In the end of the second phase of the Canton Fair Internship, and ushered in a few days of leisure, continue to learn Linux. In the previous essay on Linux learning CentOS (17)--some important commands related to Linux file and directory management, ① has documented some important commands related to Linux file and directory management, including directories and path-related commands (CD, PWD, mkdir, RmDir etc.), manage files and directories commands (LS, CP, RM, MV, etc.), view the file Contents command (cat, more, less, etc.), in this essay, continue to record in detail some other important commands related to Linux file and directory management.
First, modify the file time and create a new file
In the previous essay introduction to the LS command, it was mentioned that each file under Linux will record 3 major modification times:
- modification Time (mtime): When the file's content data changes, it will be updated! Content data refers to the contents of a file, not the attributes or permissions of a file!
- status Time (CTime): When the status of the file changes, it will be updated, such as if the permissions and properties have been changed, it will be updated.
- access Time (atime): When the contents of the file are modified , the Read times (access) are updated. For example, if we use cat to read/etc/passwd, we will upgrade the atime of the file.
[Email protected] ~]# ls-l/etc/passwd-rw-r--r--. 1 root root 2679 April 6 14:05/etc/passwd[[email protected] ~]# ls-l--time=atime/etc/passwd-rw-r--r--. 1 root root 26 79 April 20:56/etc/passwd[[email protected] ~]# ls-l--time=ctime/etc/passwd-rw-r--r--. 1 root root 2679 April 21 20:38/etc/passwd
By default, LS displays the file's Mtime, which is the time the content of this file was last changed.
In a Linux system, the time of the file is very important, because if the file time is misjudged, it may cause some programs to not run smoothly. However, in case we find that a file is in a wrong time, such as time becomes a certain time in the future (this happens when we install the Linux system), how do we change the time of the file to "Now" normal time? Here is to use this essay to introduce the first command of the--touch command.
1. Touch Command (modify file time and create new file)
[[email protected] ~]# touch [-ACDMT] file options and Parameters: -A: Revise only access time;-c : Only when the file is modified, if the file does not exist, do not create a new file;-D : You can follow the date you want to revise instead of the current date, or you can use--date= "date or time"-M : Modify only mtime;-T : The time after which you want to revise it instead of the current time, in the format [YYMMDDHHMM]
Let's take a look at a few examples of how these parameters of the touch command are used:
Example one: Create a new empty file [[email protected] ~]# Cd/home/[[email protected] home]# touch Test.txt[[email protected] home]# ls-l test.t Xt-rw-r--r--. 1 root root 0 April 22:07 test.txt# Note that the size of this file is 0! In the default state, if the touch is followed by a file, # three time (atime/ctime/mtime) of the file will be updated to the current time. If the file does not exist, # will be the active creation of a new empty file!! Example two: Copy ~/.BASHRC to BASHRC, assume copy full attribute, check its date [[email protected] home]# cp-a ~/.BASHRC bashrc[[email protected] home]# ls-l Bashrc-rw-r--r--. 1 root root 177 April 8 22:43 BASHRC <== This is mtime[[email protected] home]# ls-l--time=atime bashrc-rw-r--r--. 1 root root 177 April 21:48 BASHRC <== This is atime[[email protected] home]# ls-l--time=ctime bashrc-rw-r--r--. 1 root root 177 April 22:08 BASHRC <== this is CTime.
Example three: Modify the BASHRC file of the instance two, adjust the date to three days ago
[[email protected] home]# touch-d "3 days Ago" BASHRC
[Email protected] home]# ls-l BASHRC; Ls-l--time=atime BASHRC; Ls-l--time=ctime BASHRC
-rw-r--r--. 1 root root 177 April 22:12 BASHRC <== this is mtime.
-rw-r--r--. 1 root root 177 April 22:12 BASHRC <== this is atime.
-rw-r--r--. 1 root root 177 April 22:12 BASHRC <== this is CTime.
Note that the date changed in Atime and Mtime, but CTime hasn't changed!
Example four: Change the BASHRC date of instance three to 2013/4/24 23:23
[Email protected] home]# touch-t 1304242323 BASHRC
[Email protected] home]# ls-l BASHRC; Ls-l--time=atime BASHRC; Ls-l--time=ctime BASHRC
-rw-r--r--. 1 root root 177 April 23:23 BASHRC <== this is mtime.
