Article directory
Copyright Notice
- The content of this blog is based on my personal study notes from the Dark Horse Programmer course. I hereby declare that all copyrights belong to Dark Horse Programmers or related rights holders. The purpose of this blog is only for personal learning and communication, not commercial use.
- I try my best to ensure accuracy when organizing my study notes, but I cannot guarantee the completeness and timeliness of the content. The content of this blog may become outdated over time or require updating.
- If you are a Dark Horse programmer or a related rights holder, if there is any copyright infringement, please contact me in time and I will delete it immediately or make necessary modifications.
- For other readers, please abide by relevant laws, regulations and ethical principles when reading the content of this blog, refer to it with caution, and bear the resulting risks and responsibilities at your own risk.
root user (super administrator)
- Whether it is Windows, MacOS, or Linux, they all use multi-user management mode for permission management.
- In the Linux system, the account with the most privileges is named: root (super administrator)
- The root user has the greatest system operation permissions, while ordinary users have limited permissions in many places.
- The permissions of ordinary users are generally unrestricted in their HOME directory.
- Once out of the HOME directory, in most places, ordinary users only have read and execute permissions, but no modification permissions.
su and exit commands
- su command to switch to the root account
- The su command is used to switch accounts. Its origin is the English word: Switch User.
su [-] [用户名]
-
-The symbol is optional and indicates whether to load environment variables after switching users. It is recommended to bring -
Parameters: username, indicating the user to be switched. The username can also be omitted. If omitted, it means switching to root.
-
After switching users, you can use the exit command to return to the previous user, or you can use the shortcut key: ctrl + d
-
When using an ordinary user, you need to enter a password to switch to other users, such as switching to the root user.
-
Use root user to switch to other users, no password is required, you can switch directly
sudo command
- It is not recommended to use the root user for a long time to avoid system damage. Use the sudo command to authorize ordinary commands and temporarily execute them as root.
sudo 其他命令 - Not all users have the right to use sudo. Sudo authentication needs to be configured for ordinary users.
Configure sudo authentication for ordinary users
- Switch to the root user and execute the visudo command, which will automatically open through the vi editor:
/etc/sudoers - Add at the end of the file and finally
:wqsave it via# NOPASSWD:ALL 表示使用sudo命令,无需输入密码 用户名 ALL=(ALL) NOPASSWD:ALL
User and user group management
- There are two levels of permission control in Linux, which are:
- User permission control
- Permission control for user groups
- For example, for a certain file, you can control the permissions of the user or the permissions of the user group.
User group management
The following commands need to be executed by the root user
- Create user group
group add 用户组名 - Delete user group
group del 用户组名 - Create user
useradd [-g -d] 用户名- -g specifies the user's group. If -g is not specified, a group with the same name will be created and automatically joined. Specifying -g requires that the group already exists. If a group with the same name already exists, -g must be used.
- -d specifies the user HOME path. If not specified, the HOME directory defaults to:
/home/用户名
- delete users
# -r,删除用户的HOME目录,不使用-r,删除用户时,HOME目录保留 user del [-r] 用户名 - View the groups a user belongs to
# 参数:用户名,被查看的用户,如果不提供则查看自身 id [用户名] - Modify the group to which the user belongs
user mod -aG 用户组 #用户名,将指定用户加入指定用户组
getent command
- Use
getentthe command to view the users and user groups in the current system - grammar:
getent passwd - There are 7 pieces of information in total, namely:
root:x:0:0:root:/root:/bin/bash
# 用户名:密码(x):用户ID:组ID:描述信息(无用):HOME目录:执行终端(默认bash)
- Use
getentthe command to view the user groups in the current system - Order:
getent group - Contains 3 pieces of information, group name: group authentication (displayed as x): group ID
root:x:0
View permission controls
Cognitive permission information
-
Use ls -l to view the content in list form and display permission details
-
Serial number 1 represents the permission control information of files and folders.
-
Serial number 2 indicates the user to whom the file and folder belongs.
-
Serial number 3 indicates the user group drwxr-xr-x to which the file and folder belongs , which means: -
This is a folder, the first letter d means
-
The permissions of the user (number 2 in the upper right corner) are: r, w, x, rwx
-
The permissions of the user group it belongs to (number 3 in the upper right corner) are: r, no w, x, rx (- means no such permission)
-
The permissions of other users are: r, no w, x, rx
- r means read permission
- w means write permission
- x represents execution permission.
The meaning of rwx is slightly different depending on the file and folder.
| Permissions | Target files | for folders |
|---|---|---|
| r | Can view file contents | You can view the contents of the folder, such as using the ls command |
| w | This file can be modified | You can operate within the folder: create, delete, rename, etc. |
| x | Files can be executed as programs | You can change the working directory to this folder, that is, use the cd command to enter |
Modify permission control
chmod changes permissions on files and folders
- Use the chmod command to modify the permission information of files and folders.
- Note that only the user who owns the file or folder or the root user can modify it.
- grammar
# -R,对文件夹内的全部内容应用同样的操作 chmod [-R] 权限 文件或文件夹 - Change the file permissions to:
rwxr-x--xchmod u=rwx,g=rx,o=x hello.txt - in:
u表示user所属用户权限,g表示group组权限,o表示other其它用户权限 - Set the permissions of the folder test and all contents in the folder to:
rwxr-x--xchmod -R u=rwx,g=rx,o=x test
The numerical serial number of the permission
- Permissions can be represented by 3-digit numbers. The first digit represents user permissions, the second digit represents user group permissions, and the third digit represents other user permissions.
- The details of the numbers are as follows: r is denoted as 4, w is denoted as 2, and x is denoted as 1
| number | Permission content | three digits |
|---|---|---|
| 0 | no permissions | — |
| 1 | Only x permissions | –x |
| 2 | Only w permission | -w- |
| 3 | Have w and x permissions | -wx |
| 4 | Only r permission | r– |
| 5 | Have r and x permissions | r-x |
| 6 | Have r and w permissions | rw- |
| 7 | Have full permissions | rwx |
- Permission 751 means: rwx(7) rx(5) --x(1).
chown to modify the user and user group it belongs to
- Use the chown command to modify the users and user groups that files and folders belong to.
- Ordinary users cannot change their membership to other users or groups, so this command is only applicable to root users.
- grammar
chown [-R] [用户][:][用户组] 文件或文件夹
- Option, -R, same as chmod, applies the same rules to all contents in the folder
- Options, users, modify the user
- Options, user groups, modify user groups to which they belong
Example:
chown root hello.txt, change the user belonging to hello.txt to rootchown :root hello.txt, change the user group to which hello.txt belongs to root.chown root:feng hello.txt, change the user to which hello.txt belongs to root and the user group to fengchown -R root test, change the user belonging to the folder test to root and apply the same rules to all contents in the folder