1. The three categories of people
Owner
Array
other people
2. The three types of permissions
读r (read) -->4
写 w(write)-->2
Performing x (execute) -> 1
3. file and directory permissions
File Read: You can view the file contents
File Write: You can edit the file
File: Execute File (script)
Directory read: You can list the files to the directory
Directory write: You can delete, create, copy, move files
Contents Executive: You can switch directory
4. chmod permissions management
1, letter form:
-R: recursive operation (the time when the document is a folder type)
Owner: U
It is a group: G
Other people: O
All people: A
2. Permissions characters:
r: read
w: write
x: represents the execution
-: indicates no authority
3. The rights distribution:
+: Indicates to add specific user permissions (relative to the current)
-: Deletes the user's permission (relative to the current)
=: Shows a permission set to a specific value (of results) [assignments]
4. digital form :
Reading: r 4
Write: w 2
Execution: the X-1
No permissions: 0 corresponds to ---
appendix:
View permissions: LS LL -ld
The default directory permissions: 777-022 = 755
The default document permissions: 666-022 = 644
5. Set the owner and group
(1) .chown owner is a group management (chgrp)
Role: Change the document belongs to the user ( Change owner)
Syntax: #chown new username -R 9 document path
-R: represents -R option file directory does not need to need to add -R.
chown ken (owner): ken (genus group) filename (file)
chown ken (owner) filename
chown: ken (owner) filename
chown ken: filename
Case:
Change file owner and is a group: chown User: filename Group
Change file owner: chown the User filename
Is a group of documents of: chown: filename Group
The owner and group to change the file: chown the User: filename
Automatically inherit this with: all the user groups chgrp hr filename
6. Special permission
SUID: Set binary executable (command) (u + s)
This is a user executes the command is run as the Lord
SGID: can be provided (g directories and files + S )
Catalog: Create a file automatically inherits the directory is a group
File: is a group of inherited permissions
SBIT: set on the directory (o + t)
You can delete only files you created
7.ACL rights
Role: to do a file permission settings for a user
setfacl -m u:user name:rwx filename
setfacl -xu: user name filename (removal of a single authority)
setfacl -b filename (remove all permissions)
getfacl filename (see extended permission)
8.sudo
Role: to command a user can perform settings
Visudo
In the first 92 rows
username ALL=(ALL) ALL
ALL: from that host can log in execution (ALL): ALL execute the command as root: can run those commands
Username route ALL (ALL) command
sudo useradd
Note: Enter the password of the user who is logged, non- root