file permission
Everything is a file, but not the same type of each file in linux, linux systems use different characters to distinguish common characters are as follows:
| character | meaning |
|---|---|
| - | Trivial File |
| d | Directory files |
| l | Link file |
| b | Block device file |
| c | Character device file |
| p | Pipe file |
Each file has the owner and all groups and have their own rights, read (r) write (w) execute (x), for files and directories is not the meaning rwx
- File:
R & lt permission to read the contents of the file
w permission to modify the contents of the file
x contents execution file permissions - : Directory
r directory permissions to view the files
w to wear, delete, modify directory permissions on the file
permissions to the directory of r
Examples are as follows:
lrwxrwxrwx. 1 root root 7 Feb 7 19:53 bin -> usr/bin
dr-xr-xr-x. 3 root root 4096 Feb 7 12:08 boot
Special file permissions
The SUID
the SUID binary is a special kind of permission procedures set execution binary program may have temporary (binary program have execute permissions only valid) belong to the main authority of
command chmod u+s 文件名, will become the owner of the rights rwx rws, where x represents have become SUID s permission, if the original owner's permission is rw- will become rwS, which - will become a capital s
, for example, the passwd command:
[root@localhost /]# ll /bin/passwd
-rwsr-xr-x. 1 root root 27832 Jan 30 2014 /bin/passwdSGID
SGID main two functions:
- Let executives have temporary permission is a group of (binary program have execute permissions set)
- Files created in a directory automatically inherit the change directory user group
commandchmod g+s 文件名, the permissions for all groups by rwx become rws, where x represents have become s SGID permission, if the permissions of all the groups had to be rw- will become rwS, which - will become a capital S
example:
create a directory test, the owner and the group is test, the directory permissions set to 777, other users can create their own files in the test directory, is owners belong to the group are the users themselves
after setting SGID, file, is a group created by other users in the test directory will become test[root@localhost /]# chmod 777 /test [root@localhost /]# ls -l /test drwxrwxrwx. 2 test test 6 Feb 7 20:36 test [root@localhost /]# su -l developer -c "touch /test/a.txt" [root@localhost /]# chmod g+s /test [root@localhost /]# ls -l /test drwxrwsrwx. 2 test test 6 Feb 7 20:36 test [root@localhost /]# su -l developer -c "touch /test/b.txt" [root@localhost /]# ls -l test/ -rw-r--r--. 1 developer developer 0 Feb 7 20:37 a.txt -rw-r--r--. 1 developer test 0 Feb 7 20:37 b.txt
SBIT
After a set SBIT directory permissions, to change the files in the directory can only be executed its owner delete, delete other user does not have permission.
Command chmod o+t 目录名, x other people permission to execute permissions part of the file will be replaced with t or T, originally had x execute permission will be written r, x execute permission will not originally written as T.
For example, the system / tmp directory, all users can create a file in the / tmp directory, but you can not delete other files created by users.