Brother Niao’s Linux Private Cooking-Chapter 5, Linux File Permissions and Directory Configuration
Preface
This chapter focuses on file permission management and directory configuration in Linux. The main content of file permission management is three identity categories, three operation permissions and three operation methods, which can be abbreviated as three 3's. The main content of directory configuration is FHS-Linux directory configuration basis.
The following is divided into two parts to sort out and record.
1. Linux file permission management
Linux's file permission management well reflects its excellent multi-tasking environment. As mentioned above, Linux has three 3's, three identity categories: owner/group/others; three operation permissions: read/write/execute; three operation methods: chgrp/chown/chmod.
1. Three identity categories
-
- owner
-
- group
-
- others
The three identity categories are easy to understand, in addition to root.
2.File attributes
Before understanding the three threes, look at the picture to understand the file attributes. This must be remembered.
File type and permissions : (1) File type, d means directory, - means file, l means link file, b means storable peripheral device files, c means keyboard and mouse can read device files at one time; (2) File permissions, [ r ] represents readable (read), [ w ] represents writable (write), and [ x ] represents executable (execute). The three are in a group, which are owner permissions, group permissions, and other people's permissions. The file types and permissions are shown below
3.Three kinds of operation permissions
| for files | for directory | |
|---|---|---|
| rreadable | Read the actual content of the file | Read directory structure list |
| w can be written | Edit, add or modify the contents of the file (but not delete the file) | Change the permissions of the directory structure list, including creating, deleting, renaming, and moving files and directories |
| xexecutable | Can be executed by the system | Enter this directory to become the working directory (cd) |
4. Three modes of operation
(1) Change the group you belong to, chgrp
chgrp [-R] dirname/filename,例:chgrp users initial-setup-ks.cfg
Among them: -R: Perform recursive and continuous changes, that is, all files and directories in the sub-directory are updated to this group. Often used to change all files in a directory.
(2) Change file owner or group, chown
chown [-R] Account name file or directory, for example: chown bin initial-setup-ks.cfg
chown [-R] Account name: Group name file or directory, for example: chown root:root initial-setup-ks.cfg
chown [-R] .Group name file or directory, for example: chown .root initial-setup-ks.cfg
Among them: -R: perform recursive and continuous changes, that is, all files in the sub-directory are changed.
(3) Change permissions, chmod
a. Numeric type changes file permissions
The three permissions represent three values: r:4 w:2 x:1
chmod [-R] xyz file or directory
Among them: xyz: is the permission attribute of the numeric type just mentioned, which is the addition of the rwx attribute values.
-R: Perform recursive and continuous changes, that is, all files in the subdirectory will be changed.
Example: When the permission is: [-rwxrwx- - -] the score is: chmod 770 file or directory
owner = rwx = 4+2+1 = 7
group = rwx = 4+2+1 = 7
others= - - - = 0+0+0 = 0
b. Symbol type changes file permissions
Among them: u, g, o represent three identities, a represents all, that is, all identities.
例:
chmod u=rwx,go=rx .bashrc
chmod a+w .bashrc
chmod ax .bashrc
5. File types and extensions
Whether a Linux file can be executed is related to the ten attributes in its first column, and has nothing to do with the file name! ! !
- regular file
-
- Plain text file (ASCII)
-
- binary
-
- Data format file (data)
- directory
- Link file (link)
- Devices and device files (device)
-
- Block device file, file type [b]
-
- Character device file, file type [c]
- Data interface files (sockets)
- Data transfer file (FIFO, pipe)
2. Linux directory configuration
1. Basis for Linux directory configuration – FHS
Filesystem Hierarchy Standard (FHS) hopes to let users know which directory installed software is usually placed in.
(1) Four interaction forms of FHS:
- Shareable : a directory that can be shared with other systems for mounting, so data including executable files and user emails can be shared with other hosts on the network for mounting;
- Not shareable : Device files running on your own machine or socket files related to programs, etc., are only related to your own machine, so of course they are not suitable for sharing with other hosts.
- Immutable : Some data do not change frequently and remain unchanged following distribution. For example, function libraries, file description documents, host service configuration files managed by system administrators, etc.;
- Changeable : Data that changes frequently, such as login files, news groups that general users can accept by themselves, etc.
