Linux users and permissions, Linux User Permissions

Linux users and permissions, Linux User Permissions

Library: lib

Shared Library:. so, shared object,

 

Permission:

User: obtains the resource and service identifier.

Group, assign permission, identifier

 

Process: The process is performed as a user, with the owner and group

Security context)

 

Linux permission, three groups of users

File owner and file owner

File Group, the native Group of the file

Other users,

 

Permission:

Each file has three types of permissions: file owner, file group, and other users.

Each type of user has three Permissions

R, w, x

File:

R: readable. You can view the file content;

W: writable. You can edit or delete this file.

X: excutable, executable, and submitted to the kernel for running

Directory:

R: You can execute ls for this directory to list all internal files;

W: You can create files in this directory;

X: You can use cd to switch to this directory, or you can use ls-l to view the details of internal files.

Rwx:

R --: Read-Only

R-x: read and execute

---: No permission

 

0 000, ---: no permission

1 001, -- x: Run

2 010,-w-: Write Permission

3 011,-wx: Write and execute

4 100, r --: Read

5 101, r-x: read and execute

6 110, rw-: read/write

7 111, rwx: read/write execution

 

Exercise:

755: rwxr-xr-x

Rw-r -----: 640

660: rw-rw ----

Rwxrwxr-x: 775

 

User: UID,/etc/passwd

Group: GID,/etc/group

 

Shadow password, which stores real passwords of users and groups

User:/etc/shadow

GROUP:/etc/gshadow

 

User Type:

The administrator ID is 0.

Normal user ID 1 ~ 65535

System User ID number 1 ~ 499

Average user ID: 500 ~ 60000

 

User Group category:

Administrator group:

Common group:

System group:

General group:

 

User Group category:

Private Group: if you do not specify a group for a user, the system automatically creates a group with the same name as the user name.

Basic group, default group of the user

Additional group, additional group, other than default group

 

Resolution: name resolution, www.sohu.com -- IP

 

Cat/etc/passwd

Account: Login Name

Password: password. x is displayed. The placeholder password is displayed. The real password is in/etc/shadow.

UID: User ID

GID: basic group ID

GECOS: The full name of a user.

Dir: Home Directory

SHELL: the user's default shell

 

Cat/etc/shadow

Login name: Logon name

Encrypted password: encryption password, $1 $ indicates MD5 Encryption

The password is *,!! This user is locked and cannot log on

Days: from to the number of days after the last Password Change

Day: Minimum Password Validity Period

Day: Maximum Password Validity Period

Day: Password Expiration warning time

Day: before the user is disabled

 

Ls-lh $ (which useradd)

Ls-lh 'which useradd'

Ls-lh $ (which adduser)

Ls-lh 'which adduser'

Useradd tom, add user tom

Passwd tom, add a password to the user tom

Cat/etc/group

Groupadd mygrp, add group mygrp

　　

* File useradd, to view the file type

Useradd: ASCII text.

　　

User Management:

Useradd, userdel, usermod, passwd, chsh, chfn, finger, id, chage

Group Management:

Groupadd, groupdel, groupmod, gpasswd,

Permission management:

Chown, chgrp, chmod, umask

 

* Encryption Method

Symmetric encryption: the same password is used for encryption and decryption.

Public key encryption: Each password becomes a pair. One is a private key and the other is a public key)

One-way encryption: Hash encryption, which can only be plaintext → ciphertext. Data signature is extracted and is often used for data integrity verification.

1. irreversible;

2. avalanche effect, anti-cracking

3. fixed-length output

MD5: Message Digest, information Digest version 5th, 128-Bit fixed-length output

SHA1: Secure Hash Algorithm, version 1st, 160-Bit fixed-length output

4. Collision

5. md5sum