Linux file permissions and directory management detailed _linux

Source: Internet
Author: User
Tags chmod create directory mkdir file permissions

One, Linux file system three kinds of identities

1), file owner
2), the same group of users
users of the same user group can access the user group's files;
Each account can be added to multiple user groups.
Files in the same user group can also be set with different permissions and can not be viewed by this group of users.
3), other people
someone other than the file master, the same group of users, is someone else.
PS:/etc/passwd records all users ' accounts
/etc/shadow records all user's passwords
/etc/group record all the group names

Second, file attributes

Ls-al displays all file names and related attributes (including hidden files with a. Beginning)

Total
drwxr-xr-x+ Chaibozhou staff  952 4 08:08.
Drwxr-xr-x  5 Root    admin  170 4 21:24.
-R--------  1 Chaibozhou staff   9 3 21 12:00. cfusertextencoding
-rw-r--r--@ 1 Chaibozhou staff 10244 4 23 11:25. Ds_store
drwx------  5 Chaibozhou Staff  170 4 23 14:13. Trash
-rw-------  1 Chaibozhou staff  3205 4 16:37. Bash_history drwxr-xr-x  6 Chaibozhou Staff  204 4 4 15:51. config

First column: File type and Permissions
D: Catalog Files
-: Ordinary Documents
L: Linked files
B: Device files for storing data
C: Device files for transmitting data: mouse, keyboard

The next three characters are set to represent the permissions of the file owner, the permissions of the same group of users, the permissions of other users, and the order of R, W, and X is fixed.

Second column: How many file names are connected to this node

Third column: Owner account for this file/directory
Fourth column: The user group to which this file belongs
Fifth column: The size of this file, the unit is B
Sixth column: creation date or modified date of this file
If you want a realistic and complete date time, you can add parameters to ls: ls-l–full-time
PS: In linux commands, if the parameter starts with-, it means that the following argument is shorthand, and if--the following argument is complete. The full-time here is a complete parameter.
PS: If the original use of Linux installed in Chinese, the display of the full date should be displayed in Chinese, but the Chinese can not be displayed in the command window, at this time will appear garbled, at this time can only set up, let the date in English display: Lang=en_us
Seventh column: File name

Third, the importance of Linux permissions

1, protect the function of system files
Typically, system files have only the root administrator read, write, and execute permissions.
2. Provide data sharing function for team development
The same development team can be set up as the same group of users so that files can be shared.

Four, change the file attributes and permissions of the command

1, Chgrp: Change the file belongs to the user group
CHGRP [-R] New user group directory or file: Change the user group of files under this path to "new user group"
PS: This new user group must be under the/etc/group, otherwise it will be an error.
PS: If the last parameter is a directory, it means that only the user group of the files in this directory is changed to this.
Ps:-r indicates that if the last parameter is a directory, the files in the current directory, along with the user groups for all files under the subdirectory, are changed to this.
2, Chown: Change the file Master
Chown [-r] Username file or directory: Change the owner of all files in this directory to this username.
PS: This username must be/etc/passwd under the line.
This command can modify both the file master and the user group: Chown [-r] User name: User group name directory/file
Chown [-r] User name. user group name directory/file
PS: Because the user name can have a decimal point, when there is a user name with a decimal point, the system will be misjudged, so we generally use: To connect the user name and user group name.
You can also modify only the user group name: chown [-r]. User group name directory/file
When do I need to change file and user groups?
When we copy a file to someone else, assuming that the file can only be read by the main file, because the copy will be the file's permissions and all the attributes copied together, then when the other person to get the copy of the file still inaccessible, so after the copy is completed, the first person should modify the file properties and permissions.

