last learned to organize the basic operation of the Linux documentation, today we learn the permissions under Linux:
1. Permissions for files or directories chmod:
Chmod is mainly used to modify the permissions of files and directories, the main parameters:-R (Cascade modified subordinate directory).
1. How do we check the permissions of this directory or file:
[Email protected] ~]# ls-l
Total Dosage 136
Drwxr-xr-x 2 root root 64 October 15:28 1 #rwx为所属主:r-x belongs to group :r-x for other :
-rw-r--r-- 1 root root 841 October 17:31 1.txt
Drwxr-xr-x 2 root root 6 October 25 17:36 2
-rw-r--r-- 1 root root 0 October 24 15:28 22
As mentioned above: the second to tenth bits of the first part are in three-bit groups: 11th bit (.) is SELinux (it is only added when SELinux is open.)
Owner #文件的拥有者: The person who created the file/directory:
Owning group #文件的所属组: the group where the user who created the file/directory is located:
(Other) #其他外来人员:
1.2 How do we add permissions to directories and files: Generally there are two ways (the result of the operation is the same)
The permissions for the rwx in are represented by numbers as follows:
r===4 # represents a readable permission: view this file: Then the file can be read:
w===2 # indicates writable permissions: You can write to the file: it means that the file can be written:
x===1 # indicates an executable permission : This directory can be opened, which means that the directory is executable:
1,chmod 777 Filename/dir by Digital Way to add: the following:
[[email protected] ~]# chmod 777 1.txt #给文件添加777 (readable writable executable) permissions: [[email protected] ~]# chmod 777 1 #给目录也添加777权限: [ [Email protected] ~]# ls-ldrwxrwxrwx 2 root root 64 October 15:28 1 #此文件对主 (group) Other: readable writable executable:-rwxrwxrwx 1 root root 841 October 17:31 1.txt
2,chmod u=rwx,g=rw,o=rx filename/dir #u表示主, G for group, O for other: a= all:
[[email protected] ~]# chmod u=rwx,g=rw,o=rx 1.txt[[email protected] ~]# chmod u=rwx,g=rw,o=rx 1[[email protected] ~]# ls -ldrwxrw-r-x 2 root root 64 October 15:28 1-rwxrw-r-x 1 root root 841 October 17:31 1.txt
Of course: You can also increase or decrease the permissions by +-= #加号表示增加权限, minus means reduce permission, equals equals permission: chmod u-r 1
[Email protected] ~]# chmod u-r,g+w,o-x 1.txt #分别减去u权限和加上g的权限: [[email protected] ~]# chmod u-r 1[[email protected] ~]# Ls-ld-wxrwwr-x 2 root root 64 October 15:28 1--wxr--r--1 root root 841 October 17:31 1.txt
1.3 chmod also has one parameter:-r: Indicates cascading options: The permissions for all files/directories in this directory are changed:
Chmod-r Filename/dir
[[email protected] ~]# chmod-r 777 1 #权限级联下面文件 [[email protected] ~]# ls-l 1-rwxrwxrwx 1 root root 0 October 24 15:28 1 1 #目录下文件的权限已改变:-rwxrwxrwx 1 root root 0 October 18:08 1.txt #目录下目录的权限已改变:
1.4 Since permissions can be represented by numbers, how are permissions defined: Umask values:
[Email protected] ~]# umask #查看umask的值:
0022
We will find that the permissions for normal files or directories are different: This is because the Umask value is defined: And the Umask value can be modified:
[[email protected] yuan]# ls-la-rw-r--r--1 root root 0 October 18:53 1.txt #文件的权限为644. drwxr-xr-x 2 root root 6 October 18:53 dir #目录的权限为755.
This is because the file does not need to execute permissions: While the directory requires: Enter a directory = = to execute this directory:
So the permissions of the file are calculated:
666-022 644 #文本不需要执行权限
(rw-rw-rw-)-(----w--w-) = (rw-r--r--)
Permissions calculation for the directory:
777-022 755 #目录需要执行权限
(rwxrwxrwx)-(----w--w-) = (rwxrw-rw-)
However, it is easy to get the wrong error in the way of subtracting numbers:
For example, if we set the Umask value to 003, then the file's permission should be 664, minus 603, so this method is not recommended:
2. Change the owner of the file and the owning group: chown
Chown is primarily used to modify the owner and owning group of a file: main parameters:-R
2.1 So how do we see the owner and the group that owns the file/directory:
[Email protected] ~]# ls-l
Total Dosage 136
drw-r--r--2 root root 90 October 25 18:08 1
-rw-r--r--1 root root 841 October 17:31 1.txt
As mentioned above: the third part of the root represents the owner, and the Forth section indicates the owning group:
Creator and owner of the owner (Root) # file:
the group where the owning Group (root) # file belongs:
2.2 How do we change the owner and the owning group to the file/directory:
Chown username:Group Filename/dir
[Email protected] ~]# chown yuanhh 1 #表示修改目录1的所属主为yuanhh. [Email protected] ~]# CHOWN:YUANHH 1 #表示修改目录1的所属组为yuanhh. [Email protected] ~]# chown yuanhh:yuanhh 1.txt #表示同时修改1. txt's owner and owning group: [[email protected] ~]# ls-ldrw-r--r--2 yuanhh YUANHH 90 October 18:08 1 #查看目录1.-rw-r--r--1 yuanhh yuanhh 841 October 17:31 1.txt #查看文件1. txt.
