CentOS system management_basic permissions and ownership

Linux System Administrator _ basic permissions and ownership-RedhatEnterprise5

Files And Directories are the most important in linux systems. It is often difficult to log on to the system as a root user. Once you use a common user, you will find that the permission is very tricky, recently I have been learning about the permissions on files and directories. I have thought about these four aspects:

1. Basic permissions and ownership

2. file and directory permissions

3. permission settings: chmod, umask, mkdir-m

4. owner and group of files and directories: chown and chgrp

Extension:

Linux System Administrator _ additional control permissions:

Linux system management_user and user group: http://www.centoscn.com/CentOS/help/2014/0220/2416.html

Linux _ ACL access control:

I. Basic permissions and ownership

1. Access Permissions:

-Read: allows you to view the content.-read

-Write: allowed to modify content-write

-Executable: Allow running and switching-excute

Note: For a directory, the corresponding location has the x permission, indicating whether the directory can be accessed;

For an object, the x permission indicates that the object can be executed. For example, the owner permission of a program (command) has the x permission.

2. Attribution relationship:

-Owner: user who owns the file or directory-user

-Group: group that owns the file or directory

-Other users: users other than the owner and group-other

Final permission: the access permission and ownership jointly determine the final permission

Ii. file and directory permissions

[Root @ localhost/] # ll-d/etc/passwd/boot/

Drwxr-xr-x4rootroot10242013-07-10/boot // directory

-Rw-r -- 1rootroot168102-1710: 23/etc/passwd // File

12345678

Section 1: d indicates that the target is a directory.-indicates the target file.

Section 2: rwxr-xr-x: Permission bit for files and directories

Note: There are nine digits in total. The first three are the user (owner) permissions, the middle three are the group permissions, and the last three are the other (other users) permissions.

Here, r is marked as 4, w is 2, and x is 1.

Section 3: Number of hard links for files;

The number of directories in the directory, including the hidden directories "." and ".".

Section 4: owner, that is, the owner of a file or directory

Section 5: Group

Section 6: file size. The default unit is bit (bytes)

Segment 7: The last modification time

Section 8: name of a file or directory

3. Set basic permissions: chmod, umask, and mkdir-m.

1. chmod command

-Format: chmod [ugoa] [+-=] [rwx] File/directory

Chmod [nnn] File/directory (n indicates the number of permissions)

Common options:-R: recursively changing Permissions

-- Reference =: Use a specified file or directory as a template (this is not important)

Example:

1. Modify the relevant properties of the Desktop, and use the character permission and numerical permission to set them respectively.

[Root @ localhost ~] # Ll-dDesktop/

Drwxr-xr-x3rootroot409602-1603: 40 Desktop/

[Root @ localhost ~] # Chmodg + w, o-rxDesktop/

[Root @ localhost ~] # Ll-dDesktop/

Drwxrwx --- 3rootroot409602-1603: 40 Desktop/

[Root @ localhost ~] # Chmod755Desktop/

[Root @ localhost ~] # Ll-dDesktop/

Drwxr-xr-x3rootroot409602-1603: 40 Desktop/

2. Create an executable file and grant the owner x the permission.

[Root @ localhost ~] # Echo "echoHelloWorld"> test. sh

[Root @ localhost ~] # Ll-lhtest.sh

-Rw-r -- 1rootroot1702-1821: 12test. sh

[Root @ localhost ~] # Chmod + xtest. sh // + x this permission is added to the owner by default.

[Root @ localhost ~] # Ll-lhtest.sh

-Rwxr-xr-x1rootroot1702-1821: 12test. sh

[Root @ localhost ~] #./Test. sh

HelloWorld

[Root @ localhost ~] #

2. umask command: default permission for creating a file or directory

-By default, normal files do not grant x execution permissions.

-Others depend on umask settings

-Umask value can be set (for temporary use, umask0027 indicates that umask value is set to 0027, which can be viewed using umask)

Note 1: because the file does not grant the x permission by default, the maximum permission for creating a new file is 666, and the maximum permission for creating a directory is 777.