-rw-r--r--. 1 root root 177 April 23:23 BASHRC <== this is atime.
-rw-r--r--. 1 root root 177 April 22:11 BASHRC <== this is CTime.
Note that the date changed in both Atime and Mtime, but CTime is the time to record the current!
With the touch command, we can easily change the date and time of the file and create an empty file.
"Note": When we copy a file and copy all the properties of the file, there is no way to change the CTime property of the file. CTime can record when a file has changed state recently. However, the most common concern in the file attributes we see is the mtime of the file, the time when the file was recently modified.
The most common scenarios for touch commands:
- Create an empty file;
- Modify a file date to current (Mtime and Atime)
Ii. default permissions and hidden permissions for files and directories
1.umask (file default permissions)
In the previous essay, we have learned how to create or change the properties of a directory or file. But have we considered the question of what the default permissions are when a new file or directory is created?
This is going to be related to the umask command now being explained. In general, Umask is specifying "the current user's permission defaults when creating a file or directory." So how do we set up umask? First, let's take a look at what the default umask in our system is.
[Email protected] home]# umask0022[[email protected] home]# Umask-su=rwx,g=rx,o=rx
There are two ways to view, one can directly enter the Umask, you can see the number of the configuration of the right to configure the score, one is to join the-s (symbolic) this option, will be the symbol type of the way to display the permissions! The umask shown here has four sets of numbers, the first group is special permission to use, we first ignore him, first look at the following three groups of numbers.
On the properties of the default permissions, the directory is not the same as the file. Because we do not want the file to have executable permissions, by default, the file does not have the Execute (x) permission. So:
- If the user is created as a file , the default "no operational (x) permissions", that is, only the RW two permissions, that is, the maximum of 666 points, the default permissions are as follows: -rw-rw-rw-
- If the user is created as a directory , the default is open for all permissions, which is 777, because X is related to whether it can enter this directory, and the default permissions are as follows: drwxrwxrwx
UMASK Specifies that the default value needs to be lost! " because R, W, X is 4, 2, 1, that is, when you want to take off the permission to write, is to enter 2 points, and if you want to take off the permission to read, that is, 4 points, then to take off the read and write permission, that is 6 points, and to take off the execution and write permission, that is 3 points, if I That's the permission to read and execute! If this is illustrated by the above example, because Umask is 022, the user is not taken away from the attribute, but the properties of group and others are removed 2 (that is, the W attribute), then because when the user:
- When creating the file: (-rw-rw-rw-) – (-----w--w-) ==>-rw-r--r--
- When creating a directory: (DRWXRWXRWX) – (d----w--w-) ==> drwxr-xr-x
We can look at it by example:
[[email protected] home]# Umask0022[[email protected] home]# touch Test1[[email protected] home]# mkdir test2[[email prote CTED] home]# ls--rw-r--r--. 1 root root 0 April 22:29 test1drwxr-xr-x. 2 root root 4096 April 22:29 test2
Therefore, Umask is very much related to the default permissions for files and directories. If we want to write a file with permissions that are-rw-rw-r--permissions, you should change the umask to 002 at this time. For example, the following example:
[[email protected] home]# umask 002//So the default permission for the file is the default other group permissions to take off the Read R permission
[email protected] home]# Touch Test3[[email protected] home]# mkdir test4-rw-rw-r--. 1 root root 0 April 22:37 test3drwxrwxr-x. 2 root root 4096 April 22:37 test4
In the default case, root umask will take away more properties, Root's umask default is 022, which is based on security considerations. As for general identity users, their umask is usually 002, that is, to retain the same group of write power! The configuration of the default Umask can refer to the contents of the/ETC/BASHRC file, but it is not recommended to modify the file.
Second, file hidden properties
We use the Ls-l command to view the information of the file, the general list of file attributes only 9, but the file is a hidden property, hidden properties of the system has a great help, especially the system security, very important.
