Purpose:
Skilled Using useradd, groupadd, chown, chmod command to add and delete Use households, add and delete groups and permission settings Using the users and groups, modify your files, etc., passwd, su command's instruction. Familiar with the special permission suid, sgid, sticky, acl functions and Use Act.
Experimental Procedure
Understand the parameters used when adding a user useradd command, set the main group as -g, -G set the basic group, -s this default shell, -M do not create home directories and so on. Meaning familiar rwx permissions are applied on files and directories, sub octal representation rights. Understand the need to set special permissions suid, sgid, sticky, acl under what circumstances.
1, useradd command: Using the add user in the system
2. Add an] Using a user name called Using the apache user on the system, the default shell to / sbin / nolgoin without creating a home of Contents
- -s
- -M
3. Add develop group
4, set / home / app / run / apache of Contents and submenus of Contents and file owner is a group of apache
5, write and modify permissions to add Perform permissions for owner, is a group does not have read permissions to read and other non- human rights Perform
6, recursive set testdir of Contents permissions: Add read is a group, you can write, can Perform rights, but it does not add submenus that the file permissions YES
7, set permissions for files 1.sh only the owner has read and write permissions
8. Using the modified linux user login password
9, the user is completely switched chest upwards parts Using linux
su - root
10, is not completely switched to the indoor chest upwards parts Using linux
its
11, setting ⼆ in hexadecimal YES program files have suid chmod permissions
chmod 4755
12, canceled ⼆ suid binary executable program files chmod permissions ⾏ owned
13, setting ⼆ in hexadecimal YES program files have sgid chmod permissions
14, canceled ⼆ sgid binary executable program files chmod permissions ⾏ owned
15, setting sgid permissions on testdir of Contents, as a collaboration of Contents
16, sgid permission to cancel testdir of Contents
17, recorded a sticky set permissions on testdir destination time, achieve only the owner of the file or root can delete files in this of Contents
chmod o + t or chmod 1777
18, canceled sticky rights of testdir of Contents
19, the new files / testdir / dir ⾥ created automatically belong to the group g1, g2 member of the group, such as: alice to have read and write access to these new files, such as members of a group g3: tom only new files has read access, Use of other households (does not belong to g1, g2, g3) can not access this folder.
20, ACL permissions backup / testdir / dir ⾥ all files to /root/acl.txt, clear all ACL permissions / testdir / dir, and finally restore the ACL permissions
