Linux Linux users, user groups, file permissions settings

recently intend to learn more carefully about Linux operating system. First, it's a bad thing. User, user group, file permissions These three more important knowledge. ( I am also learning Linux, so I found this log, some settings will need to restart the system to take effect after the change.) )
To learn these things, you have to first grasp the Linux permissions system related knowledge.
Linux permissions system is mainly composed of users, user groups and permissions.
A user is a user who logs in and uses Linux. Linux internally is represented by a UID.
A user group is a grouping of users. Linux is represented internally by a GID.
Permissions are divided into three types of permissions: Read, write, and execute.

Linux user information is stored in the/etc/passwd file, and in addition, the/etc/shadow file contains information about the user's password.

/ETC/PASSWD file Format:
User name: Password: uid:gid: User info: Home directory path: User shell
Where UID 0 is the user root,1~499 for the system user, more than 500 for the average user

/etc/shadow Save the user password information, including the password after encryption, password expiration time, password expiration prompt days and so on.

The user group information is saved in the/etc/group file.
The format is as follows:
User group name: group Password: GID: In-group account (multiple accounts separated by commas)

After the user logs in, the GID in the/etc/passwd file is the user's initial user group.
The fact that the user's initial user group is no longer reflected in the/etc/group.

To view the user group commands for the current user:
[[email protected] opt] #groups
Root bin daemon Sys adm disk wheel
Output information, the first user group is a valid user group for the current user (current user group)

To toggle a valid user group command:
[[email protected] opt] #newgrp user group name
To leave the new active user group, enter exit carriage return.

New User command:
[[email protected] opt] #useradd [parameters] User name

Parameters:

-G Initial User group #用户组必须已经存在

-G Other user groups (modify/etc/group)

-C User Description

-U Specify UID

Users need to set a password for the user:
[[email protected] opt] #passwd username

The user wants to modify their password command:
[[email protected] opt] #passwd

To modify the user Information command:
[[email protected] opt] #usermod parameter user name
Parameters:
-C Description
-G Group name Initial user group
-E Expiration date format: YYYY-MM-DD
-G group name other user groups
-L Modify User name
-L Lock Account (two exclamation mark in front of user's password password string in/etc/shadow file) ）
-U unlock

To delete a user command:
[[email protected] opt] #userdel [-r] User name
where the parameter-R is the home directory for the user to delete.
In fact, there may be other places in the system also have the user file, to complete delete a user and its files to find the file belonging to him first:
[[email protected] opt] #find/-user user name
Then delete and then run Userdel to delete the user.

To view the available shell commands:
[[email protected] opt] #chsh-l

To modify your own shell command:
[[email protected] opt] #chsh-s

View yourself or someone uid/gid information:
[[email protected] opt] #id [user name]
Return information in groups as a valid user group

New User Group command:
[[email protected] opt] #groupadd [parameters] user group name

Parameters:--system Creating a system group

To modify a user group name command:
[[email protected] opt] #groupmod-n Name

To delete a user group command:
[[email protected] opt] #groupdel user group name

Set User Group Password command:
[[email protected] opt] #gpasswd user group name

If the GPASSWD plus parameter has other functions

Set User Group Administrator command:
[[email protected] opt] #gpasswd-a user name user group name

Add an account to group command:
[[email protected] opt] #gpasswd-m user name user group name

To remove an account command from a group:
[[email protected] opt] #gpasswd-d user name user group name

Parameters:
-L Lock User
-U Unlock User
-N days password cannot be changed days
-X days password expires in days
-W Days Warning days

 

Knowledge of file Permissions

Let's look at an example:
[[email protected] opt] #ls-al
The Ls-al command is to list all files in the directory, including hidden files. The first character of the hidden file's file name is '. '
-rw-r--r--1 root root bayi 08-02 14:54 gtkrc-1.2-gnome2
-RW-------1 root root 189 08-02 14:54 iceauthority
-RW-------1 root root 08-05 10:02. lesshst
drwx------3 root root 4096 08-02 14:54. metacity
Drwxr-xr-x 3 root root 4096 08-02 14:54 Nautilus

The columns of the list are defined as follows:
[Permission Property Information] [Number of connections] [owner] [owner-owned user group] Size [Last Modified time] FileName

The permission attribute list is 10 characters:
The first character indicates the file type, D is the directory-for normal file L for connection b for the storage interface device C for keyboard and mouse input device
2, 3, 4 characters represent owner permissions, 5, 6, 7 characters represent owner-group user Rights, 8, 9, 10 for other user rights
The second character represents the owner Read permission, or R if there is permission, or-
The third character represents the owner write permission, or W if there is permission, or-
The fourth character represents the owner execution permission, or X if there is a permission, or-
The fifth character indicates that the owner is in the same group as the user Read permission, if the permission is R, no permission is-
The sixth character indicates that the owner is the same as the group user write permission, if the permission is W, no permission is-
The seventh character indicates that the owner performs the permissions with the group user, and if the permission is x, no permission is-
The eighth character represents other non-identical read permissions, and if there is a permission R, no permission is-
The nineth character represents the other non-identical write permissions, if the permission is W, no permission is-
The tenth character represents the other non-identical group execution permissions, if the permission is x and no permission is-

Modify a file to belong to the Group command:
[[email protected] opt] #chgrp [-r] Group name file name
Where-R is the recursive setting

To modify the owner and group commands for a file:
[[email protected] opt] #chown [-r] User [: User Group] File name

To modify File access Permissions command:
[[email protected] opt] #chmod [-RV] 0777 file name

-V: Show details of permission changes
-r: The same permissions change for all files in the current directory and subdirectories (i.e., recursively changing one by one)
[[email protected] opt] #chmod ABC file name
Each of the a,b,c is a number that represents the permissions of the user, Group, and other respectively.
R=4,w=2,x=1
To rwx the attribute then 4+2+1=7;
To rw-the attribute then 4+2=6;
To r-x the property, 4+1=5.

 

At this point, users, files and permissions related things, summed up a 7788, the next is, usually dare to use a variety of commands, diligent to see the summary of this article.

Linux Linux users, user groups, file permissions settings