File and folder permissions
- linux basic rights
- linux special privileges
- linux Hide rights
- linux file ACL permissions
- linux basic rights
. 1 Linux basic permissions 2 using LS - L filename command to view a file or folder detail permissions . 3 LS - L . 4 -rw-R & lt - rw- . 1 the root the root 22 is Jan . 6 15 : 42 is ABC . 5 - --- --- - - 6 - file types 7 permissions of the file owner root rw- --- r read w write x execute 8 member group --- file belongs to its authority r-- root 9 --- others rw- 10 22 size of the file or folder 11 Jan 6 15 : 42 creation date 12 abc file name
chmod command
1 chmod - access to change file 2 command syntax 3 chmod [Options] the MODE File ... 4 command options 5 - R recursively set permissions for directories effective 6 the MODE what authority who gave 7 U (owner) g (group belongs ) o (others) a (owner) 8 + - = 9 authority read r w x execute write 10 digital rights . 11 r read . 4 12 is w write 2 13 is x execution . 1 14 the chmod 760 ABC
chown command
1 chown modify the file or folder owner command 2 command syntax 3 chown [Options] the User [: Group] File ... 4 command options 5 - R recursive set for the folder 6 chown new owner of the file name 7 chown new the owner of the new file name of your group 8 -R recursive modification
chgrp command
1 chgrp change group belongs 2 command syntax 3 chgrp [options] group file ... 4 command options 5 - R recursively set permissions for directories effective 6 chgrp new file names of all groups 7 chown new file name belongs to the group.
- linux special privileges
1 Linux special privileges 7 777 2 the SUID 4 after when a binary file has SUID permissions, when other users execute the binary file, the binary file will go to the owner of the rights to perform his 3 SGID 2 4 required folder the new sub-folder or subfolder to inherit the parent folder is a group of 5 Sticky bit 1 6 If the folder given to the sticking place the folder under the file or folder can only be deleted by the owner and ROOT
- linux Hide rights
chattr command
1 the chattr [+ - = ] [ASacdistu] file or file name 2 command options: 3 + : increase a particular parameter, other parameters exist originally fixed. 4 - : Delete a particular parameter, other parameters exist originally fixed. 5 = : setting constant, and only later by the parameters . 6 A: A property when set, the file (or directory) access time atime (access) would not be modified, there can be avoided such as laptops disk I / O error occurs. 7 S: This feature is somewhat similar to sync. The data synchronization is written to disk. Can effectively prevent data loss. 8 A: After setting a, this will only increase the data file, and can not be deleted, only root can set this property. 9 c: After this property is set, this file will automatically be "compressed", it will be automatically decompressed when read, but when the store will first be compressed before storage (useful for large files). 10 d: when performing dump (backup) program is provided to allow the d attribute file (or directory) has a dump effect. 11 i: i the big role. It allows a file "can not be deleted, renamed, set the connection, you can not write or add data." For the security of the system have considerable help. 12j: When using ext3 file system format will be provided so that the file attribute j when writing the first record in the journal. However, when the file system parameters for the data = set time journalled, since the log has been set, so that an invalid attribute. 13 s: When the file has the s parameter, it will be completely removed from the hard drive space. 14 u: contrary to s, u is set when a file is in fact the contents of data stored on the disk may be used to restore deleted. 15 Note: this property is set, the more common is a setting value of i, and many settings must be root to set.
lsattr command
1 the lsattr file or file name 2 hidden permission to view a file or folder
- linux file ACL permissions
setfacl command
. 1 the setfacl - SET File Access Control Lists 2 command syntax . 3 the setfacl [options] File ... . 4 command options . 5 - m modified ACL . 6 - X Delete ACL . 7 - B Remove all ACL . 8 - K Remove the default ACL . 9 - R & lt Recursive 10 exercises . 11 the setfacl -mg: GROUPNAME: --- haha 12 is the setfacl - MU: username: haha RW 13 is the setfacl - Xu: username haha 14 the setfacl - B haha 15 the setfacl - SET u::rw,g::---,o::--- haha
getfacl command
1 the getfacl view the file permissions 2 command syntax 3 the getfacl File ...
operation
1 to create a user Harry, Natasha, Tom 2 Harry, Natasha attached to the admin group 3 the / etc / fstab copied to / var / tmp at 4 requires 644 file permissions . 5 file owner and is a group of the root . 6 can be modified fstab Tom . 7 no rights its admin group members 8 copy / etc / passwd to / VAT / tmp . 9 requirements document owner to Harry 10 is a group of admin . 11 file permissions 606 12 is in / var / New tmp file folder Command 13 is required the owner to root 14 to admin is a group of 15 is a group of its members can read and write, other people do not have any authority 16 requires new file or folder is a group of inherited command of 17 users can delete their own files (except root) 18 for the DNS configuration file /etc/resolv.conf set permissions, require any person can not modify files