1.chattr (Set file-hidden properties)
[[email protected] ~]# chattr [+-=][asacdistu] file or directory Name parameter: +: Add a special parameter, other existing parameters will not move. -: Remove a particular parameter, otherwise the original parameter does not move. =: Set a certain, and only the following parameter a: When a This attribute is set, the access time of this file (or directory) Atime (access) will not be modified, to avoid such as portable computer prone to disk I/O error occurs! S: This feature is a bit like sync function! is to write data synchronously to disk! Can effectively avoid the data loss! A: After setting a, this file will only add data, not delete it, only root can set this property. C: After this property is set, the file will be "compressed" automatically, when read will be automatically decompressed, but when stored, will be compressed and then stored (it seems to be very useful for large files!) D: When the Dump (Backup) program is executed, setting the D property will make the file (or directory) do not have dump function I: This I can be very powerful! He can make a file "can not be deleted, renamed, set the link can not write or add information!" "It's a great help for system security!" J: When using the Ext3 file system format, setting the J property will cause the file to be recorded in Journal when it is written! However, when the filesystem setting parameter is data=journalled, because the log has been set, so this property is invalid! S: When the file is set to the s parameter, he will be completely removed from the hard disk space. U: In contrast to S, when using U to configure the file case, the data content actually exists in the disk, can be used to undeletion. Note: This property is set above, the more common is a and I set the value, and a lot of settings must be root to be able to set! Example: [[email protected] home]# Touch attrtest
[Email protected] home]# chattr +i attrtest
[Email protected] home]# RM attrtest
RM: Do you want to delete the plain empty file "Attrtest"? Y
RM: Unable to delete "Attrtest": Operation not allowed
# as long as the file is added with the-I attribute, even the root has no way to remove this file!
[Email protected] home]# chattr-i attrtest
This command is important, especially on the data security of the system! Because these properties are hidden properties, you need to use the lsattr command to see the property! Among them, the most important is +i and +a this attribute. +i can make a file unable to be changed, for those who need strong system security, these two attributes are the most important!
2. Lsattr (Show hidden properties of file)
[[email protected] ~]# lsattr [-adr] file or directory options and Parameters:-A: The properties of the hidden file are also lie;-D: If it is a directory, only the properties of the directory itself, not the file name within the directory, and-r: the data along with subdirectories are listed as well!
----IA---J---e-attrtest
After using chattr to set the hidden properties of the file, we can view the hidden properties of the file by lsattr this command.
Third, file special permissions: Suid/sgid/sticky Bit
The important permissions for the files that have been mentioned before are rwx the three read, write, and execute permissions. However, we can look at the permissions of/tmp and/USR/BIN/PASSWD:
[Email protected] home]# ls-ld/tmp; Ls-l/usr/bin/passwd DRWXRWXRWT. Root root 4096 April 21:48/tmp-rwsr-xr-x. 1 root root 30768 February 2012/usr/bin/passwd
Here we can see, in the permissions of/tmp more than a T permission,/usr/bin/passwd the permissions of more than a s permission, what is the reason? This is the Suid/sgid/sticky Bit that is about to be explained at once.
1.SUID (Set UID)
The S and T permissions are created to allow the general user to temporarily have permission to the program owner when executing certain programs. For example, we know that the account and password storage files are actually/etc/passwd and/etc/shadow. And what is the permission to/etc/shadow this file?
[Email protected] home]# ls-l/etc/shadow----------. 1 root root 1407 April 6 14:05/etc/shadow
Is "----------". And his owner is root! In this permission, only the root can be forced to save, the other people are not even look at the way to look!
But we use Xiaoluo this general identity user to update their password, use is/usr/bin/passwd this program, but can update their own password, that is, Xiaoluo this general identity users can access/etc/shadow This password file! But we can also see, obviously/etc/shadow is no xiaoluo can access the rights! So this is the use of the privilege of s! When s this permission in the user's X, that is similar to the table-r-s--x--x, called the Set UID, referred to as SUID, this UID represents the user ID, and the user represents the program (/USR/BIN/PASSWD) Owner (of course, root!). )。 So by the above definition, we know that when xiaoluo this user executes/usr/bin/passwd, he will temporarily get the file owner root permissions.
