table of Contents
chmod
Explanation
命令名称:chmod
命令英文原意:change the permissions mode of a file
命令所在路径:/bin/chmod
执行权限:所有用户
功能描述:改变文件或目录权限
grammar
chmod [{ugoa}{+-=}{rwx}] [文件或目录]
chmod [mode=421] [文件或目录]
-R 递归修改
# 第一种修改方式 chmod [{ugoa}{+-=}{rwx}] [文件或目录]
ugoa:
u:所有者
g:所属组
o:其他人
a:所有人
+-=:
+:针对文件或目录增加某个权限
-:针对文件或目录减少某个权限
=:赋予文件或目录全新的权限,以此刻的权限为准
# 第二种修改方式 chmod [mode=421] [文件或目录]
rwx:
r:4
w:2
x:1
rwxrw-r--
权限:764(4+2+1=7/4+2=6/4)
Examples
# 第一种增加权限
chmod g+x test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -l test.txt
-rw-r--r-- 1 root root 11 Nov 28 15:39 test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# chmod g+x test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -l test.txt
-rw-r-xr-- 1 root root 11 Nov 28 15:39 test.txt
# 第二种增加权限
chmod 777 test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -l test.txt
-rw-r-xr-- 1 root root 11 Nov 28 15:39 test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# chmod 777 test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -l test.txt
-rwxrwxrwx 1 root root 11 Nov 28 15:39 test.txt
Special attention Permissions
root user enters when the show #, $ normal user display
# 在/tmp下新建文件夹test
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# mkdir test
# 在/tmp/test文件夹下新建test.txt
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# touch test/test.txt
# 查看test文件下的文件
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -l test
total 0
-rw-r--r-- 1 root root 0 Nov 28 17:54 test.txt
# 查看/tmp/test文件夹的权限
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -ld test
drwxr-xr-x 2 root root 4096 Nov 28 17:54 test
# 赋予/tmp/test文件夹全部的权限
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# chmod 777 test
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -ld test
drwxrwxrwx 2 root root 4096 Nov 28 17:54 test
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# ls -l test/test.txt
-rw-r--r-- 1 root root 0 Nov 28 17:54 test/test.txt
# 新增加一个普通用户并修改密码
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# useradd eternity
[root@izm5e2q95pbpe1hh0kkwoiz tmp]# passwd eternity
# 使用eternity帐号,密码123456,登录服务器
# 查看当前目录
[eternity@izm5e2q95pbpe1hh0kkwoiz ~]$ pwd
/home/eternity
# 进入/tmp目录
[eternity@izm5e2q95pbpe1hh0kkwoiz ~]$ cd /tmp
# 查看/tmp/test目录的权限,拥有全部权限
[eternity@izm5e2q95pbpe1hh0kkwoiz tmp]$ ls -ld test
drwxrwxrwx 2 root root 4096 Nov 28 17:54 test
# /tmp/test目录下存在test.txt,拥有读权限
[eternity@izm5e2q95pbpe1hh0kkwoiz tmp]$ ls -l test/test.txt
-rw-r--r-- 1 root root 0 Nov 28 17:54 test/test.txt
# 删除/tmp/test下的test.txt文件
[eternity@izm5e2q95pbpe1hh0kkwoiz tmp]$ rm test/test.txt
rm: remove write-protected regular empty file ‘test/test.txt’? y
# 删除成功,此时/tmp/test目录下test.txt已经没有了
[eternity@izm5e2q95pbpe1hh0kkwoiz tmp]$ ls -l test/test.txt
ls: cannot access test/test.txt: No such file or directory
Only administrators have read and write permissions rw, owning group, and others only read permissions, but this time the average user has deleted only the file permission r read, why ????