CP original Directory/original file new directory/new file
1, chmod: Change the permissions of the file
There are two ways to change the permissions of a file: To modify the permissions with numbers, and to modify the permissions with symbols.
A) Modification of permissions using numbers
As we already know, the permissions are composed of 9 letters, and each three is a group, representing the permissions of the file owner, the permissions of the same group of users, and the permissions of other people. In this way, r=4, w=2, x=1, add up to three values for each group and make up a three-digit number. For example:
File main: rwx = 4+2+1=7;
Same group of users: rwx=4+2+1=7;
others:---=0+0+0=0;
So the order is as follows:

chmod [-R] 770 files/directories

(b) Modification of permissions with symbols
chmod u/g/o/a +/-/= r/w/x File/directory
Example: File owners can read, write, execute, and the same group of users and other users can read, execute.
chmod u=rwx,go=rx filename
Assuming that you didn't know the properties of the file, and now you want all the people to be able to execute the file, then:
chmod a+x File/directory
Suppose you didn't know the properties of the file and now you just want the same group of users and other users to be unable to write:
chmod go-w File/directory
The meaning of directory and file permissions

A file has a rwx that only means that the user can read, write, and execute the contents of the file, reading the contents of the file, writing to the file, and executing the file. However, you do not have permission to delete this file.

A directory has rwx:
R: There is permission to read the directory structure, that is, I can see the directory structure through the LS command, but I can't get into this directory by CD.
W: Indicates a permission to change the directory structure, that is, the ability to create/delete/rename/move files/directories.
X: Indicates that a user can enter this directory through a CD.
PS: Whether a directory has X permissions is very important, if you do not have X permissions, means that can not enter the directory, that is, can not execute all the programs in this directory. Example: There is a directory file as follows

drwxr--r--3 root root 4096 date. ssh
the same group of users and other users of this directory file can only view the structure of the directory through LS, not the CD to this directory, and can not perform all of these programs.

In the station, to the server some resources to the outside access, but if a directory only open the R permission, then only LS the structure of the directory, but can not enter the directory to access the data inside. To open the data in the directory to someone else, you must open at least R and X permissions, but w permissions cannot be easily opened. For example:

Suppose there is an account user1, her home folder is:/home/user1,user1 has rwx permissions on this directory file, there is a data file under this folder, permissions are as follows:-rwx--1 root root ..., then:
User1 for this file belongs to other users, do not have any permissions, but for this folder, with RWX, can see the folder through LS directory structure, can access the folder through the CD, can be created in this folder, delete, rename, move files.

Use the root account to create a directory/dir under/temp with permissions of 744, and then create the file test under/dir.
Analysis: For dir This directory, file master rwx, the same group of users and other users can only r, that is, the file master can ls this directory structure, can CD to this directory, can create, delete, rename, move files in this directory, while the same group of users and other users can only LS this directory structure.
PS: Create directory: mkdir directory name
PS: Create empty file: Touch filename

# Use Root as the following operations
cd/temp
mkdir dir
chmod 744 dir touch
dir/test chmod
# for this file, File Master 4+2: Read and write, same group of users and other users can do nothing
# Now switch identities to Chai
Su-chai #切换身份的命令: Su-username
cd/temp
ls-l dir #现在身份是chai, for this directory is other users, then only R permissions, is only ls This directory structure, cannot CD to this directory to go to
cd dir #直接报错: Permission denied
Exit #退出到刚才的身份
chown Chai/temp/dir #将dir这个目录的文件主改为chai, at which point Chai has rwx permissions
Cd/temp/dir #此时chai可以cd到dir中, You can create, delete, rename, move files
rm Test #删除test文件 in Dir

Five, Linux file types

Normal file-
1. Plain text files
You can view chai this common file by Cat/chai.
2. binary files
Executable files in Linux (scripts and text batch files are not counted).
Just the cat is a binary file.
3. Data Format File
A file in a specific format, such as a configuration file, that will be read when the program is run.
For example: When a user logs on to Linux, the login log is recorded in the/var/log/wtmp file, which is a data format file.
PS: Data format file to read with the last, if the cat read will appear garbled.

Catalog File D

Connection File L
is the shortcut under Windows.

Device files
1. Block Device file B
A device file used to store data, such as a hard disk or floppy disk.
2. Character device file C
Device files for data transfer, such as keyboard, mouse.
3. Socket S
This device file is in/var/run.
4. Pipe P
A problem that solves the error caused by multiple programs accessing a file at the same time.

