Common instructions under Linux and understanding of permissions (below)
- The concept of Linux permissions
-
- Linux rights management
- 01. Classification of file visitors (people)
- 02. File Types and Access Rights (Thing Properties)
- 03. Representation of file permission values
- 04. Related setting methods of file access permissions
- file directive
- directory permissions
- sticky bit
- Summary about permissions
- file directive
- directory permissions
- sticky bit
- Summary about permissions
Hello everyone, I'm Lu Jiu Maru\color{red}{Lu Jiu Maru}Lu Jiumaru , today I bring you the common commands and permission understanding under Linux (below).
If you have any questions in the process of reading my blog or learning and in the direction of learning or want to communicate with me, you can add my penguin number:2361038962 \color{red}{2361038962}2361038962 , or send an email to the corresponding mailbox:2361038962 @ qq . com \color{red}{[email protected]}[email protected] , I will try my best to help you answer!
The concept of Linux permissions
There are two kinds of users in Linux: super user (root) and ordinary user.
- Super user: can do anything under the linux system without restrictions
- Normal user: Do limited things under linux.
- The command prompt for superuser is "#", and the command prompt for normal user is "$".
Command : su [username]
Function : switch user.
For example, to switch from root user to normal user user, use su user. To switch from ordinary user user to root user, use su root (su - can also be used) (root can be omitted), and the system will prompt to enter the password of the root user.
Note : whoamiYou can view the current user
Linux rights management
01. Classification of file visitors (people)
- Owner of files and file directories: u—User
- User of the group that the owner of files and file directories is in: g—Group
- Other users: o—Others
02. File Types and Access Rights (Thing Properties)
[External link image transfer failed, the source site may have anti-leech mechanism, it is recommended to save the image and upload it directly (img-UQ5KuTWE-1662005371673) (https://lijiaguo.oss-cn-qingdao.aliyuncs.com/typora%E5 %9B%BE%E5%BA%8A202206041157633.png)]
a) file type
Note: The Linux system does not distinguish file types by the suffix of the file name, but distinguishes the file type by the first character displayed by ll.
- d: folder -: normal file
- l: Soft link (similar to Windows shortcut)
- b: block device files (such as hard disks, optical drives, etc.)
- p: pipe file
- c: character device file (such as a serial port device such as a screen)
- s: socket file
Q: Can we compile the test.txt file with the gcc compiler?
Answer: No. Linux!=gcc. gcc does not distinguish file types by file name suffix, but gcc distinguishes file types by file suffix.
b) Basic permissions
i. Read (r/4): For a file, Read has the right to read the content of the file; for a directory, it has the right to browse the directory information
ii. Write (w/2): For files, Write has the right to modify the content of the file; for directories, it has the right to delete files in the moved directory. iii. Execute (x/1): For files, execute has the right to Permission to execute files; for directories, permission to enter the directory
iv. "—" means not having the permission
03. Representation of file permission values
a) Character representation method
| Linux representation | illustrate | Linux representation | illustrate |
|---|---|---|---|
| r– | read only | -in- | writable only |
| –x | executable only | rw- | read and write |
| -wx | Writable and executable | r-x | readable and executable |
| rwx | Readable, Writable and Executable | — | No permission |
b) Octal numerical representation method
| Permission symbol (read-write execute) | Octal | binary |
|---|---|---|
| r | 4 | 100 |
| in | 2 | 010 |
| x | 1 | 001 |
| rw | 6 | 110 |
| rx | 5 | 101 |
| wx | 3 | 011 |
| rwx | 7 | 111 |
| — | 0 | 000 |
04. Related setting methods of file access permissions
a)chmod
Function : set file access permissions
Format : chmod [parameter] permission file name
Common options:
- R -> recursively modify the permissions of directory files
- Description: Only the owner and root of the file can change the permissions of the file
Format of the chmod command permission value
① User indicator +/-=authority character
- +: Add the permission indicated by the permission code to the permission scope
- -: Cancel the permission indicated by the permission code from the permission scope
- =: Assign the permission user symbol represented by the permission code to the permission scope:
- u: owner
- g: The owner is in the same group for use
- o: Other users
- a: all users
Example:
chmod u+w Test.txt //添加Test.txt文件的拥有者的写权限
chmod o-x Test.txt //去除Test.txt文件的other用户的执行权限
chmod u+w,o-x Test.txt //添加Test.txt文件的拥有者的写权限,去除other用户的执行权限
chmod a=r Test.txt //将文件的权限改成r--r--r--
chmod a=rw Test.txt //将文件的权限改成rw-rw-rw-
chmod a=rwx Test.txt //将文件的权限改成rwxrwxrwx
② Three octal digits
Example:
chmod 664 Test.txt
chmod 640 Test.txt
b) chown
Function : modify the owner of the file
Format : chown [parameter] username filename
Example :
chown root Test.txt //将文件的拥有者改成root
chown zhangsan:user1 Test.txt //将文件的拥有者改成zhangsan,小组改成user1
Note: Generally, you need to be under root privileges.!