NOTE 2: umask defaults to 022 (---- w -- w-), that is:

The default permission for creating a file is:

It is the difference between rw-and ---- w -- w-, that is, rw-r --; that is, 644 (Note: 777 or 666 minus 022 cannot be used)

The default permission for creating a directory is:

It is the difference between rwxrwxrwx and ---- w -- w-, that is, rwxr-xr-x; that is, 755

Example:

[Root @ localhost ~] # Umask

0022

[Root @ localhost ~] # Mkdirmulu1

[Root @ localhost ~] #Touchfile1.txt

[Root @ localhost ~] # Ll-dmulu1/file1.txt

-Rw-r -- 1rootroot002-1821: 22file1.txt // The default file permission is 644.

Drwxr-xr-x2rootroot409602-1821: 21mulu1 // default directory permission is 755

[Root @ localhost ~] # Umask0027 // set umask to 0027

[Root @ localhost ~] # Umask

0027 // after modification, the umask value is 0027

[Root @ localhost ~] # Mkdirmulu2 // modify the umask value and create a directory again

[Root @ localhost ~] #Touchfile2.txt // modify the umask value and create a file again

[Root @ localhost ~] # Ll-dmulu2/file2.txt

-Rw-r ----- 1rootroot002-1821: 28file2.txt

Drwxr-x --- 2rootroot409602-1821: 28mulu2/

[Root @ localhost ~] #

You can see that after umask is set to 0027, the other user will no longer have any permissions for the Created directory and file.

3, mkdir-m

Mkdir is used to create a directory. The-m parameter can be used to directly specify the permission to create a directory.

Mkdir

4. owner and group of files and directories: chown and chgrp

1. chown: Set the ownership of a file or directory

-Format: chown is the owner of the main file or directory. // modify the owner of the file or directory.

Chown: group file or directory // modify the group to which the file or directory belongs

Chown owner: group file or directory // modify the owner and group of the file or directory

-R option: recursively Modify permissions

-- Reference option: Use a specified directory or file as a template (for more information)

Example:

First, modify the permissions of file1.txt.

Then, use file1.txtas the template to modify the permission owner and user group of the file2.txt file.

[Root @ localhost ~] #Touchfile1.txt

[Root @ localhost ~] #Touchfile2.txt

[Root @ localhost ~] # Llfile *

-Rw-r -- 1rootroot002-1821: 43file1.txt

-Rw-r -- 1rootroot002-1821: 43file2.txt

[Root @ localhost ~] # Useradduser1

[Root @ localhost ~] # Chownuser1: user1file1.txt // modify file1.txt. The owner is user1.

// The group is user1.

[Root @ localhost ~] # Llfile *

-Rw-r -- 1user1user1002-1821: 43file1.txt

-Rw-r -- 1rootroot002-1821: 43file2.txt

[Root @ localhost ~] #Chown--referencefile1.txtfile2.txt // file2.txt copies the attributes of file1.txt.

[Root @ localhost ~] # Llfile *

-Rw-r -- 1user1user1002-1821: 43file1.txt

-Rw-r -- 1user1user1002-1821: 43file2.txt // The owner and group are

// Same as file1.txt

2. chgrp: Set the group to which the file or directory belongs.

Chgrp group file or directory: the group to which the file or directory is modified

Note: similar to chown: group file or directory

[Root @ localhost ~] # Llfile *

-Rw-r -- 1user1user1002-1821: 43file1.txt

-Rw-r -- 1user1user1002-1821: 43file2.txt

[Root @ localhost ~] #Chgrprootfile1.txtfile2.txt // modify the owner of file1 and file2

[Root @ localhost ~] # Llfile *

-Rw-r -- 1user1root002-1821: 43file1.txt // The owner is changed to root.

-Rw-r -- 1user1root002-1821: 43file2.txt // The owner is changed to root.

[Root @ localhost ~] #

Summary:

Although the three commands chmod, chown, and chgrp have few parameters, they are always easy to mix up. However, if they are used more frequently, you can remember that chmod modifies permissions, chown modifies the user and group, and chgrp modifies the group.

Note the setting of umask values and default permissions for creating files and folders!