Linux permissions related issues

Enterprise 2023-09-06 00:35:20 views: null

permissions

1. Permission concept

There are two types of users under Linux: super users (ROOT) and ordinary users.

  • Super user: Can do anything in the system under Linux without restriction.
  • Ordinary users: Can only do limited things.

are

From root to xtr
syntax: su xty
switch user

2. Authority management

Before studying permission management, we need to first understand that permissions are relative to people and files.

Relative to people:

  • Owner of files and file directories: u – User
  • Users in the group of the owner of files and file directories: g – Group
  • Others: o - other

Relative to the file:

  • r: Read permission. For a file, it has the permission to read the content of the file; for a directory: it has the permission to browse the directory.
  • w: write permission. For files, it has the authority to modify the content of the file; for directories: it has the authority to delete files in the moved directory.
  • x: Execute permission. For a file, it has the permission to execute the file; for a directory: it has the permission to enter the directory
  • - Indicates that the permission is not available.
    insert image description here

insert image description here
The first xty is the user who owns the file; the second xty is the group to which the file belongs.

The "d" in the first red box represents the file type, as follows:
insert image description here

2.1 Permission setting method

2.1.1 chmod(change mode)

Modify file permissions. Only root and the owner of the file can change the permissions of the file.

Format: chmod [parameter] Permission file name
Common options: -R Recursively modify the permissions of directory files, including the files in the file.

Recursively modify the x1 directory and the permissions under this directory as shown in the figure below:
insert image description here

Format of authority:

  • Increase the owner's permissions: chmod u+wx text.txt
  • Reduce the permissions of the group you belong to: chmod g-wx text.txt
  • Add permissions for all groups: chmod a+xwr text.txt
  • Add permissions for both the owner and the group: chmod u+x,g+r text.txt
  • Assign x permissions to all groups: chmod a=x text.txt

insert image description here

Use three octal numbers to represent:
There are three groups in total, and each group has three permissions, representing octal numbers respectively.
format equivalent to assignment

  • Add all permissions for the three groups: chmod 777 text.txt
  • Owner and other users only have write access: chmod 272 text.txt

chown

Change the owner of the file. Only used under root.

Syntax: chown [parameter -R] owner name file name

chgrp

Modify the group to which a file or directory belongs. Only used under root.

Syntax: chgrp [parameter -R] owner name file name

umask

Mask used to view or modify files.

  • The default permissions for new folders are 0666
  • The default permission of the newly created directory is 0777.
    Why doesn't our newly created file have this permission?
    Because the final permissions at the time of new creation are affected by umask.
    Final permission = initial permission & (~umask): the final result is that the option of umask is 1, and that option is blocked.

Syntax: umask Check the system mask
umask 0777 Change the mask to 0777

3. Directory permissions

  • You cannot cd into a directory without x permissions.
  • If you do not have the r permission, you cannot use commands such as ls to view the contents of the directory file.
  • Without the w permission, you cannot create and delete permissions in the directory.

If ljj creates a x1 file in the xty directory, xty can't view it, but it can delete the x1 file, which is obviously unscientific!
Therefore, the concept of sticky bits is introduced:

sticky bit

prevent the above

Syntax: chmod +t dirname
add sticky bit to the filename

This file can only be deleted by:

  • root can delete
  • The owner of the file can delete

**key:** The sticky bit can only be added to the directory. Generally, whoever sets it can cancel it (root is free).

If we create a file in someone else's directory, as long as the directory has a sticky bit, we don't have to worry about others deleting it anymore!

Summary of permissions

  • The executable permission of the directory indicates whether you can execute commands in the directory.

  • If the directory does not have the -x permission, you cannot execute any commands on the directory, or even cd into the directory, even if the directory still has the -r read permission (this place is easy to make mistakes, thinking that you can enter the directory to read the files in the directory if you have the read permission )

  • And if the directory has -x permissions but not -r permissions, the user can execute commands and cd into the directory. But since there is no read permission for the directory

  • So in the directory, even if the ls command can be executed, there is still no permission to read the documents in the directory.

Guess you like

Origin blog.csdn.net/weixin_45153969/article/details/132301529
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com