Author: Insist--
Personal homepage: insist--personal homepage
The author will continue to update network knowledge and python basic knowledge , looking forward to your attention
foreword
This article will take you to understand in detail what are the important files in the Linux system? . However, each file has quite a few attributes and permissions , the most important of which may be the concept of the owner of the file . So, the following will first take you to understand the concept of file owner, group concept, and other people.
Table of contents
①The meaning of the user (simple understanding)
②The concept of group (simple understanding)
3. The concept of other people
Second, the concept of Linux file permissions
2. The importance of Linux file permissions
②Team development software or data sharing function
③ Hazards caused by improper authority settings
3. How to change file attributes and permissions
1. Change the group you belong to
①Number type changes file permissions
② Symbol type changes file permissions
1. Users and groups
1. File owner
When we first come into contact with Linux, we may feel very strange, why there are so many users of Linux, what are the groups, and what is the use? . This user and group function is quite a sound and easy-to-use security protection ! Since Linux is a multi-person multi-tasking system, there may often be multiple people using this host to work at the same time. In order to consider everyone's privacy and everyone's preferred working environment, the owner of this file The role is quite important!
For example, when you transfer your e-mail to a file and put it in your own home directory , what if you don't want others to see your file? At this time, you set the file so that only the owner of the file , that is, you can view and modify the content of this file. Even if other people know that you have this very important file, because you have set appropriate permissions, So others will naturally not be able to view the contents of the file.
2. Group concept
After talking about file owners, let's talk about groups. Why do you need to configure the file and the group it belongs to? It is no exaggeration to say that one of the most useful functions of groups.
For example: Suppose there are two groups of data generated in my host, the first group is grouped as Q, and its members are A, B, and C; the second group is grouped as S, and its members are E, F, G. There is competition between these two groups, but they have to submit the same report.
Question: The members of each group must be able to modify each other's data, but the members of other groups cannot see the contents of their own files. What should I do at this time?
Such restrictions are very simple under Linux systems! I can use simple file permission settings to restrict other people not in my team (group) from viewing the content! And you can also allow your team members to modify the files I created! At the same time, if I still have private and confidential files, I can still set it so that my team members cannot see my file data. This function is very useful!
①The meaning of the user (simple understanding)
Since the three members of the family each have their own room, although Zhang San can enter Li Si's room, Zhang San cannot search Li Si's wardrobe! That would be "greeted" by Li Si! Because there may be Li Si's personal items in the closet, which is a private space, so of course Zhang San can't take it!
②The concept of group (simple understanding)
Since they share the living room, the three of them can watch TV, play with mobile phones, sit on the sofa and read my articles, etc. in the living room together! Anyway, as long as it is an item in the living room, all three of them can use it! Because everyone is a family!
After reading the above explanation, everyone should understand! The family is the so-called "group" . As for the three people in the family, they are three users respectively , and these three users are in the same group ! Although the three users are in the same group, we can set permissions to prevent the personal information of certain users from being queried by the owner of the group, so as to maintain personal private space! And set group sharing, you can let everyone share!
3. The concept of other people
For a file, if the user is not the owner of the file and is excluded from the user group, then the user is given the identity of someone else, so he will not enjoy the permissions of the user owner and member of the user group. If you want to access a file, you need to wait for the file's permissions for other people to be set before you can access it.
Second, the concept of Linux file permissions
After getting a general understanding of Linux users and groups, let's talk about how to set the file permissions for these so-called users and groups? For beginners, this part is very important, because file permissions and attributes are a very important level in learning Linux. If you don't have the concept of this part, then you can't understand what others are talking about. For example, when you see "Permission deny" in front of your screen, you may not know what it means. In this case, the permission setting must be wrong!
1. Linux file attributes
Since we want to understand the file attributes of Linux, there is an important command that we must tell you first! That is the "ls" command to view files. After you log in to the system with dmtsai, and then use su - to switch identity to become root, issue the "ls -al" command to see, if there is no accident, you will see the following picture:
ls (full name: list), the focus is on displaying the file name and related attributes of the file. Add the option "-al" to list all the detailed permissions and attributes of files (hidden files are included here)
2. The importance of Linux file permissions
In the Linux system, a lot of attributes are added to each file, especially the concept of groups . What is the use of this? In fact, the biggest use is in " data security ".
① System protection function
To give a simple example, in your system, only root can read, write or execute files related to system services . For example, /etc/shadow is a file managed by an account, because this file records all accounts in your system. Data, therefore, is a very important configuration file, of course no one can read it, only root can read it! So the permissions of the file will become [ ---------- ]!
②Team development software or data sharing function
What if you have a software development team, and in your team, you want everyone in your team to be able to use the files in certain directories, but other people who are not on your team should not open it? For example, there are three people in team A, namely 1, 2, and 3, then I can set the file permissions required by the team as [ -rwxrws--- ] to provide it to work team A!
③ Hazards caused by improper authority settings
For another example, if your directory permissions are not done properly, it may cause other people to modify important data on your system! For example, if only root can do commands such as switching on and off, adding or deleting users, etc., if you change them to be executable by anyone, what will happen if the user accidentally restarts for you?
Therefore, before we modify the attributes of Linux files and directories, we must first figure out what data is mutable and what is immutable!
3. How to change file attributes and permissions
We now know the importance of file permissions to the security of a system, and the relevance of file permissions to users and groups, so how to modify the attributes and permissions of a file? How many file permissions can we modify? In fact, there are many attributes and permissions of a file! Let's first introduce several commands that are commonly used to modify the permissions of groups, owners, and various identities , as follows:
chgrp: change the group to which the file belongs
chown: change the file owner
chmod: Change file permissions, characteristics of SUID, SGID, SBIT, etc.
1. Change the group you belong to
It is very simple to change the group of a file, just use chgrp (full name: change group) to change it. It should be noted that the changed group name must exist in the /etc/group file , otherwise it will will display an error!
Assuming you are already root, there is a file named initial-setup-ks.cfg in your home directory, how to change the group of this file? Suppose you already know that there is already a group named users in /etc/group, but the group name testing does not exist in /etc/group. What happens if you change the group to users and testing respectively? What happened?
It can be seen that the group of the file has been changed to users, but when it is changed to testing, an error will occur.
2. Change file owner
How to change the owner of a file? Very simple, since the change group is the change group, then the change owner is the change owner! Bingo! That is the purpose of the chown command. It should be noted that the user must be an account that already exists in the system, that is, the user name recorded in the /etc/passwd file can be changed.
3. Change permissions
The command chmod is used to change the file permissions . However, there are two ways to set the permissions, and the permissions can be changed by using numbers or symbols .
①Number type changes file permissions
There are nine basic permissions for Linux files , namely owner/group/others. Each of the three identities has its own read/write/execute permissions. These nine permissions are in groups of three! Among them, we can use numbers to represent each permission (r:4, w:2, x:1). The three permission scores of each identity need to be accumulated. For example, when the permission is: [-rwxrwx---] the score is:
owner = rwx = 4+2+1 = 7
group = rwx = 4+2+1 = 7
others= --- = 0+0+0 = 0
So when we change the permissions, the permission number of the file will be 770! The syntax of the command chmod to change permissions is as follows:
② Symbol type changes file permissions
From the previous introduction, we can find that there are basically nine permissions. Then we can use u, g, o to represent the permissions of the three identities! In addition, a represents all, that is, all identities! Then the read and write permissions can be written as r, w, x! That is, you can use the following way to see:
If we want to set the permissions of a file to -rwxr-xr-x , the command is as follows