SUID can only be used on binary files, SUID because the program has the permission of the owner of the file in the process of execution, so he is only available for binary file, not enough in the batch files (Shell script)! This is because the shell script just calls in a lot of binary execution files to execute! So the SUID of the Permissions section, it depends on the shell script call in the program settings, rather than the shell script itself. Of course, SUID is not valid for catalogs, so pay special attention to this. So summarize one thing: Suid can only work on a file, not on the directory.
2.SGID (Set GID)
Further, if S's permission is in group, then it is Set GID, referred to as SGID. Sgid can be used in two ways:
- file : If SGID is set on binary file, the active group (effective group) will become the group owner (group ID) of the program, regardless of the user.
- directories : If SGID is set on the a directory, then the group of files or directories created within that directory will be the group of this a directory!
In general, Sgid is used by project developers in specific multi-person teams and is used less in the system.
3.Sticky Bit
The Sticky Bit is currently only valid for the directory and has no effect on the file. Sbit the role of the Directory is: "In the directory with Sbit, if the user in the directory with W and x permissions, then when the user in this directory to establish a file or directory, only the file owner and Root have the right to delete." In other words: When a user in a directory is a group or other project, and has the permission of W, which means that "a user to the directory of anyone in the catalog or file can be" delete/rename/move "and so on. "However, if a directory is added to the Sticky bit permission item, then a can only be deleted/renamed/moved for the file or directory you have created.
For example, the permissions of our/tmp itself is "DRWXRWXRWT", under such permission content, anyone can add, modify files in/tmp, but only the file/directory creator and Root can delete their own directories or files. This feature is very important!
4. Suid/sgid/sbit permission settings
The above describes the function of Suid and Sgid, then, how to open the file so that it has suid and Sgid permissions? This will require the use of numbers to change permissions in that way. We modify the file's Rwx property with 3 numbers, so if we need to make the file with Suid or Sgid permission, then we will use 4 sets of numbers, that is, the RWX 3 sets of numbers in front of a number on the line.
- 4 for SUID
- 2 for SGID
- 1 for Sticky bit
Suppose we want to change a file property to "-rwsr-xr-x", because S is in the user's right, so it is suid, so our permission command to modify the file should be written as "chmod 4755 filename". Let's look at some examples: ( Note: "Suid is not used in the directory, Sbit is not used on the file")
[email protected] home]# Touch Test[[email protected] home]# chmod 4755 test; Ls-l Test-rwsr-xr-x. 1 root root 0 April 23:16 test[[email protected] home]# chmod 6755 test; Ls-l test-rwsr-sr-x. 1 root root 0 April 25 23:16 Test[[email protected] home]# chmod 1755 test; Ls-l test-rwxr-xr-t. 1 root root 0 April 23:16 test[[email protected] home]# chmod 7666 test; Ls-l test-rwsrwsrwt. 1 root root 0 April 25 23:16 Test
# This example should be noticed! How does it appear in uppercase S and T? It's not all lowercase, is it?
Both S and T are substituted for the x parameter.
# SUID means "The file has permissions to the owner of the file when it is executed", but the file
# The owner is unable to execute, where does the permission for other people to use? So of course it's empty! S, t all in uppercase S, T
4. File type
If we want to know the basic information of a file, for example, it is ASCII or data file, or binary, and there is no use of the dynamic function library (share library) and so on, you can use the file this command to view!
[[Email protected] home]# file ~/.BASHRC
/root/.bashrc:ascii text-->> This is an ASCII file
For Gnu/linux 2.6.18, stripped
With this command, we can easily determine the format of the file.
Third, search documents
The search file feature is a feature that every operating system must have, because we often need to know where a file is placed. In the Linux system, there is also a very good search system, the most familiar should be the find command, but usually find is not very common, because its speed is very slow, consuming hard disk space. Usually we first use the Whereis or the Locate command first to search, if you really can not find, to find to search. Because the Whereis and locate commands use a database to search for data, and do not actually search the hard disk, the speed is quite fast and relatively time-saving.
1.which (Find "Execute File")
[[email protected] ~]# which [-a] command parameter:-A: Lists all the commands that can be found, not just the first found command name [[email protected] ~]# which passwd-->> ; List the first executable file found
/usr/bin/passwd
[[email protected] ~]# which-a tracepath-->> lists all found executables with the same name
/bin/tracepath/usr/sbin/tracepath
This instruction is to search for the file name of the "executable file" according to the path that the "path" environment variable regulates. So, the point is to find "execution file"! And the which is followed by the full file name ! If you add the-a parameter, you can list all executable files that can be found with the same name, rather than just the first one!