File directory permissions summary
| r |
Read permission |
You can view file contents |
You can list the contents of a directory |
| w |
Write permissions |
You can modify the contents of the file |
You can create and delete files in the directory |
| x |
Execute permissions |
You can perform file |
You can enter the directory |
analysis
对于文件有写权限,仅仅代表可以修改文件的内容,而没有删除文件的权限
对于目录有写权限,可以在目录中创建和删除文件
因为上面的/tmp/test目录的权限为777
所以普通用户对于/tmp/test目录也具有创建文件和删除文件的权限
所以,普通用户也能删除/tmp/test/test.txt文件
但是普通用户无法编辑/tmp/test/test.txt文件,使用vim编辑文件的时候,会提示Waring: Changing a readonly file
chown
Explanation
命令名称:chown
命令英文原意:change file ownership
命令所在路径:/bin/chown
执行权限:所有用户
功能描述:改变文件或目录的所有者
grammar
chown [用户] [文件或目录]
In linux only root can change the file owner, even if the creator can not
Examples
# 改变文件所有者(将test.txt的所有者由eternity更改为root)
chown root /tmp/test/test.txt
[root@izm5e2q95pbpe1hh0kkwoiz ~]# pwd
/root
[root@izm5e2q95pbpe1hh0kkwoiz ~]# ls -l /tmp/test/test.txt
-rw-r--r-- 1 eternity eternity 7 Nov 28 18:15 /tmp/test/test.txt
[root@izm5e2q95pbpe1hh0kkwoiz ~]# chown root /tmp/test/test.txt
[root@izm5e2q95pbpe1hh0kkwoiz ~]# ls -l /tmp/test/test.txt
-rw-r--r-- 1 root eternity 7 Nov 28 18:15 /tmp/test/test.txt
chgrp
Explanation
命令名称:chgrp
命令英文原意:change file group ownership
命令所在路径:/bin/chgrp
执行权限:所有用户
功能描述:改变文件或目录的所属组
grammar
chgrp [用户组] [文件或目录]
Examples
# 改变文件所属组(将test.txt的所属组由eternity更改为eternityz)
chgrp eternityz /tmp/test/test.txt
# 当前目录
[root@izm5e2q95pbpe1hh0kkwoiz ~]# pwd
/root
# 查看详细信息
[root@izm5e2q95pbpe1hh0kkwoiz ~]# ls -l /tmp/test/test.txt
-rw-r--r-- 1 root eternity 7 Nov 28 18:15 /tmp/test/test.txt
# 增加eternityz组
[root@izm5e2q95pbpe1hh0kkwoiz ~]# groupadd eternityz
# 改变所属组
[root@izm5e2q95pbpe1hh0kkwoiz ~]# chgrp eternityz /tmp/test/test.txt
[root@izm5e2q95pbpe1hh0kkwoiz ~]# ls -l /tmp/test/test.txt
-rw-r--r-- 1 root eternityz 7 Nov 28 18:15 /tmp/test/test.txt
umask
Explanation
命令名称:umask
命令英文原意the user file-creation mask
命令所在路径:shell内置命令
执行权限:所有用户
功能描述:显示/设置文件的缺省权限
grammar
umask [-S]
-S 以rwx形式显示新建文件缺省权限(大写的S)
Examples
# 查看文件的缺省权限
umask -S
# 查看umask
umask
[root@izm5e2q95pbpe1hh0kkwoiz ~]# umask
0022
0022中
0 特殊权限
022 ----w--w-
# 通过所有权限777和022权限进行异或操作,得到缺省权限
777 rwx rwx rwx
022 --- -w- -w-
================
目录 rwx r-x r-x
文件 rwx r-- r--
# 更改umask值,进而改变缺省权限
umask 077
# 更改umask值之后,缺省权限变为
777 rwx rwx rwx
077 --- rwx rwx
================
目录 rwx --- ---
文件 rw- --- ---
# 以下实验符合更改缺省权限的设置
[root@izm5e2q95pbpe1hh0kkwoiz ~]# umask 077
[root@izm5e2q95pbpe1hh0kkwoiz ~]# mkdir /tmp/lyf
[root@izm5e2q95pbpe1hh0kkwoiz ~]# ls -ld /tmp/lyf
drwx------ 2 root root 4096 Nov 29 10:55 /tmp/lyf
[root@izm5e2q95pbpe1hh0kkwoiz ~]# touch /tmp/lyf/lyf
[root@izm5e2q95pbpe1hh0kkwoiz ~]# ls -l /tmp/lyf/lyf
-rw------- 1 root root 0 Nov 29 10:56 /tmp/lyf/lyf
In linux only root can change the file owner, even if the creator can not
The creator of the file to the default of the owner, then the default file also belongs to the group creator
When the default folder linux permissions rwxr-xr-x, is the default file permissions rw-r - r--, New File does not have the permission to execute