2.3 At this point, Chown also has a parameter:-r: Indicates a cascading option: The permissions for all files/directories in this directory are changed (mainly for the directory):
Chown-r username:Group 1 #修改1目录的主和组 (also modifies directories and files under it).
[Email protected] ~]# chown-r yuanhh:root 1 #同时修改目录1的所属主和所属组: [[email protected] ~]# ls-l 1-rwxrwxrwx 1 yuanhh Root 0 October 15:28 #其下面的目录也发生变化:-rwxrwxrwx 1 yuanhh root 0 October 18:08 1.txt #其下面的文件也发生变化:
3. CHGRP: This command modifies the owning group of the file (as the group that owns the Chown).
CHGRP Group Filename/dir #应用格式
[Email protected] ~]# chgrp yuanhh 2.txt #修改其所属组为yuanhh: [[email protected] ~]# ls-l 2.txt-rw-------1 root yuanhh 4 904 October 17:48 2.txt #已修改:
3.1 At the same time, CHAGR also has cascading parameters, you can directly modify the directory below the file or directory:
Chgrp-r Group 1 #修改目录1, in a cascading way:
[Email protected] ~]# chgrp-r yuanhh 1 #修改目录1, in a cascade way: [[email protected] ~]# ls-l 1-rwxrwxrwx 1 yuanhh yuanhh 0 10 Month 15:28 #-rwxrwxrwx 1 yuanhh yuanhh 0 October 18:08 1.txt #
4, Hidden permissions lsattr/chattr: The parameters are as follows;
-I: When this option is added, the file or directory cannot be deleted, modified, written, etc. (not even the boss root)
-A: After adding this option: can only append, cannot be deleted, modified, and non-root user cannot operate (only increase not minus)
-S: When this option is added: Data is synchronously written to disk: #不常用
-C: Automatic decompression: Automatic decompression when reading files: #不常用
-A: When added, the atime of the file cannot be modified: #不常用
- D : View only the current directory itself: #相当于ls的-D option:
-A: View hidden files: #用法: lsattr-a
- R : View files or directories in the current directory:
4.1 Hidden permissions can protect the security of the file, once set, the file even the root user can not be modified:
Usage 1: chattr +i filename/dir #给文件或目录增加i权限:
[[email protected] ~]# chattr +i 1.txt #给1. txt add i permissions: [[email protected] ~]# rm-fr 1.txt #无法删除文件: RM: Cannot delete " 1.txt ": disallowed operation [[email protected] ~]# echo 1 > 1.txt #无法追加文件内容:-bash:1.txt: Insufficient permissions [[email protected] ~]# chmod 77 7 1.txtchmod: Change permissions for "1.txt": Operation not allowed #无法修改文件权限:
Usage 2: chattr +a filename/dir #给文件或目录增加a权限:
[Email protected] ~]# chattr +a 1.txt #给1. txt add a permission [[email protected] ~]# rm-fr 1.txt #无法删除文件: RM: Unable to delete "1.txt": Operation not allowed [[email protected] ~]# chmod 777 1.txt #无法修改文件权限. chmod: Change permissions for "1.txt": Actions not allowed [[email protected] ~]# echo 1111 >> 1.txt #可以追加文件内容 [[email protected] ~]# TAIL-N1 1.txt1111
4.2 How do we cancel the file permissions:
chattr-a filename/dir #给文件或目录取消a权限:
chattr-i filename/dir #给文件或目录取消i权限:
also supports lsattr-r(also cascading options): Use the following:
lsattr-r +i dir #主要只针对于目录:
View command lsattr: Parameter:-d (Directory itself)-A (hidden file)-R (cascading file or directory)
[[email protected] ~]# lsattr-d 1 #只查看目录1的权限:----i-----------1[[email protected] ~]# lsattr-r 1 #查看目录下面的文 Pieces option:----I---------------i-----------1/yuan
Hidden files:
[Email protected] ~]# lsattr-a/root/#查看隐藏文件:----------------/root/.bash_logout----------------/ROOT/.BASH_PR Ofile
Today we are studying here.
This article is from the "_de blog" blog, be sure to keep this source http://yuanhaohao.blog.51cto.com/7714752/1976123
Day08-linux Permissions