2.whereis (looking for a specific file)
[[email protected] ~]# Whereis [-bmsu] file name or directory name parameter: -B: Only binary files are found
-M: Find only files under the manual path of the description file-S : Only source files are found
-U: There are no files for documentation!
[Email protected] ~]# Whereis passwd
passwd:/usr/bin/passwd/etc/passwd/usr/share/man/man1/passwd.1.gz/usr/share/man/man5/passwd.5.gz
# any filenames related to passwd will be listed
[Email protected] ~]# whereis-b passwd
passwd:/usr/bin/passwd/etc/passwd
[Email protected] ~]# whereis-m passwd
passwd:/usr/share/man/man1/passwd.1.gz/usr/share/man/man5/passwd.5.gz
Wait a minute. We will introduce the search command, find is a very powerful search command, but time spent a lot! (Because find is a direct search for the hard drive, it will take more time) this time Whereis is quite useful! In addition, Whereis can add parameters to find the relevant data, for example, if you are looking for an executable file (binary) then add-B to it! For example, if the above example does not add any parameters, then all the passwd data will be listed!
Why is the Whereis command able to search so fast? This is because the Linux system will record all the files in the system in a database file, and when using Whereis or locate, will be the content of this database file, so you will find that when you use these two executable files, you will find the deleted files, And you can't find the latest file you just created! This is because these two commands are searched for files by the results in the database.
3.locate (looking for a specific file)
[Email protected] ~]# Locate Filename[[email protected] ~]# locate passwd/etc/passwd/etc/passwd-/etc/dovecot/conf.d/ Auth-passwdfile.conf.ext/etc/pam.d/passwd/etc/samba/smbpasswd/etc/security/opasswd/etc/sysconfig/ha/web/secure /passwd.php/lib64/security/pam_passwdqc.so/lib64/security/pam_unix_passwd.so/usr/bin/rsa_securid_getpasswd ............... n characters are omitted here!!!!!! .................
Locate is easier to use than Whereis, and you can get results by typing "Part of the file name" directly in the back. For example, in this example, we enter locate passwd, and in the full file name (including the path name), as long as there is passwd, it will be displayed by the search. If you forget the full filename of a file, this is a very handy command for evil.
Locate to search for files is also very fast, because locate and Whereis command is the same from the database to search for files, so than the find command to go directly to the hard disk search speed is much faster.
4.find
[[email protected] ~]# Find [PATH] [option] [action] parameter: 1. Time-related parameters:-atime-N is a number, meaning a file that was accessed by "one day" prior to n days;-ctime N: N is a number, meaning a file that has been turned over in "one day" before the nth day;-mtime N : N is a number, meaning a file that was modification in "one day" prior to n days;-newer File:file is a file that exists, meaning that as long as the file is newer than file, it will be searched for 2. Parameters related to the user or group name:-uid n = = number, this number is the account ID, that is, the UID, which is recorded in the/etc/passwd and the number corresponding to the account name. We will introduce this in the fourth chapter. -gid N # is a number, this number is the ID of the group name, that is, GID, this GID record in/etc/group,
-user Name:name is the user account name! For example, Dmtsai-group Name:name is a group name, such as users;-nouser: The owner of the file does not exist/etc/passwd person! -nogroup: Search for files with a group that does not exist in/etc/group! When you install the software yourself, it is possible that the properties of the software do not have the owner of the file, which is possible! At this time, you can use-nouser and-nogroup to search. 3. Parameters related to file permissions and names:-name filename: Searches for files named filename,-size [+-]size: Searches for files larger than size (+) or small (-). This size has the following specifications: C: Represents Byte, K: 1024bytes. So, to find a larger file than 50KB, is "-size +50k"-type type: Search for the file types, types mainly include: General formal file (f), Device file (b, c), directory (d), link file (l), socket (s), and FIFO (p) properties. -perm Mode: Search file attribute "just equals" mode file, this mode is similar to chmod attribute value, for example,-rwsr-xr-x property is 4755! -perm-mode: Search for file attributes "must all include mode properties" of the file, for example, we want to search-rwxr--r--, that is, 0744 of the file, using-perm-0744, When the property of a file is-rwsr-xr-x, that is, 4755, it is also listed, because the properties of-rwsr-xr-x are already included in the-rwxr--r--attribute. -perm +mode: Search File Property "contains properties of any mode" file, for example, we search -rwxr-xr-x, that is,-perm +755, but a file property is-RW-------will be listed, because he has-rw .... The attribute exists! 4. Additional action:-exec Command:command For other instructions, the-exec can be followed by additional instructions to process the search results. -print: Print the results to the screen, this action is a preset action!
