We already know the importance of file permissions for the security of the system, and also know the relationship between file permissions and users and user groups, then, how to modify the permissions of the file? How many file permissions can we modify? In fact, a file has a lot of permissions. Let's start with a few simple examples: User groups, owners, permissions for various identities, and so on.
chgrp: Change the user group to which the file belongs.
chown: Change the owner of the document.
chmod: Change the properties of the file, suid and so on.
change the owning user group, CHGRP
The user group that changed the file is simple, just use CHGRP, which is the abbreviation for Change group (changing the user group). It's good to remember. However, keep in mind that the name of the user group to be changed must exist in the/etc/group, or an error will be displayed.
Suppose you log into FC4 as root, and you have a Install.log file in your home directory, how do you change the user group for that file? Suppose you already know that there is already a user group named users in/etc/group, but, testing this user group name does not exist in/etc/group, at this time change user composition for users and testing, what will happen? [Root@linux ~]# Chgrp [-r] Dirname/filename ...
Parameters:
-r: Continuous changes to recursive (recursive), that is, all files, directories under subdirectories
are updated to be the user group. Often used when changing a directory.
Example:
| The code is as follows | Copy Code |
| [Root@linux ~]# chgrp users Install.log [Root@linux ~]# Ls-l -rw-r--r--1 root users 68495 June 08:53 Install.log [Root@linux ~]# CHGRP Testing Install.log Chgrp:invalid group name ' testing ' |
|
<== error message ~ Could not find this user group name ~
Did you find it? The user group for the file is changed to users, but errors will occur when you change to testing. Note that there is an error message, or to check the contents of the error message.
Change file owner, Chown
So how do you change the owner of a file? Very simple. Since changing the user group is change group, the change owner is the change owner (the owner). This is the purpose of chown this command, it should be noted that the user must be already in the system, that is, in/etc/passwd this file has records of the user name can be changed.
There are many uses for chown, and you can also modify the name of the user group directly. In addition, if you want to connect all subdirectories or files in the directory to the owner of the file at the same time, you can add the-r parameter directly. Let's take a look at the syntax and examples:
[Root@linux ~]# Chown [-r] Account name file or directory
[Root@linux ~]# Chown [-r] Account name: User group name file or directory
Parameters:
-r: Continuous changes to recursive (recursive), that is, all files, directories under subdirectories
are updated to be the user group. Often used when changing a directory.
Example:
| The code is as follows | Copy Code |
| [Root@linux ~]# Chown bin Install.log [Root@linux ~]# Ls-l -rw-r--r--1 bin users 68495 June 08:53 Install.log [Root@linux ~]# chown root:root Install.log [Root@linux ~]# Ls-l -rw-r--r--1 root root 68495 June 08:53 Install.log |
|
We know how to change the file user group with the owner, then, when to use Chown or chgrp? Maybe you'll find it strange? Yes, it's true that sometimes you need to change the owner of the file, and the most common example is when you copy the file to someone else, we use the simplest CP to illustrate:
[Root@linux ~]# CP source File Destination file
Suppose you want to copy the. bashrc file to the. Bashrc_test, and to give bin this person, you can do this:
| The code is as follows | Copy Code |
[Root@linux ~]# CP. BASHRC. bashrc_test |
|
What to do? Bashrc_test still belongs to root, so that even if the file is presented to the bin user, he still cannot modify it (see the attributes), so it is necessary to modify the owner and user group of the file.
Change 9 properties, chmod
Changes to file properties use the chmod command, but there are two ways to set up a property, either by using a number or a symbol.
• Number Type Change file permissions
The basic properties of Linux files are 9, respectively, the Read/write/excute attribute of the Owner/group/others group, review the data just mentioned above:
-rwxrwxrwx
These 9 properties are three groups. In which, you can use numbers to represent each property, and the tables for each attribute are as follows:
R:4
W:2
X:1
The 3 attributes (r/w/x) of the same group (owner/group/others) need to be cumulative, for example, when the property is [-rwxrwx---]:
| The code is as follows | Copy Code |
Owner = rwx = 4+2+1 = 7 |
|
So, wait a minute. When you set a property change, the number of that property is 770. Change the command for a property chmod syntax is this:
[Root@linux ~]# chmod [-r] XYZ file or directory
Parameters:
XYZ: is the permission attribute of the numeric type just mentioned, the addition of the value of the Rwx property.
-r: Continuous changes to recursive (recursive), that is, all files and directories under the subdirectory are updated to this user group. Often used when changing a directory.
For example, if you want to open the. BASHRC all of the properties of this file, then issue the command:
| code is as follows | copy code |
| [Root@linux ~]# ls-al. BASHRC |
|
Did you see it? property has changed. Since a file has three sets of attributes, it is possible to find that the top 777 is three, and since we have all the properties open, the numbers are added, that is, "r+w+x = 4+2+1 = 7".
What if you want to change the attribute to "-rwxr-xr–"? then become [4+2+1][4+0+1][4+0+0]=754. So you need to issue a command chmod 754 filename. One of the most common problems is that when we edit a shell's text file with VI, its properties are usually-rw-rw-rw-, or 666 attributes, and if you want to turn it into an executable file and don't let anyone else modify it, then you need- Rwxr-xr-x This 755 attribute, you should use chmod 755 test.sh.
In addition, some files do not want to be seen by others, such as-rwxr-–, then use the command chmod 740 filename.
Example 3: Change the properties of the. bashrc file back to the original-rw-r–r–.
For:
chmod 644. BASHRC
• Symbol type Change file permissions
There is also a way to change the properties. As you can see from the previous introduction, there are basically 9 properties, respectively (1) User (2) group (3) others three. We can use the U, G, O to represent the three groups of properties. In addition, a represents all, that is, all three groups. Read and write properties can be written as R, W, X. That is, you can use the following method to look at:
chmod u
G
O
A + (join)
-(remove)
= (set) r
W
x file or directory
If we want to "set" the property of a file is "-rwxr-xr-x", basically is:
user (U): Has readable, writable, executable permissions.
group and others (G/O): have permission to read and execute.
So it is:
| The code is as follows | Copy Code |
[Root@linux ~]# chmod u=rwx,go=rx. BASHRC |
|
Attention The U=rwx,go=rx is connected, and there are no spaces in the middle.
| The code is as follows | Copy Code |
[Root@linux ~]# Ls-al. BASHRC |
|
Notice that there is no space between the R=rwx,og=rx text. So, what if it's "-rwxr-xr–"? You can set it by using the chmod u=rwx,g=rx,o=r filename. In addition, if you do not know the original file properties and want to add only the permissions that each person in the. bashrc file can write to, you can use:
| The code is as follows | Copy Code |
[Root@linux ~]# Ls-al. BASHRC |
|
And what if you want to remove the attribute without changing the other properties? For example, to remove the X attribute for everyone:
| The code is as follows | Copy Code |
[Root@linux ~]# chmod a-x. BASHRC |
|
Do you know the difference between +,-, =? + and – The property "does not change" as long as the item is not specified. For example, in the above example, the remaining two values remain unchanged because only-minus X is used. Practice a bit more and you'll know how to change attributes. This is useful in some cases. For example, if you want to teach a person how to make a program have permission to execute and do not know what the file's original permissions are, use chmod a+x filename to give the program permission to execute. Very convenient.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