(2) Three directory levels
- / (root, root directory): related to the boot system;
- /usr (unix software resource): related to software installation/execution;
- /var (variable): related to the system running process.
a. The meaning and content of the root directory (/):
The root directory is also related to startup/restore/system repair and other actions. Therefore, the FHS standard recommends that the partition where the root directory (/) is located should be as small as possible, and the software installed by the application should not be placed in the same partition as the root directory. Within, keep the root directory as small as possible. Not only does this provide better performance, but the file system where the root directory is located is also less prone to problems.
Part 1: Directories that must exist according to FHS requirements
- /bin: But executable files that can also be operated in user mode, such as cat, chmod, chown, date, mv, mkdir, cp, bash;
- /boot: Boot file, including core files, boot menu, and boot configuration, such as vmlinuz, a common kernel file;
- /dev: device files, such as /dev/null, /dev/zero, /dev/tty, /dev/loop*, /dev/sd*;
- /etc: The main configuration file of the system. It is not recommended to put executable files, such as /etc/modprobe.d/, /etc/passwd, /etc/fstab, /etc/issue, and the configuration file directory /etc for placing third-party software. /opt;
- /lib: Function library for booting and command calling, for example, /lib/modules/ has the core driver;
- /media: DVD, CD and other removable media devices, such as /media/floppy, /media/cdrom;
- /mnt: additional devices temporarily mounted;
- /opt: Third-party software, note: it can also be placed under /usr/local;
- /run: Various information after booting. Note: It can also be placed under /var/run;
- /sbin: Commands for booting, repairing, and restoring the system, such as: fdisk, fsck, ifconfig, mkfs;
- /srv: Network service data directory, such as WWW, FTP, etc.;
- /tmp: Temporarily stored, it is recommended to clean up after booting;
- /usr: See the description below;
- /var: See the description below;
Part 2: Directories where FHS recommendations can exist
- /home: user’s home folder;
- /lib<qual>: binary function library;
- /root: The home folder of the system administrator (root);
Part 3: Others
- /lost+found: Place lost fragments when there is a system error;
- /proc: virtual folder, data is stored in memory, such as: /proc/cpuinfo, /proc/dma, /proc/interrupts, /proc/ioports, /proc/net/*, etc.;
- /sys: virtual folder, records core and system hardware information;
The meaning and content of b./usr
usr is the abbreviation of Unix Software Resource, which is the directory where "Unix operating system software resources" are placed, not the user's data.
Part 1: Directories that must exist according to FHS requirements
- /usr/bin/: All commands used by general users, there should be no subdirectories;
- /usr/lib/: Same as /lib;
- /usr/local/: The system administrator installs the downloaded software by himself;
- /usr/sbin/: Same as /sbin;
- /usr/share/: read-only architecture data files and shared files, such as /usr/share/man online documentation;
Part 2: Directories where FHS recommendations can exist
- /usr/games/: game-related data;
- /usr/include/: header and include for programming languages such as c/c++;
- /usr/libexec/: executable files or scripts that are not commonly used by ordinary users;
- /usr/lib<qual>/: Same as /lib<qual>;
- /usr/src/: source code, the core source code is recommended to be placed in /usr/src/linux/;
The meaning and content of c./var
If /usr is a directory that will occupy a large amount of hard disk capacity during installation, then /var is a directory that will gradually occupy hard disk capacity after the system is running. Because the /var directory is mainly for files that change regularly, including cache, log files, and files generated by certain software operations, including program files (lock files, run files), or MySQL databases. files, etc.
Part 1: Directories that must exist according to FHS requirements
- /var/cache/: temporary data of the application;
- /var/lib/: The data files used by the program. The MySQL database is placed in /var/lib/mysql/, and the rpm database is placed in /var/lib/rpm;
- /var/lock/: program lock, this directory has also been moved to /run/lock;
- /var/log/: **Very important! **Login files, such as /var/log/messages, /var/log/wtmp (record the login information);
- /var/mail/: personal email mailbox;
- /var/run/: Place the PID of some started programs or services;
- /var/spool/: program queue information;
Summarize
This chapter is very focused and basic. There is a lot to remember, because most of it is knowledge points used in daily development.