Linux group management and rights management
Basic introduction to the Linux group
In Linux, each user must belong to the same group and cannot be independent from the group.
In Linux, each file has the concepts of owner, group, and other groups.
- owner
- Generally, it is the creator of the file, whoever creates the file will naturally become the owner of the file
- group
- other groups
The owner of the file/directory
- View file owner
ls -ahl
- change file owner
chown 用户名 文件名
group creation
- create group
groupadd 组名
- Create a user and put it in the monster group [[3-Linux practical operation#Add and delete user groups|Related operations of user groups]]
useradd -g monster fox
The group the file/directory belongs to
When a user creates a file, the group of the file is the group of the user.
- Check the group of the file/directory
ls -ahl
You can view the group where the file/directory is located by command
- Modify the group of the file/directory
chgrp 组名 文件名
other groups
In addition to the owner of the file and the users of the group, other users of the system are other groups of the file
Change the user's group
With root management authority, you can change the group of a user.
- Change the user's group
usermod -g 新组名 用户名
usermod -d 目录名 用户名 改变该用户登陆的初始目录
- ❗️The user needs to have permission to enter the new directory
Basic introduction to permissions
Description of 0-9 digits
- Bit 0 : Determines the type of the file
l
It is a link, equivalent to a Windows shortcutd
It is a directory, which is equivalent to a windows folderc
It is a character device file, such as mouse, keyboard, etc.b
Is a block device, such as a hard disk-
It is an ordinary file, such as a *.txt file
- Bits 1-3 : Determine the file owner's permissions on the file – User
- Bits 4-6 : Make sure the group you belong to has permissions to the file – Group
- Bits 7-9 : Make sure other users (other groups) have permissions to the file – Other
Detailed explanation of rwx permissions
When rwx decorates the file
- [ r ]: stands for readable (read): the file can be read and viewed
- 【w】: Represents writable (write): can be modified, but it does not mean that the file can be deleted. The prerequisite for deleting a file is that the directory where the file is located has write permission to delete the file.
- [ x ]: stands for executable (execute): can be executed
When rwx modifies the directory
- [ r ]: stands for readable (read): the file can be read, ls to view the contents of the directory
- [ w ]: stands for writable (write): can be modified, create + delete or rename the contents of the directory
- [ x ]: stands for executable (execute): you can enter this directory
It can be represented by numbers: r=4, w=2, x=1 , so rwx=4+2+1=7.
other instructions:
Modify permissions
Basic instructions: Through chmod
instructions, you can modify the permissions of files or directories
The first way: +, -, = change permissions
The meaning of +, -, =:
-
- Indicates increased permissions
-
- Indicates the cancellation of permissions
- = Indicates the only setting permission
The meaning of u, g, o, a:
- u : owner
- g : all groups (in which group)
- o : others
- a : everyone
For example:
chmod u=rwx,g=rx,o=r 文件名/目录
chmod o+w 文件名/目录
: Add write permission to other users
chmod a-x 文件名/目录
: Remove execute permission from all users
The second way: changing permissions through numbers
r=4、w=2、x=1
chmod u=rwx,g=rw,o=r filename
==> chmod 751 filename
change file owner
chown newowner filename
: change owner
chown newowner:newgroup filename
: change owner and group
-R
: If it is a directory, it should make all sub-files or directories under it recursively effective