linux - user permissions

Language 2023-08-11 17:56:58 views: null

Cognitive root user


Whether it is Windows, Macos, or Linux, the multi-user management mode is used for authority management.
In the Linux system, the account with the most authority is named: root (super administrator)

  • The root user has the maximum system operation authority, while the authority of ordinary users is limited in many places.
  • The permissions of ordinary users are generally unlimited in their HOME directory. Once out of the HOME directory, in most places, ordinary users only have read-only and execute permissions, and no modification permissions.

System command for su account switching

Syntax: su [-][username]

  • - The symbol is optional, indicating whether to load the environment variable after switching users, it is recommended to bring it
  • Parameters: Username, indicating the user to switch
    • The user name can also be omitted, which means that after switching to root, you can return to the previous user through the exit command, or you can use the shortcut key: ctrl + d
    • As an ordinary user, you need to enter a password to switch to other users. If you switch to the root user, use the root user to switch to other users. You can switch directly without a password.

Sudo is authorized for ordinary commands, temporarily executed as root

It is not recommended to use the root user for a long time to avoid system damage.

Syntax: sudo other commands

  • Before other commands, bring sudo to temporarily grant root authorization to this command
  • But not all users have the right to use sudo, we need to configure sudo authentication for ordinary users

 

User and user group management

In Linux system you can:

  • Configure multiple users
  • Configure multiple user groups
  • Users can join multiple user groups

 There are two levels of control levels for permissions in Linux, which are

  • Permission control for users
  • Permission control for user groups

For example, for a file, you can control the user's permissions, and you can also control the permissions of the user group

The following commands need to be executed by the root user

  • User Group Management

    • Create user group
      • Syntax: groupadd user group name
    • delete user group
      • Syntax: groupdel user group name

  • User Management

    • create user
      • Syntax: useradd [-g -d] username
        • Option: -g specifies the user's group. If -g is not specified, a group with the same name will be created and automatically joined. Specifying -g requires that the group already exists. If a group with the same name already exists, you must use -g
        • Option: -d specifies the user HOME path, if not specified, the HOME directory defaults to: /home/username
    • delete users
      • Syntax: userdel [-r] username
        • Option: -r, delete the user's HOME directory, without -r, when deleting the user, the HOME directory remains
    • View the groups the user belongs to
      • Syntax: id [username]
        Parameters: username, the user being viewed, if not provided, view itself
    • Modify the group to which the user belongs
      • Syntax: usermod -aG usergroup username
      • Add the specified user to the specified group

getent View which users/user groups exist in the current system

  • view users
    • Syntax: getent passwd
    • There are 7 pieces of information in total, namely: username: password (x): user ID: group ID: description information (useless): HOME directory: execution terminal (default bash)
  • view usergroup
    • Syntax: getent group
    • Contains 3 pieces of information, group name: group authentication (displayed as x): group ID

View access control

rwx

  • r means read permission
    • File: You can view the contents of the file
    • folder: file can view file content
  • w means write permission
    • File: Indicates that this file can be modified
    • Folder: Inside the folder: create, delete, rename, etc.
  • x means execute permission
    • file: Execute a file as a program
    • Folder: You can change the working directory to this folder, that is, cd to enter

Use ls -l to view the content in list form and display permissions

  • Serial number 1: Indicates the permission control information of files and folders
  • Sequence number 2: Indicates the user to which the file or folder belongs
  • Number 3: Indicates the user group to which the file or folder belongs

Sequence number 1: Permission details

 Example: drwxr-xr-x, means

  • This is a folder, the initial letter d means
  • The permissions of the user (number 2 in the upper right corner) are: r, w, x, rwx
  • The permissions of the user group (number 3 in the upper right corner) are: r, w, x, rX (- means no such permission)
  • The permissions of other users are: with r, without w, with xr-x


chmod modify file, folder permission control

Note that only the user or root user who owns the file or folder can modify
the syntax: chmod [-R] permission file or folder

  • option; -R applies the same operation to all contents of the folder

Example:
chmod u=rwx,g=rx,o=x hello.txt
Change the file permissions to: rwxr-x --x
chmod -R u=rwx,g=rx,0=x test
Change the folder test and the file The permissions of all content in the folder are set to: rwxr-x--x

  • u indicates the user authority to which the user belongs
  • g means group permission
  • o means other other user permissions

The numeric sequence number of the permission


Permissions can be represented by 3 digits

  • The first digit indicates the user permission
  • The second digit indicates user group permissions
  • The third digit indicates other user permissions

  • 0 - no permissions, i.e. ---
  • 1 - only x permissions ie, --x
  • 2 - only w permissions ie, ie -w-
  • 3 - has w and x permissions, ie -wx
  • 4 - Only r permissions, ie r--
  • 5 - Has r and x permissions, ie rx
  • 6 - has r and w permissions, ie rw-
  • 7 - Has all permissions, that is, rwx, so 751 means: wx(7)rx(5) is like the 751 we just mentioned.


chown Modify permission control

Modify the user and user group to which files and folders belong

Ordinary users cannot modify their ownership to other users or groups, so this command is only applicable to the execution of root users

Syntax: chown [-R] [user][:][group] file or folder

  • chown option, -R, same as chmod, applies the same rules to all contents of the folder
  • option, user, modify user
  • Option, user group, modify the user group to which it belongs
  • : Used to separate users and user groups


Example:

  • chown root hellotxt, change the user of hello.txt to root
  • chown: root hello.txt, modify the user group to which hello.txt belongs to root
  • chown root;itheima hello.txt, change the user of hello.txt to root, change the user group to itheimachown-R roottest, change the user of the folder test to root and apply the same rules to all contents in the folder

Guess you like

Origin blog.csdn.net/violetta521/article/details/132135638
Recommended
LFOSSA Yuanlaisusu Open Course | Mastering the Cloud Native Future: Comprehensive Guide to CNCF Certification and Exam Preparation Tips
Ranking
C++ Basic Syntax
bootstrapTable hides a column based on a condition
Why is reentrant lock recommended instead of Synchronized when dynamic high concurrency?
hexo create a blog
[Fully open source and non-encrypted version] Imitation of the eighth district distribution/online signature/multiple sets of download templates/APP distribution hosting/APP packaging and packaging
Polymerization combination
https://www.flysnow.org/2017/05/06/go-in-action-go-log.html
From the perspective of Flutter and the front-end, talk about how to ensure UI fluency under the single-threaded model
nginx-301, 302 redirect
Geolocation by IP Address in ASP.NET
Daily
More
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)

Code World

© 2018 codetd.com