Reference grain School of Linux Tutorial: http: //www.gulixueyuan.com/course/300/task/7084/show#
linux permissions, what users can operate anything.
1. The role of fundamental rights:
1.1 permission to read the file, write, execute, files and directories are not the same.
1.1 permissions on the file: read (r) can perform cat, more, less, head of the file, tail and other view commands.
write (w) the file write (w) permission, representatives can modify the data file, you can use vim, commands echo, etc. modify file data, note: the file has write permissions, can not be deleted file itself, can only modify the data in the file, if you want to
delete a file, you need to have write access to the parent directory of the file.
execute (x): the file has execute (x) permission to have this privilege, you can run , but the file can not be executed, not only (x) execute permission, but also the code in the file is not the correct language code for the file (x) permissions are the most
highly privileged.
1.2 permissions on the directory: reading (r) of the directory have permission to read (r), the representative can view the contents of the directory, you can also view those files and subdirectories under sub-directory. If the permissions correspond to the command, then once the directory has read (r ) permissions in the directory can
execute ls command to view the contents of the directory.
write (w) directory Have permission to write (x), the representative can modify the data in the directory, which is in the directory can create, delete, copy, cut sub-files or subdirectories, if the corresponding permissions to the directory, but the directory has a write permissions (w)
can be executed in the directory touch, rm, cp, mv command for a directory, write permission is w highest authority..
execute (x): the directory is not running, then the directory has the execution (x) privileges, you can execute the command cd to the directory, enter the directory.
1.3 directory permissions are available:
0: not confer any rights.
5: directory browsing and basic access rights.
7: full permission.
Tip: root is super user wants doing the doing.
Commonly used authority to order:
1 basic permissions command:. 1 .chmod 1.1 . Linux / file called Unix permissions are divided into three levels: file owner, group, others. Chmod can use so as to control how the file is called by others. 1.2 syntax:. Chmod [-cfvR] [--help] [- Version] the MODE File ... . Chmod [options] mode permissions file name 1.4 . Parameters: [ugoa ...] [[ + - = ] [rwxX] ...] [, ...] for 1.5 wherein:. U indicates the owner of the file, g represents the owner of the file belonging to the same group (group) who, o represents other than human, a these three represent both. + Indicates increased authority - indicates remove permissions, = represents a unique set permissions. r represents read, w represents the writing, x represents an executable, X is only when this file is a subdirectory or file has been set through the executable. 1.6 Other Parameters: - c: if the file permissions have changed indeed, it shows the change action - f: if the file permissions can not be changed and do not display an error message -v: Show details permissions change - R: all the files and subdirectories in the current directory the same permissions changed (that is handed back to the way one by one to change) - Help: display HELP - Version: display version 1.7 examples: chmod + U the X-xxxx plus execute permissions to the owner. the original: -rw-r - r-- after executing the command: -rwxr - r-- Linux executable files are green. 1.8 example: chmod. W + G, O + W and the other group assigned to XXX write (x) permissions original: -rw-R & lt - r-- after Run: -rw-RW-rw- the Linux may allow use " , " separated, to a group, the other assigned permissions. 1.9 examples:. the chmod GW, O- W group and the other is subtracted XXX to write (x) permissions original: -rw-rw--RW after Run: -rw-r-- r-- 1.10Examples: chmod 755 permissions explain 7 = privileges of belonging and 4 (read) + 2 (write) + 1 (execute) 5 permission = group 4 (read) + 1 (execute) 5 = other authority, 4 (read) + 1 (performs) 2 .chown 2.1 . chown using the owner of the specified file to the specified user or group, the user may be a user name or user ID. group may be a group name or group ID, a file is list of files to change permissions separated by spaces, support wildcards. generally, this command is only used by the system administrator (root), end users do not have permission to change someone else's file owner, he did not put his authority file owner is set to change others only the system administrator (root) have permission to do so. use rights: root 2.2 syntax:. chown [ -cfhvR] [--help] [- Version] the User [: Group] file ... 2.3 . parameters: user: user new file owner ID Group: new file owner's user group (Group) - c: Displays information part of the changes - f: Ignore the error message - H: Repair symbolic link - v: show detailed processing information - R & lt: process all files in the specified directory and its subdirectories - Help: display HELP - version: display version 2.4 . example: chown username1 (user name) file originally: -rwxrwxrwx 2 the root the root 25 On Dec . 6 . 17 : 49 a.txt after executing: -rwxrwxrwx 2 username1 the root 25 On Dec . 6 . 17 : 49 a.txt 3 .useradd 3.1 . Adding user commands 3.2 syntax:. Useradd name 4 .password 4.1 . Setting user password commands 4.2 syntax:. Password username1 Enter, enter the password on the line. 5 .chgrp 5.1 . Linux chgrp command is used to change the file or directory of their group. In the UNIX system family, the control file or directory permissions to the owner and their group to manage. You can use the chgrp command to change file and directory belongs to the group, set the mode using the group name or group ID can be. 5.2 . Syntax: chgrp [ -cfhRv] [- Help] [- Version] [your group] [file or directory ...] or chgrp [-cfhRv] [- help] [- reference = < reference file or directory>] [- Version] [file or directory ...] 5.3 . parameters: -c or --changes similar effect " -v " argument, but returns only part of the change. -f or --quiet or -silent with no error messages. -h or --no- make sure to dereference only make changes to a file symbolic link, without any change to other relevant documents. -R or - recursive This recursive processing, all files and subdirectories in the specified directory dealt with together. or -v - verbose display process execution instruction. - Help online help. --reference = <reference file or directory> the specified file or directory belongs to group all set to their group, and the same reference files or directories. - Version display version information. Tip: may be disposed = permissions (so do not tube before what permissions) U = rwx, G = rwx, O = rwx can numerals rights: Digital Rights: 4 represents the " R & lt " , 2 representative of " W " permission, 1 represents " the X- " permission. common permissions: 644 this is the basic file permissions: read and write permissions on behalf of owners, others have only read-only permissions. 755 which is the basic permission to execute files and directories, on behalf of owners read, write and execute permissions, and belongs to the group and others have read and execute permissions. 777 This is the greatest privilege. Avoid the actual production environment to such a great privilege, will cause great risk. Of course, a person in charge of a linux server, except for one item. Create a user creates a corresponding user group. Ordinary users can modify the owner is their file permissions. ordinary users can not modify the owner of the file (even if the file belongs to ordinary users), only the super user can modify the owner.
Default Permissions
1 . View the system default permissions umask: 0022 2 New End files directly have default permissions -rw-r - r--. Tip: Permissions umask method of calculation, the file is concerned, the new 666 is the default maximum authority, useless execution permission (x) permission. only the user manual given. directory is concerned, the new directory permissions default maximum is 777, because for the directory, execute (x) represents only can enter the directory, so even create a new file when the default will be directly given default, there is no danger. file default permissions are only 666, and the value of umask is 022 -rw-rw-rw- minus ---- w - w- equal -rw-rr- - default directory permissions 777 may be the maximum, and the value is umask 022 drwxrwxrwx subtracting D ---- W - w to equal drwx-r-xr-x
The permissions prompt:
Permissions of 10: the first one: - regular file d directory file l flexible connection file b block device file. C character device file. S socket file. P duct descriptor file. The second to fourth: the owner of Fifth to seventh place: rights group owning the eighth to 10th place: other people's rights. r = read, w = write, x = execute Tip - on behalf of no authority.