Article directory
1. Query user login
1.1 Query the group to which the user belongs
groups命令
● Query the groups the user belongs to
groups command format: groups [username]
groups [username] command: View the groups to which the specified user belongs
[root@clr ~]# gpasswd -a zhangsan root #将用户zhangsan添加到root组中
正在将用户“zhangsan”加入到“root”组中
[root@clr ~]# gpasswd -a zhangsan mygirl #将用户zhangsan添加到mygirl组中
正在将用户“zhangsan”加入到“mygirl”组中
[root@clr ~]# groups zhangsan #查看用户zhangsan所属的组
zhangsan : zhangsan root mygirl
1.2 Query user identity id
id命令
● Query user ID
id command format: id [username]
id [username] command: view the identity of the specified user
[root@clr ~]# id zhangsan #查看用户zhangsan的身份标识
uid=2004(zhangsan) gid=2004(zhangsan) 组=2004(zhangsan),0(root),2345(mygirl)
1.3 Query user account login attribute finger
● queryLogin properties for user accounts
注意:
You need to install the finger package first
finger command format: finger [username]
finger [username] command: query the login attributes of the specified user account
[root@clr /etc/yum.repos.d]# finger zhangsan #查询用户账户zhangsan的登录属性
Login: zhangsan Name:
Directory: /home/zhangsan Shell: /bin/bash
Never logged in.
No mail.
No Plan.
[root@clr /etc/yum.repos.d]# finger gaozhenyang #查询用户账户gaozhenyang的登录属性
Login: gaozhenyang Name:
Directory: /home/gaozhenyang Shell: /bin/bash
Last login 日 4月 2 20:28 (CST) on pts/1
No mail.
No Plan.
1.4 Query the logged-in host user information w, who, user
w 、 who、users命令
● querylogged in to hostUser information for
w, who, users commands: query the user information logged in to the host
[root@clr ~]# w #查询登录到主机的用户信息有3个
23:35:17 up 6:27, 3 users, load average: 0.02, 0.08, 0.07
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root :0 :0 20:47 ?xdm? 3:38 0.35s /usr/libexec/gnome-session-binary --session gn
root pts/1 192.168.80.1 19:45 2:47m 0.43s 0.16s -bash
root pts/2 192.168.80.1 20:47 5.00s 0.62s 0.07s w
[root@clr ~]# who #查询登录到主机的用户信息有3个
root :0 2023-04-02 20:47 (:0)
root pts/1 2023-04-02 19:45 (192.168.80.1)
root pts/2 2023-04-02 20:47 (192.168.80.1)
[root@clr ~]# users #查询登录到主机的用户名
root root root
2. Permissions and ownership of files/directories
访问权限
● read r: allowview file content、show directory listing
● write w: allowModify file content,allowCreate, move, delete files or subdirectories in a directory
● executable x: allowRun the program, switch directory
归属(所有权)
● Owner: ownedThe user of the file or directoryaccount number
● Belonging group: ownedthe group of the file or directoryaccount number
2.1 Set permissions for files and directories chmod
chmod [nnn] file or directory command: modify the permissions of the specified file or directory
[root@clr ~]# touch clr.txt #创建文件clr.txt
[root@clr ~]# ll
总用量 12
-rw-r--r--. 1 root root 0 4月 3 00:06 clr.txt #clr.txt默认文件权限为644
[root@clr ~]# chmod 755 clr.txt #修改clr.txt文件权限为755
[root@clr ~]# ll
总用量 12
-rwxr-xr-x. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chmod a+r clr.txt #给所有用户赋予对文件clr.txt的可读权限
[root@clr ~]# ll
总用量 12
-rwxr-xr-x. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chmod +x clr.txt #给所有用户赋予对文件clr.txt的可执行权限
[root@clr ~]# ll
总用量 12
-rwxr-xr-x. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chmod +w clr.txt #给所有用户赋予对文件clr.txt的可写权限(写的情况比较特殊,需要指定对所有用户a+w,而读和可执行的情况,则直接+r 或者 +x 即可)
[root@clr ~]# ll
总用量 12
--w-------. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chmod go+r clr.txt #给组和其他用户赋予对文件clr.txt的可读权限
[root@clr ~]# ll
总用量 12
----r--r--. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chmod ug+rw clr.txt #给用户所有者和所属组赋予对文件clr.txt的可读可写权限
[root@clr ~]# ll
总用量 12
-rw-rw-r--. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chmod ugo=rw clr.txt #给用户所有者和所属组以及其他用户赋予对文件clr.txt的可读可写和可执行权限
[root@clr ~]# ll
总用量 12
-rw-rw-rw-. 1 root root 0 4月 3 00:06 clr.txt
chmod -R [nnn] directory command: recursively modify the permissions of all subdirectories under the specified directory
2.2 Set the ownership of files and directories chown
[root@clr ~]# ll
总用量 12
