readable way;
-H or --si: The same as the -h parameter, but when calculating Use 1000 Bytes as the conversion unit instead of 1024 Bytes;
-i or –inodes: display inode information;
-k or –kilobytes: specify a block size of 1024 bytes;
-l or –local: only display the local file system ;
-m or –megabytes: Specify the block size as 1048576 bytes;
–no-sync: Do not execute the sync command before getting the disk usage information, this is the default value;
-P or –portability: Use the POSIX output format ;
–sync: execute the sync command before getting the disk usage information;
-t<file system type> or –type=<file system type>: only display the disk information of the specified file system type;
-T or –print-type : Display the type of the file system;
-x<file system type> or --exclude-type=<file system type>: Do not display the disk information of the specified file system type;
--help: Display the help;
--version: Display the version information.
top command
It is a commonly used performance analysis tool under Linux. It can display the resource occupancy status of each process in the system in real time. It refreshes the process list in 5 seconds by default, so it is similar to the Windows task manager.
command format