Five big permissions:
Ugo Permissions、
SetUID SetGID Sticky、
ACL Permissions、
chattr(Permissions at the file system level),
SELINUX ====================== file attributes and Ugo permissions ==================================ls-l list The properties of a file linux file types include the following six kinds:- Normal file d directory file l link file B block type device file block device file C character type device file s socket file network type file P pipe type file ugo permissions u represent users owned G for group-owned groups O represents Othersa on behalf of all, including the meaning of ugo rwx r delegate Read permission W for write permissions x for file: R stands for the ability to view the contents of the file using the Cat commands, W represents the ability to add/remove/Modify the contents of the file, X means that the file can be executed. For Table of Contents: R means that you can use the LS command to list the file name under the directory, in order to see the details of the file, you need to combine the X permission. The W represents the table where you can create/delete files and subdirectories, or modify the file names to use with X. X means you can enter the directory. r=4 w=2 x=1 How to view file types? Permissions for two ls-l or file folders x rep can CD in Rx delegate can CD in LS ls-lwx represent can CD LS touch RM vi own files and Other people's files Wxt can only edit their own files CD Touch vi chmod modify file Ugo permissions chmod Ugoa +-= rwx command way: chmod o+w file1chmod g-w file 1chmod o=---file1chmod a=rw file1chmod-r recursive modified file Ugo permissions chmod 644 File1 chownchown Sherk achown shrek.ttt bchown Shrek: TTT Bchown-rchown. tttchgrp ttt r4 w2 X1 files in the ext2 ext3 file system exist in Inode + block mode, Inode saves the file's properties stat fileName can be used to check the inode umask of a file
umask default permissions for user-created files and directories。 Root user 022 (default) normal user 002 (default) file maximum permissions 666, directory maximum permissions 777. Umask Direct Enter to view the Umask value of the current user.
Setting the Umask value(1) Umask number can temporarily modify the Umask value of the current user. ~/.BASHRC add umask number to permanently modify the user's Umask value (2) vim ~/.BASHRC Permanent/ETC/BASHRC is a system-level configuration VIM/ETC/BASHRC (global configuration) Generally not ======================suid sgid sticky=============================suid function on binary executable program, let anyone in the execution of this two Temporarily owns the permissions of the file owner when the executable program is in process. Setting: chmod u+s filename, such as the passwd executable, is the permission sgid on binary executables, and anyone who temporarily owns the permissions of the user within the group to which the file belongs when executing the binary executable program. Role in the directory, anyone who creates a file in this directory belongs to the group that inherits the directory. Setting mode: chmod g+s filename/dirnamesticky function on the directory. Anyone can create files in this directory, but they can only delete or modify their own files, can not delete other user-created files, only the owner of this directory can delete all files in the directory, to achieve dynamic balance. Setup mode: chmod +t dirnamesuid=4 sgid=2 sticky=1chmod 1777 filechmod 7777 file ======================acl permissions ============ ================= access Control list ACL permissions are supplemental permissions for UGO permissions, Ugo can control up to three types of users, and ACLs can set permissions on individual users and individual groups. Getfacl filename View ACL permissions for a file setfacl-m u:usename:rwx file1 set ACL permissions for a specific user setfacl-m g:groupname:r-x File1 set ACL permissions for a single group setfacl-m m: Permission sets the mask value, which specifies the maximum permissions that the remaining users can have except user and others. ^csetfacl-x u:username finame Delete an ACL entry ^csetfacl-x g:groupname filenamesetfacl-x m filEnamesetfacl-b filename Clears the entire ACL list  ACL permissions are typically used with Linux and Windows, because Windows General permissions are ls for individual users drwxrwxr-x+ 2 Root root 4096 Feb 5 17:08 aclfile ===================== =attr Permissions =========================== Special permissions for special users lsattr file1 view chattr +i filename Anyone cannot modify the file chattr-i filename Applies to important files to prevent accidental deletion ch attr +a can only append files, can not change the original chattr-a filename for log file +a file timestamp is not updated for large access files is the +i and +a help document man Chattr View the properties of a file Lsfilelsattrstatgetfacl
Five permissions: Ugo permissions, SetUID SetGID Sticky, ACL permissions, chattr (file system-level permissions), SELINUX
