Linux File Permission learning summary, linux permission Summary

Source: Internet
Author: User

Linux File Permission learning summary, linux permission Summary

1. What permissions do users have for files or directories?

Four types: read, write, execute, and no permission

2. How do I express these four permissions?

In decimal format, the values are 4, 2, 1, and 0. in decimal format, the values are r, w, x, and ,-. In my opinion, when you use the chmod command to change the file or directory permission, the numeric representation is obviously simpler and clearer than the character representation.

3. Do these four permissions have the same meaning for files and directories?

This is not the case, as shown below:

---------------------------------------------------------------------------

Common file directory

R: You have the permission to read the file content. You have the permission to list the file list.

W: You have the permission to modify the file content. You have the permission to create and delete files.

X: the user has the permission to execute the file. The user has the permission to access the Directory and copy the file.

----------------------------------------------------------------------------

I have performed one-to-one Operations on these individual permissions in the directory. The detailed results are pasted at the end of the article, so the images will not be pasted out. Note:

1. Having a certain permission does not mean that you can perform operations on files or directories.

2. A common file has the r, w, and x permissions or a combination of their permissions. It targets the file content and has nothing to do with the operations of the file itself. If you want to delete or move an object, you need the permission of its upper-level directory.

4. Why should we set permissions for three groups of users at the same time?

This is because the file or directory permissions in linux are associated with user management. When setting the File Permission, in addition to setting the owner permission, we also need to set the permissions of users in the same group of owner and other users. For Linux user management, please search for relevant information by yourself.

 

5. Why are the permissions of many files or directories a combination of permissions?

As mentioned above, having a certain permission does not necessarily mean that the corresponding operation can be completed. One of the reasons is that a single permission cannot guarantee that we can complete the corresponding operation. Therefore, when setting file or directory permissions, the combination of permissions is usually used, which is especially important for permission setting of directories. For example, in principle, if the directory has w permissions, we can create and delete files in the directory. However, according to the actual operation results, these operations cannot be completed, the preceding operations can be performed only when the directory has the x permission at the same time. -Wx permission is a combination of permissions. For a directory, it indicates that the user can create or delete files in it. For a common r-x combination: For a directory, indicates that you can list the contents of a directory and copy the files in the directory. It can be said that without the combination of the x permission, the w permission of the directory is an empty statement. Without the combination of the x permission, you cannot perform any operations on the contents of the directory, the operation on the directory itself is determined by its upper-level directory permissions. Can you understand? If you cannot access the directory, how can you operate the files in the directory ?!

When a directory has permissions to combine rw-, r-x, and-wx, what operations can we perform on the files or subdirectories? You can first guess, and then experiment to see if your guess is correct. You don't need to consider rwx permissions. Basically, they are full permissions, except for special permissions.

6. What are the effects on file or directory permissions?

Having a certain permission does not mean that you can perform the corresponding operation. It is not only because you need a combination of permissions. Sometimes, this situation occurs: we have correctly set the permission combination of files or directories, but still cannot perform corresponding operations on them. This is because whether or not operations on files or directories depend not only on the permissions of the files themselves, but also on the permissions of the upper-level directories. This is already mentioned in the third and fifth sections of this article. Keep it in mind. This is very important!

First, let's take a look at the file operations, including the operations on the file itself and the operations on the file content.

Operations on files are generally performed by moving, copying, deleting, and renaming objects. All these operations are determined by the permissions of the upper-level directories. Can you understand? The file is a file in the directory. We know that linux regards the directory as a file, so everything in the directory can be seen as the content of the file. Therefore, the permission of the Directory determines the operations on the files in the directory. This mainly refers to operations on the files themselves, operations on the file content, and the cooperation of the file's own permissions.

The lQs home directory contains a directory of, with a file a.txt. The Home Directory lqs has set the permission 705, the directory 000 permission to 703, And the.txt File Permission to 700. In other words, the user normalsuccessfully deleted the.txt file, although the File Permission is only 700! This is because deletion and other operations of files are determined by the permissions of the upper-level directory, while the permissions of the upper-level directory 000 of the file are 703, it grants other users the permission to add or delete files.

Therefore, we come to the conclusion that whether to move, delete, or rename the files in the directory depends on the permissions of the upper-level directories. The files here refer to not only common files, but also directory files, that is, subdirectories of directories.

Operations on the file content generally refer to modifying the file content. To operate the file content, first the directory must have the x permission, and then the file must have the w permission.

The operations on sub-directories in the directory are the same as those on files in the directory, but the corresponding permissions are the same as those on directory operations. I will not list them here. Remember, you need to use the chmod command. You will naturally know these things.

VII. Special Permissions

Linux has some special permissions, such as s, which must be expressed in four decimal digits. If you are interested, take a look.

  Appendix:

  1. How does a permission character representation become a numerical representation?

When you use the ls-l command to display the long format of the file property, the first field is used to indicate the file type and permissions. The most common value of this field is-rwxr-xr-x. There are 10 characters in total. The first character indicates the file type, and the last nine characters indicates the File Permission. These nine characters can be divided into three groups, indicating the permissions of the file owner, permissions of users in the same group and other users.

Rwxr-xr-x indicates that the file owner has all the read, write, and execute permissions. The owner has the read permission for users in the same group. Other users have the read permission, expressed in decimal numbers, 755.

So how did 755 come from?

To obtain this decimal number, you must first convert rwxr-xr-x to binary. If they are expressed in binary numbers, if a permission is 1 and not 0, then the binary value of rwxr-xr-x is 111 101.

Then convert the three groups of binary numbers 111 101 101 to decimal. Do you still remember the conversion algorithm? From right to left, the numbers on each member are multiplied by the n power of 2 (the value of n starts from 0 ). As follows:

Group 1: 1x20 + 1x21 + 1x22 = 7

Group 2: 1x20 + 0x21 + 1x22 = 5

Group 3: 1x20 + 0x21 + 1x22 = 5

The combination of the three numbers is 755.

In fact, you don't need to convert every character into a binary character every time and then convert it into a decimal character. This is not so troublesome. Because we can calculate that the read permission is expressed in decimal number as 4, the write permission is expressed as 2, the executable permission is expressed as 1, and the no permission is expressed as 0, remember that they don't have to be transferred every time.

Let's take a look at the read permission r --. Its binary value is 100, which is converted to decimal: 0x20 + 0x21 + 1x22 = 4.

Let's take a look at the writeable permission-w-. Its binary value is 010. convert it to decimal: 0x20 + 1x21 + 0x22 = 2.

Finally, let's look at the executable permission -- x. Its binary value is 001, which is converted to decimal: 1x20 + 0x21 + 0x22 = 1.

2. The test results of each permission are as follows:

Directory read permission: you can list objects in a directory. You cannot rename, copy, move, or delete objects in a directory. You cannot enter a directory.

Directory write permission: you cannot list files in a directory, rename, copy, move, or delete files, or enter a directory.

Directory executable permissions: do not list files in the directory, do not rename, move, or delete files in the directory, copy files in the directory, and enter the directory.

 

Source:Http://www.examda.com/linux/fudao/20100707/094403862-1.html

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.