command to change permission properties chmod
chmod is a command to change the permissions of a file or directory, but only the owner and Superuser root of the file has such permissions, there are two ways to change the permissions of a file or directory through chmod, one is to set permissions by means of a permission letter and an operator expression , The other is to use a numeric method to set permissions.
chmod [Numeric combination] File name| R | Read | 4 |
| W | Write | 2 |
| X | Execute | 1 |
| - | 0 |
The permission of this file is the number of the 4+2+0=6, the number represented by the group is 4+0+0=4, the other user group represents the 4+0+0=4, so the number combination is 644.
Example one, use the number method of the chmod command to set permissions, as follows: (secondary number method most commonly used)Example two, create a. sh file with touch, test the owner's permissions, the permissions of the group and other user groups are not tested in one by one ...
Permission letters and operator expressions
| Identity | U (user) | G (Group) | O (Others) | A (All) | + | - | = |
| Meaning | User | Group | Other | All Users | Add or Subtract permissions | Reduce permissions | Reassign permissions |
Summary: For directory and file permissions comparison description
| File | Directory | |
| R (read) Read permission | Represents a permission to read the contents of a read file | Indicates permission to browse the directory (note: Different permissions to enter the directory) |
| W (write) Write permission | Represents the right to modify the contents of a file (note: Deleting and moving files is not related to the file itself, see the parent directory) | Indicates that there is a new, delete, move directory within the file permissions (need to have X permission mates, or no R has x ls-l view file will show the filename, but the file attributes are a bunch????? ) |
| X (Execute) (Execute permission) | Indicates that you have Execute file permission (normal user also needs r permission, root user can execute without r, the file itself can be executed) | Represents a permission to enter a directory |
Under Linux We look at the way there are two, one can directly input umask, you can see the number shape of the permission to set the score, one is to add-s (symbolic) parameter, you can use the symbolic type to display the permissions, as follows: The Umask setting is simple, just add the number of permissions you want to take out after the umask command:
There are default Umask settings in Etc/profile and ETC/BASHRC under Linux, so let's take a look at:
1 if [SUID-GT] && ["' id-gn '" = "' id =un '"];then2 umask 0023else4< /c7> umask 0225 fi
This is part of the content in the Etc/profile, you can see the different UID set different umask, in fact, in ETC/BASHRC file also has the basic same part of the code, we can set the umask in these two files, then what is the difference between the two? If it is changed in the Etc/profile, it will only change when the user is logged back in, and if it is changed in ETC/BASHRC, the switch directory will change, because profile is called when the user is logged in. Generally not permanent change umask, only temporary change, no big use of command (personal view)
How does a Linux system calculate file or directory permissions?| Default Maximum Permissions | Umask value | User permissions to create files | ||
| File | When creating an even number of files Umask | 666[-rw-rw-rw-] | 022 (full even) [-----w--w-] | 644 [-rw-r--r--] (description: Even plus subtraction default maximum permissions-umask value = User rights to create files) |
Create file Umask to an odd number of times (Umask some or all of them are odd) |
666[-rw-rw-rw-] | 123 (partial bit is odd) [--X--W--WX] | 644 (thought that the value of the Umask 123 is an odd number, so on the basis of the calculation 543 plus 101, that is, the odd corresponding file digit permission bit 1 can be added respectively) | |
| Directory | Umask is the same as the odd even number | 777[-RWXRWXRWX] | 022[-----w--w-] | 755[-rwxr-xr-x] (Description: Default maximum permissions-umask value = User permissions to create directory) |
You can see the above in the calculation of the creation of the default permissions of the file and directory, I think so: 666-022=644;777-022=755., so that the number is exactly the user-created directory or file permissions, (note: If it is a file umask is odd, Need to do subtraction, the odd number of corresponding files on the digital permissions plus 1, the directory is not required, Bo Master Pro-beta acceptance! For more calculation methods, refer to the calculation formula for Linux default permissions
How to set UID, GID, Stick_bitSUID: Put the x position of U, the original position has execute permission, it is set to S, not for S.
chmod u+s XXX # set setuid permissions
chmod 4551 File//permissions: R-sr-x-x
SGID: Placed in the x position of G, the original position has execute permission, is set to S, not for S.
chmod g+s XXX # set Setgid permissions
chmod 2551 File//permissions: R-xr-s--x
STICKY: Sticky bit, placed in the X position o, the original location has execute permission, is set to T, otherwise t.
chmod o+t XXX # set stick bit permissions for directory
chmod 1551 File//permissions: R-xr-x--t
Note: suid modifies the execution command, not the target file to be processed, and is only valid for binary files or programs, and the binary command or program needs to have executable permissions.
Loading ....
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