Example one: List of files that have changed content (Mtime) over the last 24 hours in the previous system
[Email protected] ~]#Find/-mtime 0
# that 0 is the point! 0 represents the current time, so, from now on to 24 hours ago,
# files that have changed content will be listed! What if it was three days ago in 24 hours?
# Find/-mtime 3, meaning to say before today's 3*24 ~ 4*24 hours between
# The files that have been changed are all listed! At the same time-atime and-ctime use the same.
We now know Atime, CTime does not mtime meaning, if you want to find out the name of the change in a day, you can use the above example of the practice. But what if I want to find out (filenames that have been changed in 4 days)? That
You can use "find/var-mtime-4". If it was "the Day 4 days ago", use "Find/var-mtime 4". There is no added "+,-" The difference is very big! We can use a simple diagram to represent:
The far right of the graph is the current time, and the farther to the left represents the earlier time axis. By the figure we can clearly know:
- +4 represents a file name greater than or equal to 5 days ago:ex> find/var-mtime +4
- -4 for filenames less than or equal to 4 days:ex> find/var-mtime-4
- 4 is the name of the 4-5 day.:ex> Find/var-mtime 4
Example two: Looking for files under/etc, if the file date is newer than/etc/passwd [[email protected] ~]# find/etc-newer/etc/passwd#-newer used in distinguishing between two files of the old and new relationship is very useful ! Example three: Search for files belonging to Xiaoluo under Home/home [[email protected] ~]# Find/home-user xiaoluo# When we want to find out any of the users in the system of all the files, # can use this command will belong to a user's Find out all the files! Example four: Searching for files that do not belong to anyone in the system
[[email protected] ~]# Find/-nouser# This command makes it easy to find files that are not quite normal. Example five: Find the file named passwd this file
[[email protected] ~]# Find/-name passwd# Use this-name to search for filenames! Example six: Search for files with file attributes f (generic file) [[email protected] ~]# Find/home-type F # This-type property is also useful! Especially to find out those weird files, # such as sockets and FIFO files, you can use Find/var-type p or-type s to find! Example seven: Search for files containing sgid/suid/sbit attributes [[email protected] ~]# Find/-perm +7000 # The so-called 7000 is---s--s--t, so long as it contains s or T is listed, # So when To use +7000, use 7000 to include all three permissions for---s--s--t, instance eight: Use Ls-l to list the files found in the previous example
[[email protected] ~]# Find/-perm +7000-exec ls-l {} \;# notice that the-exec behind Ls-l is an extra instruction, # and that {} stands for "content found by find" ~ So,-exec ls-l {}# is the file to be found earlier to Ls-l list Long data! As for \; Is the meaning of the-exec instruction. This means that the whole instruction is actually only in the #-exec (inside is the command to release) \;# that is,-exec must finally take \; It's done!
Example nine: Find files larger than 1MB in the system [[email protected] ~]# Find/-size +1000k
If you want to find a file, using the Find command is a good choice, it can be based on different parameters to give the search function of the file! For example, if you are looking for a file named httpd.conf, you know it should be under/etc, then you can use "Find/etc-name httpd.conf"! So if you remember a file name containing httpd, but do not know the full name?! Then use the wildcard * bar, as above: "Find/etc-name ' *httpd* '" can be the file name contains httpd files are listed! However, since find finds data, it consumes the hard drive! So generally we first search by Whereis or locate command.
CentOS (10)--some important commands related to Linux file and directory management ②