Six, Linux Extension

Linux does not have an extension, and whether a Linux file can be executed depends on whether the file has x in its properties.
But to enhance the readability of the file, we added "extension" to the file.
*.sh represents a script or batch file.
*z, *.tar, *.tar.gz, *.zip, *.tgz They are all compressed files.
PS: The permissions of files downloaded from the Internet are likely to change, so when we download a file that cannot be run, check to see if it has X.

Vii. Linux Limitations on files

Linxu defaults to the Ext2/ext3 file system, which limits the length of the file name to:
A single filename or directory name with a maximum length of 255 characters;
The full file or directory name has a maximum length of 4,096 characters.
Avoid some special characters when naming files.

VIII. Linux Directory Configuration Standards

Because of the number of vendors developing Linux distribution, it is important to standardize the file systems developed by these vendors, so there is a file system Configuration specification: FileSystem hierarchy STANDARD=FHS.

FHS four types of directory specifications:

1, can share the catalogue
Indicates that this directory can be shared to other hosts on the network for Mount use.
2. Non-shared catalogue
Device files that can only be run on their own machines, or socket files related to the program, cannot be shared with other hosts because they are only related to their own machines.
3, unchanged directory
No matter what kind of distributions, these directories are fixed, and the file data in the directory basically does not change. In general, these directories contain function libraries, system configuration files, and so on.
4, the variable directory
The data for files in these directories will always change, such as log files.
The root directory is the most important directory of the entire system, all other hungry directories are derived from the root directory, and the root directory is also connected with the boot, restore, system repair and other operations.

FHS recommends that the root directory be small enough and that the application should not be placed in the same partition as the root directory.

FHS It is recommended that you have these directories in the root directory:
-/bin: The commands in the Bin directory can be used by all accounts, and the general commands are: Cat, chmod, chown, date, MV, mkdir, CP, bash
-/boot: Documents to be used for open opportunities
-Dev: Any device is stored in this directory in the form of a file
-/ETC: The system's main configuration files are placed in this directory. The file attributes in this directory can be read to the general user, but only root can be modified, FHS suggested: Do not place the executable file in this directory.
-/home: The Default User home folder for the system.
~ Represents the home folder of the currently logged on user
~chai represents the home folder for the specified user
-/lib: The library function that is used to store the power on the boot and the commands in the/bin and/sbin directories.
-/media: Place removable device files. such as: Floppy disk, CD-ROM.
-/MNT: If you want to temporarily mount some additional equipment, put it in this folder.
-/OPT: directory where third party software is placed
-/root: System Administrator's home folder
-/sbin: The commands required to boot, repair, and restore the system during the boot process
-/srv: Is the service abbreviation, holds the network service the necessary data.
-//tmp: The place where data is temporarily stored by the general user execution program. Anyone can access it, so you have to clean it up regularly. FHS recommends that the directory be emptied when the distributions is powered on.

Other important listings:
-/lost+found: A directory that is produced using the Ext2/ext3 file system. When a file system error occurs, some of the missing fragments are placed in this directory.
-proc: is a virtual file system, that is, its data are stored in memory, does not occupy the hard disk space.
-/sys: It is also a virtual file system that records kernel-related information.

Only the root directory is mounted when the boot is on, and the other directories are mounted only after the system has been booted. Therefore, the directories associated with the boot process must be placed in the same partition as the root directory. The directories that must be placed in the same partition as the root directory are:

/ETC: Configuration file
/bin: Important Execution documents
/dev: Required device files
/lib: The library functions required to execute the file and the modules required by the kernel
/sbin: Important System Execution files

/ usr directory
=unix Software Resource is the directory where operating system-critical resources are placed.
FHS recommends that all software developers should place the data in the subdirectory of this directory, rather than creating a separate directory on their own.
This directory is equivalent to C:\Program Files under Windows.

/var Directory
/usr the larger volume of files required to place the installer, and the/var is stored in the directory where the hard drive will be consumed during program execution. Such as: caching, log and so on.

Each directory can not only mount the local file system, but also use the file system on the network. You can use the network File System Server =NFS server to mount the specified directory on the network mountain.

The above is the entire content of this article, I hope to help you learn.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.