Q: Do the creator and owner of the file have to be the same person?
Answer: Not necessarily! But after the file is just created, the creator and owner must be the same person.
c)chgrp
Function : Modify the group of a file or directory
Format : chgrp [parameter] user group name file name
Common options : -R recursively modify the group of files or directories to which they belong
Example :
chgrp user1 Test.txt //将文件的小组改成user1
d)umask
Function : View or modify the file mask New folder default permission = 0666 New directory default permission = 0777 But in fact the files and directories you create, the permissions you see are often not the above values (directory files are: 775, ordinary files is 664, of course, there may be differences under different systems). The reason is that it is also affected by umask when creating a file or directory. Assuming that the default permission is mask, the actually created file permission is: mask & (~umask)
Format : umask permission value (this can modify the permission mask)
Description : After subtracting the permission mask from the existing access permission, the default permission when creating a file can be generated. The default mask value for super users is 0022, and the default mask value for ordinary users is 0002.
Note: Permission Mask: Any permission that appears in the permission mask should not appear in the final permission.
Example :
[External link image transfer failed, the source site may have anti-leech mechanism, it is recommended to save the image and upload it directly (img-GtOFwgpd-1662005371674) (https://lijiaguo.oss-cn-qingdao.aliyuncs.com/typora%E5 %9B%BE%E5%BA%8A202207011700675.png)]
file directive
Function description : Identify the file type.
Syntax : file [options] file or directory... Common options :
- -c Displays the instruction execution process in detail, which is convenient for debugging or analyzing the execution of the program.
- -z Attempt to interpret the contents of the compressed file.
directory permissions
- Executable permissions: If the directory does not have executable permissions, you cannot cd into the directory
- Read permission: If the directory does not have read permission, you cannot use commands such as ls to view the contents of the files in the directory.
- Writable permissions: If the directory does not have writable permissions, you cannot create files in the directory, nor delete files in the directory.
As mentioned before: file = content + attributes
Directories are themselves files, so:
directory = content + attributes (content: attributes of part of the file, including filename. attributes: size, creation time, modification time and type, etc.)
sticky bit
There are some directories in Linux. The owner and group are root. Others are allowed to create, modify, and delete files in the directory as other. If I also want to form a temporary file in the shared directory, but not allow anyone other than me to delete it.
when aTable of contentsis set to the "sticky bit" (with chmod +t), the files in this directory can only be accessed by
First, the super administrator delete
2. Delete the owner of the directory
3. The owner of the file deletes
Example of use:
chmod +t all //对all目录添加粘滞位
Summary about permissions
The executable permission of a directory indicates whether you can execute commands in the directory.
If the directory does not have -x permission, you cannot execute any commands on the directory, or even cd into the directory, even if the directory still has -r read permission (it is easy to make mistakes in this place, thinking that you can enter the directory with read permission to read the files in the directory) )
And if the directory has -x permission, but not -r permission, the user can execute commands and can cd into the directory. But since there is no read permission for the directory
So in the directory, even if you can execute the ls command, you still do not have permission to read the documents in the directory.
The == appears in the final permission.
Example :
[External link image dumping...(img-GtOFwgpd-1662005371674)]
file directive
Function description : Identify the file type.
Syntax : file [options] file or directory... Common options :
- -c Displays the instruction execution process in detail, which is convenient for debugging or analyzing the execution of the program.
- -z Attempt to interpret the contents of the compressed file.
directory permissions
- Executable permissions: If the directory does not have executable permissions, you cannot cd into the directory
- Read permission: If the directory does not have read permission, you cannot use commands such as ls to view the contents of the files in the directory.
- Writable permissions: If the directory does not have writable permissions, you cannot create files in the directory, nor delete files in the directory.
As mentioned before: file = content + attributes
Directories are themselves files, so:
directory = content + attributes (content: attributes of part of the file, including filename. attributes: size, creation time, modification time and type, etc.)
sticky bit
There are some directories in Linux. The owner and group are root. Others are allowed to create, modify, and delete files in the directory as other. If I also want to form a temporary file in the shared directory, but not allow anyone other than me to delete it.
when aTable of contentsis set to the "sticky bit" (with chmod +t), the files in this directory can only be accessed by
First, the super administrator delete
2. Delete the owner of the directory
3. The owner of the file deletes
Example of use:
chmod +t all //对all目录添加粘滞位
Summary about permissions
The executable permission of a directory indicates whether you can execute commands in the directory.
If the directory does not have -x permission, you cannot execute any commands on the directory, or even cd into the directory, even if the directory still has -r read permission (it is easy to make mistakes in this place, thinking that you can enter the directory with read permission to read the files in the directory) )
And if the directory has -x permission, but not -r permission, the user can execute commands and can cd into the directory. But since there is no read permission for the directory
So in the directory, even if you can execute the ls command, you still do not have permission to read the documents in the directory.