Table of contents
1. Shell operating principle - shell program
2.2 Operations on roles and files
1. Shell operating principle - shell program
First of all, we have to clarify a concept, we are not directly accessing the operating system . Why?
For Windows, we use GUI for operation, and Shell for Linux is command operation.
1. 'Humans' are not good at using the operating system
2. If people directly access the operating system
a. The operation cost is extremely high b. People will make mistakes, which will bring unsafe factors
Therefore, system designers will not allow people to directly operate the operating system.
So how do I access the OS? So what exactly is the graphical interface && instruction operation?
They are shell programs provided by the operating system.
Significance of the shell:
- Is the software layer where the user interacts with the operating system
- To a certain extent, it can protect the operating system
Shell: command interpreter
- Translate user commands to the kernel for processing
- At the same time, the processing results of the core are translated to the user.
- View your own shell:
echo $BASH
2. Permissions
2.1 Human operation
There are two types of users under Linux: super user (root) and ordinary user
- root: only one, with the highest authority under Linux
- Ordinary user: there can be multiple, subject to authority constraints
Multiple users can exist under Linux at the same time, Linux is a multi-user operating system
root< --switch-->Ordinary user , the subtext is to switch my current permissions !
How users can exchange identities:
- Ordinary user switches root user
$su - //The user logs in again, the path changes
Password: root password
or
$su //Temporary login, the path remains unchanged
Password: root password
- root switch normal user
$ su username
- Normal user switches to another user
$ su another user
Password: another user's password
- Roll back the last identity :
logout or crtl+d
2.2 Operations on roles and files
What are permissions?
For people, the basic attributes of things determine the concept of permissions->file permissions->whether a thing is allowed to be 'do' by you
The core of permissions: people + things attributes
The first character of the first column displayed under ll indicates the file type of the file
d: directory
-: ordinary file
p:pipe file
b: block device
c: character device
l: link file
.....
Under Linux, file suffixes are not used to distinguish file types
people:
- Owner: who the file belongs to
- Belonging group: which group the file belongs to
- other: does not belong to any of the above two, it is other
How to express the authority of a file?
Starting from 3 identities (owner, group, other), r-readable, w-writable, x-executable
The expression of the above file is: the owner can read, write and execute, the group can read, write and execute, and other can read and execute the directory file.
How to operate permissions?
1. you are+-
- Modify the permissions of the file owner
chmod u +r/w/x filename #add permissions
chmod u -r/w/x filename #delete permissions
- Modify the permissions of the group to which the file belongs
chmod g +r/w/x filename #add permissions
chmod g -r/w/x filename #delete permissions
- Modify other's permissions
chmod o +r/w/x filename #add permissions
chmod o -r/w/x filename #delete permissions
- Modify permissions for all identities
chmod a +r/w/x filename #add permission
chmod a -r/w/x filename #delete permissions
2. Octal modification
3. Modify the user/group to which the file belongs
To modify the user/group to which the file belongs, you need to enter the root user to force the modification. Or add sudo before the chown/chgrp command to execute it at the root privilege level.
If the user wants to execute sudo and elevate the authority, the user needs to be in the trust list before he can execute sudo. Adding a user to the trust list requires root identity!
- Change file owner
under root:
chown owner filename
Under ordinary users:
sudo chown owner filename
- Modify the group to which the file belongs
under root:
chgrp belongs to group filename
Under ordinary users:
sudo chgrp group filename
3. Common permission issues
1. Directory permissions
What permissions are needed to enter a directory?
Requires X permission
R permission: whether to allow viewing files in the directory
W permission: Whether to allow to create files or directories under the directory
Let's verify it:
umask
Why do we create a directory or file, the default permissions are what you see?
linux default:
A directory is created with starting permissions from: 777
A normal file is created with the starting permissions: 666
Final permission = initial permission & (~umask)
All permissions that appear in the umask should not appear in the final permissions!
3. Sticky bit
Whether a file can be deleted depends on whether it has the write permission of the current directory
1. When multiple users share a directory, they need to read and write, create and delete files in this directory
2. But you can only delete your own, but not others (w: you can delete each other, but the conditions are not met)
——> Sticky bit appears (can only be set for directories)
chmod + t dir_name #add sticky bit
Whoever sets the sticky bit can cancel it (except root)