-rw-rw-rw-. 1 root root 0 4月 3 00:06 clr.txt
[root@clr ~]# chown zhangsan clr.txt #修改文件clr.txt的属主为zhangsan
[root@clr ~]# ll
总用量 12
-rw-rw-rw-. 1 zhangsan root 0 4月 3 00:06 clr.txt
root@clr ~]# chown :admin1 clr.txt #修改文件clr.txt的属组为admin1
[root@clr ~]# ll
总用量 12
-rw-rw-rw-. 1 zhangsan admin1 0 4月 3 00:06 clr.txt
chgrp [belonging group ##] file or directory: modify the attribute group of the file or directory to ##
[root@clr ~]# touch demon #创建demon文件
[root@clr ~]# chgrp xiaozhang demon #修改文件demon的属组为xiaozhang
[root@clr ~]# ll
总用量 12
-rw-r--r--. 1 root xiaozhang 0 4月 3 14:01 demon
[root@clr ~]# chown xiaozhang.xiaowang demon #修改文件demon的属主为xiaozhang,属组为xiaowang
[root@clr ~]# ll
总用量 12
-rw-r--r--. 1 xiaozhang xiaowang 0 4月 3 14:01 demon
[root@clr ~]# touch abc.txt #创建文件abc.txt
[root@clr ~]# chown zhangsan: abc.txt #修改文件abc.txt的属主和属组都为zhangsan(当属主和属组都为同一用户时,可以使用简写形式zhangsan:效果和zhangsan:zhangsan相同)
[root@clr ~]# ll
总用量 12
-rw-r--r--. 1 zhangsan zhangsan 0 4月 3 14:14 abc.txt
2.3 Special permission SBIT(t)
SBIT authoritycan only be used forSet up the directory,makeFiles or directories in the specified directory,Only the owner can delete a file or directory。
Cases where SBIT permissions are not added
[root@clr /opt]# mkdir test #root用户创建test目录
[root@clr /opt]# chmod 777 test #修改目录test的权限为777
[root@clr /opt]# ll
总用量 2104
drwxrwxrwx. 2 root root 6 4月 3 16:02 test
[root@clr /opt]# su xiaocai #切换到xiaocai用户
[xiaocai@clr /opt]$ touch test/abc.txt #xiaocai用户在test目录下创建文件abc.txt
[xiaocai@clr /opt]$ ll test
总用量 0
-rw-rw-r--. 1 xiaocai xiaocai 0 4月 3 16:05 abc.txt
[xiaocai@clr /opt]$ su gaozhenyang #切换到gaozhenyang用户
密码:
[gaozhenyang@clr /opt]$ rm -f test/abc.txt #在该用户下删除test目录下的abc.txt
[gaozhenyang@clr /opt]$ ll test #查看结果,删除成功
总用量 0
The case of adding SBIT authority
[root@clr /opt]# chmod 1777 test #1777中的1代表添加SBIT权限,并修改test目录的权限为777
[root@clr /opt]# ll
总用量 2104
drwxrwxrwt. 2 root root 6 4月 3 16:06 test
[root@clr /opt]# su xiaocai #切换到用户xiaocai
[xiaocai@clr /opt]$ touch test/abc.txt #用户xiaocai在test目录下创建文件abc.txt
[xiaocai@clr /opt]$ ll
总用量 2104
drwxrwxrwt. 2 root root 21 4月 3 16:17 test #第一个字段中最后一个t代表添加了添加SBIT权限
[xiaocai@clr /opt]$ su gaozhenyang #切换到gaozhenyang用户
密码:
[gaozhenyang@clr /opt]$ rm -f test/abc.txt #其他用户不允许执行删除操作
rm: 无法删除"test/abc.txt": 不允许的操作
[gaozhenyang@clr /opt]$ su xiaocai #再次切换到xiaocai用户
密码:
[xiaocai@clr /opt]$ rm -f test/abc.txt #xiaocai用户可以执行删除操作
[xiaocai@clr /opt]$ ll test
总用量 0
2.4 Set the default permission umask for directories and files
umask作用
● Control newly createdfile or directory permissions
● Permissions for newly created files or directoriesSubtract the umask for the default maximum permissions
●normal fileThe maximum default permission for is 6 (rw),Table of contentsThe maximum default permission is 7 (rwx)
●The default permission of umask is 002
umask setting: umask 022
umask view: umask
[xiaocai@clr /opt]$ cd test #切换到test目录
[xiaocai@clr /opt/test]$ ll
总用量 0
[xiaocai@clr /opt/test]$ touch 1.txt #在test目录中创建文件1.txt
[xiaocai@clr /opt/test]$ mkdir abc #在test目录中创建目录abc
[xiaocai@clr /opt/test]$ ll
总用量 0
-rw-rw-r--. 1 xiaocai xiaocai 0 4月 3 16:36 1.txt #文件1.txt的权限为664(由来:文件默认权限666-002=664)
drwxrwxr-x. 2 xiaocai xiaocai 6 4月 3 16:36 abc #目录abc的权限为775(由来:目录默认权限777-002=775)
[xiaocai@clr /opt/test]$ umask
0002 #文件和目录的umask权限为002
Modify umask 000
[xiaocai@clr /opt/test]$ rm -rf * #删除test目录下的所有文件和目录
[xiaocai@clr /opt/test]$ ll
总用量 0
[xiaocai@clr /opt/test]$ umask 000 #修改umask的权限为000
[xiaocai@clr /opt/test]$ touch 1.txt
[xiaocai@clr /opt/test]$ mkdir abc
[xiaocai@clr /opt/test]$ ll
总用量 0
-rw-rw-rw-. 1 xiaocai xiaocai 0 4月 3 16:46 1.txt #新创建的1.txt文件权限为666
drwxrwxrwx. 2 xiaocai xiaocai 6 4月 3 16:46 abc #新创建的abc目录权限为777
Query whether a user exists in the system (grep, id)
[xiaocai@clr /opt/test]$ grep zhangsan /etc/passwd #若能过滤中相关信息,则证明该用户存在,否则则表示系统中不存在该用户
zhangsan:x:2004:2004::/home/zhangsan:/bin/bash
[xiaocai@clr /opt/test]$ id zhangsan #查询系统中zhangsan的id号信息
uid=2004(zhangsan) gid=2004(zhangsan) 组=2004(zhangsan),0(root),2345(mygirl)