6th Chapter Linux file permissions and directory configuration

user and user groups

The owner concept of a Linux file includes: Owner, user group, other person.

The account on the system and the general identity user are stored in/etc/passwd, the personal password is recorded under/etc/shadow, the group name is placed under/etc/group.

Linux file Permissions ConceptsLinux file Properties

To view file properties, you can use the LS directive, as follows:

Dr-xr-xr-x. -Root root4096June -  -: -. Dr-xr-xr-x. -Root root4096June -  -: - ..   lrwxrwxrwx. 1Root root7June -  +:TenBin-usr/Bindr-xr-xr-x.4Root root4096June -  -: -BOOTDRWXR-xr-x. -Root root3480June -  -: -DEVDRWXR-xr-x.141Root root8192June -  -: theETCDRWXR-xr-x.3Root root +June -  +: thehomelrwxrwxrwx. 1Root root7June -  +:TenUsr/, Libliblrwxrwxrwx. 1Root root9June -  +:TenLIB64-usr/LIB64DRWXR-xr-x.2Root root6August A  -MEDIADRWXR-xr-x.2Root root6August A  -MNTDRWXR-xr-x.3Root root theJune -  +: -OPTDR-xr-xr-x.229Root root0June -  .proc-rw-r--r--.1Root root232793June -  -: -. Readaheaddr-xr-x---. -Root root4096June -  -: -ROOTDRWXR-xr-x. -Root root1160June -  -: -runlrwxrwxrwx. 1Root root8June -  +:TenSbin-usr/SBINDRWXR-xr-x.2Root root6August A  -SRVDR-xr-xr-x. -Root root0June -  -: theSYSDRWXRWXRWT.  -Root root4096June -  -: -TMPDRWXR-xr-x. -Root root4096June -  +:TenUSRDRWXR-xr-x. +Root root4096June -  .Var

The file attributes contain seven parts: file permissions, number of connections, file owner, user group to which the file belongs, file size, last modified time, file name.

The first letter of the file permission has the following meanings:

D: Catalogue

-: File

L: Connection File

B: Storage-ready Interface Devices

C: Serial Port device

The following 9 letters of the file permissions are divided into three groups, representing the file owner permissions, the permissions to the user group, other non-user groups, R for readable, W for writable, and X for executable-indicating that there is no such permission.

changing file properties and Permissions

CHGRP: Changing the user group to which the file belongs

CHGRP [-r] Dirname/filename ...

-R: Make recursive changes, that is, all files, directories under subdirectories

Example: Chgrp users install.log indicates that the user group for the Install.log file is changed to users, provided the/etc/group exists for that user group.

Chown: Changing the file owner

Chown [-r] Account name file or directory

Chown [-r] Account name: Group name file or directory

-R: Make recursive changes, that is, all files, directories under subdirectories

chmod: Changing file permissions

chmod [-r] XYZ file or directory

Use numbers to represent permissions:

R:4

W:2

X:1

For example, change the permission to-rwxrwx---, the instruction is chmod 770 filename

Chmod can also change file permissions by symbol type:

Use U,g,o,a to represent users, user groups, others, everyone, for example as follows:

chmod u=rwx,go=rx. BASHRC use ' = ' to set permissions for different identities

chmod a+w. BASHRC use ' + ' to add permissions for an identity

chmod a-w. BASHRC use '-' to remove permissions for an identity

When you use ' = ', the permissions that are not involved default to no this permission, and when you use ' + ' and '-', the permissions that are not involved are not changed by default.

permission meanings for directories and filesthe importance of permissions for files

R: Can read the actual contents of the file

W: can edit, add or modify file contents (without deleting files)

X: Can be executed by the system

the importance of permissions for a directory

R: have permission to read directory structure list

W: have permission to change the list of structural catalogs, including creating new files and directories, deleting existing files and directories, renaming existing files and directories, and transferring files and directory locations for that directory.

x; The user can enter the directory, for example, the permission to go to a directory via CD dir

Note: When a user has R permissions and does not have X permissions, it is not possible to read the catalog file.

User A has the RWX permission for the Dir directory, and the Dir directory has a file b,a does not have any permissions on the file. In this case, because a has full permissions to the directory, although you cannot change or read the B file, you can delete the B file.

Linux Directory ConfigurationDirectory Configuration Criteria/(root, root directory)

/bin: Placing execution files, placing instructions that can be manipulated in single-user maintenance mode, including Cat, chmod, chown, date, MV, mkdir, CP, Bash (must be placed in the root directory)

/boot: The file to be used when the boot is placed

/dev: Any device and interface device is stored in the directory as a file (must be placed in the root directory)

/etc: Almost all configuration files are stored in this directory (must be placed in the root directory)

/home: The user's main folder

/lib: Library of functions to be used when booting, and library of functions called under/bin,/sbin (must be placed in root directory)

/media: Place removable devices, including floppy disks, CDs, DVDs, all hung in this

/mnt: Temporarily hanging on additional equipment

/OPT: Directories placed by third-party software

/root: System Administrator's home folder

/sbin: Commands required for the boot process (must be placed in the root directory)

/SRV: Data Catalog required for the service

/tmp: Where a general user places files temporarily, anyone can access them.

/usr (Unix software resources)

To place shareable and non-volatile data, the software is installed by default in that directory.

/ var

Store caches, log files, and files that are generated by certain software operations.

6th Chapter Linux file permissions and directory configuration