CentOS System Management

CentOS System Management _ Basic authority and attribution of the detailed

Linux System Management _ Basic permissions and Attribution-redhat Enterprise 5

Files and directories are the most important in Linux systems, often use the root user login system may not feel, once the use of ordinary users, you will find the right this is a difficult problem, the recent period of time in learning about files and directory permissions, think about, you can from these four aspects to sum up:

A basic authority and attribution relationship

Second, file and directory permissions

Third, the permissions of the set: Chmod,umask,mkdir-m

Iv. owners and groups of files and directories: CHOWN,CHGRP

Extended:

Linux System Management _ Additional control rights:

Linux System Administration _ Users and groups of users:

Linux System Management _acl access control:

One: basic competencies and attribution relationships

1, access rights:

-read: Allow viewing of content-read

-Write: Allow modification of content-write

-Executable: Allow to run and switch-excute

Note: Executable permissions for the directory, the corresponding location has x permissions, meaning whether access to the directory;

For a file, there is x permission, meaning that the file can be executed, such as the permissions of the owner of the Program (command) have X permission.

2, attribution relationship:

-Owner: User with this file or directory-user

-Genus Group: group-group with this file or directory

-Other users:-other other than the owner, group

Final permissions: access rights and attribution relationships determine final permissions

Second: Permissions for files and directories

[root@localhost/]# ll-d/etc/passwd/boot/

drwxr-xr-x4rootroot1024 2013-07-10/boot///directory

-rw-r--r--1rootroot 1681 02-17 10:23/etc/passwd//File

1 2 3 4 5 6 7 8

The first paragraph: D represents the target as a directory,-the target bit file is represented

Second paragraph: rwxr-xr-x: permission bits for files and directories

Note: A total of nine digits, the first three are user (owner) permissions, the middle three are Group (group) permissions, and the last three are other (other users) permissions.

where r is marked with a number of 4,w for 2,x 1

The third paragraph: for the file, the number of hard links;

For a directory, how many directories are in the directory, including hidden directories. and ".."

Fourth paragraph: Owner of the file or directory

Fifth paragraph: for the owning group

Sixth: The size of the file, by default the unit is bit (bytes)

Seventh paragraph: The time for the last modification

Eighth paragraph: Name of file or directory

Three: Set basic permissions: Chmod, Umask and Mkdir-m

1,chmod command

-Format: chmod [Ugoa] [+-=][rwx] File/directory

chmod [nnn] File/directory (n represents a digital form of permissions)

Common options:-r: Recursively Change permissions

--reference=: To specify a file or directory template (this is not important)

Example:

1, modify the related properties of desktop, respectively, using character permissions and digital permissions to set

[root@localhost ~] #ll-D desktop/

Drwxr-xr-x 3 rootroot 4096 02-16 03:40 desktop/

[root@localhost ~] #chmod g+w,o-rx desktop/

[root@localhost ~] #ll-D desktop/

DRWXRWX---3 rootroot 4096 02-16 03:40 desktop/

[root@localhost ~] #chmod 755 desktop/

[root@localhost ~] #ll-D desktop/

Drwxr-xr-x 3 rootroot 4096 02-16 03:40 desktop/

2, create an executable file and give the owner X permission

[root@localhost ~] #echo "echo Hello World" > test.sh

[root@localhost ~] #ll-lh test.sh

-rw-r--r--1 rootroot 02-18 21:12 test.sh

[Root@localhost ~]# chmod +x test.sh//+x Add this permission to the owner by default

[root@localhost ~] #ll-lh test.sh

-rwxr-xr-x 1 rootroot 02-18 21:12 test.sh

[Root@localhost ~]#./test.sh

Hello World

[Root@localhost ~]#

2,umask command: Default permissions for new files or directories

-General file default does not give X Execute permissions

-Other depending on umask settings

The-umask value can be set (for temporary, umask 0027 is umask value is set to 0027 and can be viewed using umask)

Note 1: Because the file does not give x permissions by default, the maximum permission to create a new file is 666, and the maximum permission to create a directory is 777.

