01. chattr format = chattr [+-=][option] File or directory name
+: Increase Permissions
-: Delete Permissions
=: equals permission
Lsattr: View chattr permissions
Options:
I: If the file is set I property, then the file is not allowed to delete, rename, and can not add and modify data (for Root also valid);
If you set the I property on the directory, you can only modify the data for the files in the directory, but you are not allowed to create and delete files.
A: If you set a property on a file, you can only add data to the file, but you cannot delete or modify the data;
If you set a property on the directory, only the files are allowed to be created and modified in the directory, but not deleted.
02, the system command sudo permissions = = Visudo
function: The command executed by the Superuser is given to ordinary users.
sudo is a system command for manipulating objects
Root all= (All) all
Address of the managed host within the user name = (can use Identity) Authorization command (absolute path)
%wheel all= (All) all
% group name the address of the administrative host = (the identity that can be used) Authorization command (absolute path)
Don't give a tool command like Vim to a normal user.
Example: An authorized SC user can restart the server
sc all =/sbin/shutdown-r Now:
First switch to this user under: SU-SC
View the commands given: sudo-l
Execution: Sudo/sbin/shutdown-r now
Linux File System Properties chattr permissions and system commands sudo permissions