Linux basic Commands (iii)

There is a place in the previous article (Ugo permissions are not good for root, but useful for other users)

I'll share the privilege with you today.

1.UGO Permissions
U:user (owner) owner
G:group (affiliated group)
O:others (Others)

2.

[[email protected] .ssh]# ll-rw-r--r--. 1 root root 381 Apr 20 12:23 authorized_keys-rw-r--r--（一共10个位，用 - 表示，分为四大段，从左往右第一个 -  代表了文件类型---下面我会单独列出来，二三四为一组代表拥有者，五六七为一组代表所属组，八九十为一组代表其他人。rw----下面我会单独列出来）

3. File type: Here is a description of the various files, Linux all files: http://blog.sina.com.cn/s/blog_540eaeda0100lgzf.html

• : Normal file
  D: Catalog file
  L: Link File
  B: Block device files
  C: Character device file
  P: Pipeline File

4.RWX (read, write, execute) permissions
r--= 100 = 4 (100 means binary, R can also be represented by a digital 4来)
-w-= 010 = 2
--x = 001 = 1

5.chmod (A,u,g,o) +,-,= (Read and write execution permissions rwx,421 can be represented by numbers, a for all) (Modify permissions)
If you use numbers to add permissions to a file/directory, the numbers are given permissions in the right-to-left way.

6. Read permissions can be limited: Cat tac more less tail head grep cut vim ll ls .....
7. Write permissions can be limited: echo > Vim ....
8. Execution permissions can be limited to:.

10. Special Permissions

suid：范围：二进制的可执行文案（如果s变为大写的，说明该文件缺少可执行权限）          作用：临时拥有拥有者权限（但是你在修改了拥有者后，权限会被取消掉，安全起见）sgid：范围：目录或者拥有可执行的文件（chgrp 只能修改所属组，chown能修改拥有者和所属组）           作用:继承目录所属组 sbit：范围：目录（一般给共享目录这个权限）          作用：只有root用户和文件拥有者有权限删除目录中的文件

11.chown-r owner. The owning group (-R is generally for the directory, the role is not only to modify the directory, directories under the directory, the files are modified. CHMOD also available)

12.chmod 4777 + file (what does that mean, the previous 4 also stands for suid)

13.umask (manage default permissions)
Default permissions = Maximum permissions-umask value

定义文件的位置在：`[[email protected] local]# vim /etc/login.defs`（这里面umask只限制家目录下面的目录文件，目录最大权限默认777，文件默认最大权限666）其他文件的定义位置在：`[[email protected] local]# vim /etc/profile`（定义用户的默认权限，root默认0002，其他用户默认0022）

14. Hide permissions (only common ones are listed)
Lsattr to see if a file has hidden permissions
Chattr Modify File hiding permissions

     A  访问文件时不修改访问时间（有一定优化作用）     a  可以添加数据，不能修改和删除（能影响到root，可以对重要的文件添加此命令）      i  超级严格的权限，什么都不能干（能影响到root，但是root可以去掉此命令）

ACL Permissions (user control list, generally to UGO users have different requirements for files)
Getfacl (view file ACL permissions)

Setfacl-m u,g,m: User name, group name, maximum permissions: r,w,x (Modify user ACL permissions, user must exist)

Mask default maximum permissions (invalid for root, if the maximum permissions and user rights conflict, the mask will prevail, usually the last set mask)

Setfacl-x u,g,m: User name, group name, maximum permissions: r,w,x (clear user ACL permissions)

Setfacl-b + files (Clear all user control permissions)

Continue tomorrow ...

Linux basic Commands (iii)