Control of file permissions for Linux systems

1, the meaning of the existence of the right

?? For the security of files or directories.

2, the recognition of rights

?? Ls?-l?file?: Identify file permissions.

?? Ls?-ld?dir?: Identify directory permissions.

3. View and understanding of permissions 3.1 viewing and understanding of file permissions

?? Take File1 's permission as an example:

?? -?rw-r--r--.? 1? Root? Root 0? 03:10? file1
(1)-
?? The file type. The file types are as follows:
?? -?: Normal file
?? d?: Directory
?? L?: Soft link (shortcut)
?? S?:socket (socket)
?? C?: Character device (device that displays characters)
(2) Rw-r--r--.
?? File permissions. File permissions are as follows:
?? R?: Read permissions
?? W?: Write permission
?? X?: Execute Permissions
?? The above file permissions are divided into three parts:
?? rw-part?: Indicates the user (that is, himself) permissions on the operation of the file.
?? The first r--part?: Represents the operation permissions of a group (that is, a member of a team) on the file.
?? The second r--part?: Represents the Operation permissions of other (that is, others) on the file.
(3) 1
?? The number of hard links in the file and the number of times the file was recorded.
(4) First root
?? Represents the owner of a file
(5) A second root
?? Represents a file owning group
(6) 0
?? Indicates file size
(7) 16 03:10
?? Indicates the last time the file was modified.
(8) File1
?? The file name.

3.2 Viewing and understanding of directory permissions

?? Take Westos's permission as an example:

?? D?rwxr-xr-x.? 2?root?root? 48? 03:11?westos
(1)-D
?? The directory type.
(2) Rwxr-xr-x.
?? Directory permissions. File permissions are as follows:
?? R?: Read permissions
?? W?: Write permission
?? X?: Execute Permissions
?? The above directory permissions are divided into three parts:
?? RWX part?: Represents the user (that is, i) Operation permissions on the directory.
?? The first R-x part?: Represents the operation permissions of a group (that is, a member of a team) on the directory.
?? The second R-x part?: Represents the Operation permissions of other (that is, other people) on the directory.
(3) 2
?? Represents the number of subdirectories in a directory.
(4) First root
?? Represents the directory Owner
(5) A second root
?? Represents a catalog owning group
(6) 48
?? Sub-file or subdirectory meta-data size
(7) 16 03:11
?? Represents the last time the directory was modified.
(8) Westos
?? The directory name.

4. Modify users and user groups

?? This command must be performed by the root user.

4.1chown?username?file|dir

Change the owner of the File|dir. , change the file owner from root to Bighead:

4.2CHOWN?-R?USERNAME?DIR4.3CHOWN?USERNAME:GROUP?FILE|DIR4.4CHGRP?GROUP?FILE|DIR4.5CHGRP?-R?GROUP5, file permissions 5.1 permissions function

(1) r (Read)
To file: Whether you can view the characters in the file.
For directories: Whether you can see what files are in the directory.
(2) w (write)
On file: whether the characters recorded in the file can be changed.
For directories: Whether you can manage files in the directory, whether you can change the metadata in the directory.
(3) x (execution)
To file: whether the program that is logged in the file can be called by name.
To directory: whether this directory can be entered.

5.2 Rights Management

(1) Character form (not commonly used)
chmod <u|g|o><+|-|=><r|w|x> File|dir
(2) Digital form Common
The number of permissions corresponds to the following:
R:4
W:2
X:1
Rwx:7 (4+2+1)
rw-: 6 (4+2)
R-x: 5 (4+1)
r--: 4 (4)
-wx:3 (2+1)
-w-: 2 (2)
--x:1 (1)

6. Permissions List

If there is a "+" after the file permission (for example: rw-r--r--+), the permission list is turned on.

6.1 Viewing file permissions

Command: Getfacl file name | directory name
For example, to view file File1 permissions:

which
#file: file1: File name
#owner: Root: File owner
#group: tcpdump: All groups of files
user::rw-: User Rights
group::r--: Group Permissions
other::r--: Other people permissions
In addition to the above six items in the permissions list, there are two more common:
USER:KIOSK:RWX: Special specified user rights
MASK::RWX: Maximum permission value

6.2 Setting File Permissions

(1) setfacl-m u:uername:rwx file
Sets the user rights in the list.

(2) Setfacl-x u:uername file
Deletes the specified user from the list.

(3) Setfacl-b file
Close the permissions list.

Control of file permissions for Linux systems