Eighth lesson-first 08_01_facl and users and Linux terminals

Eighth lesson-first 08_01_facl and users and Linux terminals

File system access lists Facl:file access Control list
Use file extension properties to save additional access control permissions
I. Setting commands
Setfacl
-M settings
U:uid:perm
G:gid:perm
-X de-Set Additional access control list
U:uid
G:gid

Set the default Access control list for the directory: any files created in this directory will automatically inherit this access control list from this directory, and the Access control list set for a user
Setfacl
-M settings
D:u:uid:perm
D:g:gid:perm
-X de-Set Additional access control list
D:u:uid
D:g:gid
Setfacl-m U:hadoop:rw-inittab
Setfacl-m G:mygroup:rw-inittab

Setfacl-x U:hadoop
Setfacl-x G:mygroup

Getfacl file
#file: File
#owner: Root
#group: Root
user::rw-
group::r--
other::r--
Getfacl file
#file: File
#owner: Root
#group: Root
user::rw-
user:hadoop:rw-
group::r--
mask::rw-
other::r--
Getfacl file
#file: File
#owner: Root
#group: Root
user::rw-
user:hadoop:rw-
group::r--
group:mygroup:rw-
mask::rw-
other::r--

Two. Access steps

1. Owner->group->other
2. Owner->facl,user->group->facl,group->other

Three. Mask: No matter what permissions you give the user or group, you cannot exceed the permissions of mask
1.mask permissions will vary depending on the user or group permissions you have set, and no more than the mask permission is guaranteed.
2.setfacl--mask Specifies the mask permission for a fixed value, at which point the mask value does not change with the user or group permissions set by Setfacl. That is, the fixed value of the mask, at this time Setfacl set permissions must be less than the value of mask, or the extra permission will be cut off.

Four. When a file with extended attributes (that is, Serfacl) is viewed with ls-l, there is a plus sign at the end
Ls-l
-rw-rwxr--+ root root 1670 Mar 8 Inittab
When a file with a plus sign is copied and archived, the extended attribute represented by the plus sign is not archived. To be treated specially. I'll talk about it later.

Five. Several commands
WhoAmI shows who the user is currently logged into the system

Who shows which users are logged on to the system (SU is not a logged-on user, so it is not displayed)
First second third

用户名       哪个终端登录的   登录时间及登录地址who -r 显示当前运行级别who -h 显示表头

W displays more information than who

Last shows the login history of the current system and the system restart history is viewed/var/log/wtmp
Last-n # Recent # Login Information

LASTB (bad) displays the user's error logon attempt to view the/var/log/btmp
Lastb-n # Recent # Error login information

Lastlog Displays the last successful logon information for each user of the system
Lastlog-u USERNAME Display Recent login information for a specific user

BaseName Show Path base name
Basename/etc/abc/me The result is: Me
BaseName the name of the script, the path and name of the script when executing the script

Mail: Send incoming messages between different users on this computer. Mail exists under home directory mbox below
Q exit
Cat/etc/inintal | Mail-s "How is it?" Root pipe character
Mail-s "How is it?" Root </etc/inittab input redirect

Hostname Displays the host name of the current host
echo $HOSTNAME Environment variables
Hostname www.my.com Modify Host Name
echo $HOSTNAME not changed, or previously, this modification is not valid for this environment variable. The name of the $hostname is displayed at logon.

RANDOM system built-in environment variable, value range [0-32768]
Echo $RANDOM

Linux system random number generator: 2, Entropy pool
/dev/random: After the entropy pool is empty, the user process waits for the entropy pool to fill up. This security
/dev/urandom: The entropy pool is empty after the software simulation does not block the user process. This is useful

Six. Terminal type: The terminal is a physical device and must be connected to a hardware

Console console, directly attached to the host (the Linux installed machine) of the monitor and keyboard, the console is not a terminal, it just can directly connected to your hardware device a display interface. is usually a combination of hardware and software.
Pty Physical terminals (VGA card graphics), usually also console does not differentiate. The console is the physical terminal, the physical terminal is the console
tty# Virtual Terminal (VGA card graphics), attached to a physical terminal
ttys# Serial Terminal
pts/n pseudo-terminal, simulated, false.

Eighth lesson-first 08_01_facl and users and Linux terminals