3rd Linux Common Commands (2) _ Rights Management commands

2. Rights Management Commands

2.1 change file or directory permissions: chmod

(1) chmod command

Command name	chmod (change the permission MoDE of a file)
Command path	/bin/chmod
Execute permissions	All Users
Grammar	chmod [{ugoa}{+-=}{rwx}}] [directory or file]//a for everyone chmod [mode=421] [file or directory] -R: Recursive modification

(2) Precautions

① only file owner or Administrator (root) can modify file permissions

The numeric representation of the ② permission: R (4), W (2), X (1). such as rwx rw- r--: expressed as 7 6 4

③ When you change directory permissions , only the permissions for the specified directory are changed by default . Add the- r option if you want to change it along with all of the file and subdirectory permissions that are under it .

(3) Application examples

① Change permissions to the file owner (or group to which it belongs)

$chmod u+x/tmp/test. file      // add x permission to the owner $ chmod g+w, O-r/tmp/test. file  // Add W permissions to the owning group, removing read permissions for the other user groups.  $chmod g=rwx/tmp/test. file    // change the owning group permissions to rwx permissions. 

② Changing permissions Digitally

$chmod640 /tmp/test. file // Change permissions to rw-r-r-

(4) Summary of file directory permissions

Permissions	The meaning of the file	The meaning of the directory
R (Read permission)	Can view the contents of a file	You can list content in a directory
W (Write permission)	Can modify the contents of a file	Can be created in the directory, delete files
X (Execute permissions)	Can execute file	Access to Directory
Note	① the R permission on the directory, just lists the file information under that directory. However, it is not always possible to read the contents of the file, it depends on whether the current user has R permission to the file. ② the user has write access to the directory , it is possible to delete the entire directory containing the file under it , even if the user only has Read permission to the file! However, the ability to write to this file depends on whether the user has W permissions on the file.

"Experimental Analysis"

① creating a directory with root privileges: #mkdir/tmp/temp/

② Create empty file: #touch testfile//default permission is rw-r--r-( that is, other users have read access )

③ change the directory where testfile resides to writable: #chmod 777 Temp (Permissions rwxrwxrwx, that is, other users can read and write to the directory )

④ switch to a normal user, and then perform the delete testfile operation: $rm –f testfile//success, although the normal user has read access to the file, but because the normal user has write permission to the directory in which the file resides, it can be deleted .

2.2 change the owner of a file or directory: Chown

(1) Chown command

Command name	Chown (change file ownership)
Command path	/bin/chown
Execute permissions	All Users
Grammar	Chown [target user] [directory or file]

(2) Precautions

① Only Administrators can change the owner of a file , which differs from chmod.

② Target user must exist

(3) Application examples

① change the owner of the file myfile to TestUser: $chown myfile TestUser

2.3 to change the owning group of a file or directory: Chgrp

(1) CHGRP command

Command name	CHGRP (change file group ownership)
Command path	/bin/chgrp
Execute permissions	All Users
Grammar	CHGRP [target user Group] [directory or file]

(2) Precautions

① Only Administrators can change the group that the file belongs to, which is different from chmod.

② can add permissions to a file's membership, each user under that group has the appropriate permissions for that file. Such as:

#chmod g+w/temp/testfile;//Add Write permission to the group to which the file belongs.

(3) Application examples

① change the owner of the file myfile to Testgroup: $chgrp myfile Testgroup

2.4 set (or display) The default permissions for a file

(1) The owner of the file and the owning group

① file owner: By default, who created the file, it is the owner of the file.

② file belongs to group: a user can belong to more than one group, but it can only have one default group . So when a file is created, its owning group can only be the default group that the user belongs to

(2) Umask command

Command name	Umask (The user file-creation mask)
Command path	Shell built-in commands
Execute permissions	All Users
Grammar	Umask [-S] -S Displays the default permissions for new files in rwx form

(2) Precautions

The result of ① when using Umask–s is: U=rwx,g=rx,o=rx. This permission is inherited when a new directory is created, but if new file Linux defaults to not assigning X (execute) permissions, the directory does not have this limitation because X is accessible for the directory.

② if you do not add-s , the display is a four-bit value of the umask mask itself (such as 0022, where the latter three bits are the permission mask when the directory was created), not the default permissions . To convert to the default permissions, you need to subtract this mask 022 from the maximum permissions of the file 777, and the result is 755 (rwxr-xr-x). Conversely, to set the default permission to 700, the umask is =777-700=077.

③ when using Umask to touch a file , the default is to not assign executable permissions , which is primarily Linux security-based considerations.

(3) Application examples

① changes the default permissions to 700.

077      // Modify default permissions to 700,umask–s results to u=rwx,g=,o= $ mkdir mytest$ ls –ld myTest  //

3rd Linux Common Commands (2) _ Rights Management commands