Note 2:umask The default value is 022 (----w--W-), which means:

When you create a new file, the default permissions are:

For the RW-RW-RW-and----W--w--the difference, that is rw-r--R--; that is 644 (note: cannot use 777 or 666 minus 022)

When you create a new directory, the default permissions are:

For the rwx rwx rwx and----W--w--the difference, that is, rwx r-x r-x; that is 755.

Example:

[Root@localhost ~]# Umask

0022

[Root@localhost ~]# mkdir MULU1

[Root@localhost ~]# Touch File1.txt

[Root@localhost ~]# ll-d Mulu1/file1.txt

-rw-r--r--1 root root 0 02-18 21:22 file1.txt//Default file permissions are 644

drwxr-xr-x2 root root 4096 02-18 21:21 mulu1///default directory permissions are 755

[Root@localhost ~]# umask 0027//Set umask value to 0027

[Root@localhost ~]# Umask

0027//Modified after the umask value of 0027

[Root@localhost ~]# mkdir MULU2//Modify Umask value to create the directory again

[Root@localhost ~]# Touch File2.txt//Modify Umask value to create file again

[Root@localhost ~]# ll-d Mulu2/file2.txt

-rw-r-----1 Root 0 02-18 21:28 file2.txt

Drwxr-x---2 root root 4096 02-18 21:28 mulu2/

[Root@localhost ~]#

You can see that after the Umask value is set to 0027, other users will no longer have any permissions on the directories and files that are created.

3,mkdir-m

mkdir to create a directory, the-m parameter can directly specify the permissions that will be created for the directory

Mkdir

Iv. owners and groups of files and directories: CHOWN,CHGRP

1,chown: Setting a file or directory's attribution relationship

-Format: Chown The owner of the main file or directory//modify file or directory

Chown: Group files or directories//modifying files or directories to which they belong

Chown: Group file or directory//modify file or directory owner and owning group

-R option: Recursively Modify permissions

--reference option: To specify a directory or file as a template (for understanding)

Example:

First modify the permissions of the File1.txt

Then modify the permissions owner and the owning user group of the File2.txt file with File1.txt for the template.

[Root@localhost ~]# Touch File1.txt

[Root@localhost ~]# Touch File2.txt

[Root@localhost ~]# ll file*

-rw-r--r--1 Rootroot 0 02-18 21:43 file1.txt

-rw-r--r--1 Rootroot 0 02-18 21:43 file2.txt

[Root@localhost ~]# Useradd user1

[Root@localhost ~]# chown user1:user1 file1.txt//Modify File1.txt owner for User1

Owning Group is User1

[Root@localhost ~]# ll file*

-rw-r--r--1 User1user1 0 02-18 21:43 file1.txt

-rw-r--r--1root Root 0 02-18 21:43 file2.txt

[Root@localhost ~]# chown--reference file1.txt file2.txt will replicate the properties of//file2.txt

[Root@localhost ~]# ll file*

-rw-r--r--1 User1 user1 0 02-18 21:43 file1.txt

-rw-r--r--1 User1 user1 0 02-18 21:43//owner and owning group for and

File1.txt the same

2,CHGRP: Set the group to which the file or directory belongs

CHGRP Group files or directories: Modifying the group to which a file or directory is a member

Note: equivalent to Chown: Group file or directory

[Root@localhost ~]# ll file*

-rw-r--r--1 User1 user1 0 02-18 21:43 file1.txt

-rw-r--r--1 User1 user1 0 02-18 21:43 file2.txt

[root@localhost ~]# chgrp root file1.txt file2.txt//modification of file1 and file2 owners

[Root@localhost ~]# ll file*

-rw-r--r--1 user1 root 0 02-18 21:43 file1.txt//owner into root

-rw-r--r--1 user1 root 0 02-18 21:43 file2.txt//owner changed to root

[Root@localhost ~]#

Summarize:

Chmod,chown,chgrp these three commands although few parameters, but always easy to confuse, but with more, with the proficiency can be remembered, chmod modified is the permissions, Chown modified by the user and the group, CHGRP modify the group.

The most needed attention is the setting of the value of the Umask, the default permissions when creating new files and folders!