A brief talk on Linux user rights related files (the text of the green to deepen the font is a discrepancy between the place, please who see after the generous enlighten)

Source: Internet
Author: User
Tags md5 encryption

When it comes to user rights in Linux you have to talk about the composition of the operating system, the general operating system is the hardware, kernel, library, Shell (including GUI (graphical user interface) and CLI (command line interface) Two, there is the completion of different work of the application. An application that wants to run must call the library files it relies on to the kernel. A copy of the same library file is called if the library files that the different applications depend on are the same and they run in the system at the same time. The same is true for applications where the same application may be opened multiple times, although the same program is running, but the process of running the program in the background is different. Different users in Linux invoke different processes from the same application. The most privileged in Linux is Administrator privileges, root, and the permissions of other users are set by root. The user right here is the owner of the process and the file, relative to the process and the file.

For example [[email protected] tmp]# ls-l test.cut, for this order alone LS and test.cut are owned.

The following is a ls-l long display, some properties of the file.

[Email protected] desktop]# ls-l

Total 2220

-rw-r--r--. 1 root root 2272130 6 cacti-0.8.8b.tar.gz

-rw-rw-r--. 1 123 123 0 Nov 1 03:38 new file

The 1th digit of the red font represents the type of user file, the file type in the previous Linux Common Command (LS) introduced, after the next 9 bits 3 bits is a group, the 1th group represents the owner of the permissions, the 2nd group represents the group of permissions, the 3rd group represents the permissions of other users.

The 3-letter format is R (readable) w (writable) x (executable), readable is a file that can be viewed through a text view command like Cat, more, and can be written as a file that can be modified by commands such as VI and Nano, Executable is a file that can be entered at a command prompt and can be submitted to the kernel to run. The readable, writable, and Runnable properties of the file described here also apply to the folder system, where r (readable) indicates that the folder can be executed with LS to list the contents of this folder, W (writable) indicates that a file can be created in the folder, and X (executable) indicates that the file can be executed on the CD . (there are discrepancies, which master saw to tell me how the matter, in the system through the install command to create a new folder and do not give them any permissions appropriate can be entered through the CD).

For example R_ _: Read-only, r_x: Executable, _ _ _: No permissions. Each person, if any, is represented by one, and does not represent 0, so the 3-bit read, write, and execute permissions will be

_ _: 0

_ _ X:1

_ W _:2

_ W X:3

R _ _:4

R _ X:5

R W _:6

R W X:7

The above permission numbers will be used in the chmod, install command

[Email protected] test]# install-d-M 000/tmp/test ceshi.1

[[email protected] test]# ls

1 2 ceshi.1 sort-u sort2 sort3 sort4

[Email protected] test]# ls-l

Total 28

Drw-rw-rw-2 root root 4096 Nov 19 18:34 1

Drw-rw-rw-2 root root 4096 Nov 19 21:17 2

D---------2 root root 4096 01:32 CESHI.1

[Email protected] test]# CD CESHI.1/

[Email protected] ceshi.1]#

[Email protected] ceshi.1]# LS-LD/TMP/TEST/CESHI.1/

D---------2 root root 4096 Nov 01:32/TMP/TEST/CESHI.1/

You can see from the above that the soft folder does not have any permissions or can be manipulated.

After you create a new file by touch, it is still valid to change the file's permissions by chmod

[Email protected] ceshi.1]# ls-l

Total 0

-rw-r--r--1 root root 0 Nov 21 01:45 123

[Email protected] ceshi.1]# chmod 333 123

[Email protected] ceshi.1]# ls-l

Total 0

--wx-wx-wx 1 root root 0 Nov 21 01:45 123

[[Email protected] ceshi.1]# VI 123

[[email protected] ceshi.1]# Cat 123

The file is only write

Here are some of the relevant commands and files about user permissions:


This file contains the user's account information.

[Email protected] ceshi.1]# CAT/ETC/PASSWD


123:x:500:500:centos 6.5:/home/123:/bin/bash

Mysql:x:27:27:mysql Server:/var/lib/mysql:/bin/bash


Dhcpd:x:177:177:dhcp Server:/:/sbin/nologin

Take root as an example the contents of this file also mean

Root: User name.

x: Password placeholder.

0: User ID.

0: Basic group ID.

Root: User name comment information.

/root: The user's home directory.

/bin/bash: User default shell.

Here x is the password placeholder, in fact, the system has a dedicated password file is/etc/shadow, through VI or nano can modify the contents of the file to increase user information.


[Email protected] ceshi.1]# Cat/etc/shadow






Or take the first root as an example

Root: Represents the user name.

$1$: Represents the MD5 encryption.

$PXLwFZXG $: Miscellaneous information that is added to the user's password when the password is encrypted is miscellaneous, which is to prevent the user from the password at the same time

$3QMZSG0FC1KGGBSWXBXTU1: User-encrypted password

17126: The number of days from 1970 to the last password modification.

0: Minimum password usage time.

99999: Maximum password usage time.


The user's group information is stored in the/etc/group.

[Email protected] ceshi.1]# Cat/etc/group




Or take root as an example, explain the structure of the file.

Root: Group name.

x: Password placeholder.

0: Group ID

0: The following delegates join the reorganized user list.

Most of the actions related to the user are performed in the above three files

A brief talk on Linux user rights related files (the text of the green to deepen the font is a discrepancy between the place, please who see after the generous enlighten)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.