Linux Linux users, user groups, file permissions settings

Source: Internet
Author: User

recently intend to learn more carefully about Linux operating system. First, it's a bad thing. User, user group, file permissions These three more important knowledge. ( I am also learning Linux, so I found this log, some settings will need to restart the system to take effect after the change.) )
To learn these things, you have to first grasp the Linux permissions system related knowledge.
Linux permissions system is mainly composed of users, user groups and permissions.
A user is a user who logs in and uses Linux. Linux internally is represented by a UID.
A user group is a grouping of users. Linux is represented internally by a GID.
Permissions are divided into three types of permissions: Read, write, and execute.


Linux user information is stored in the/etc/passwd file, and in addition, the/etc/shadow file contains information about the user's password.

/ETC/PASSWD file Format:
User name: Password: uid:gid: User info: Home directory path: User shell
Where UID 0 is the user root,1~499 for the system user, more than 500 for the average user


/etc/shadow Save the user password information, including the password after encryption, password expiration time, password expiration prompt days and so on.


The user group information is saved in the/etc/group file.
The format is as follows:
User group name: group Password: GID: In-group account (multiple accounts separated by commas)


After the user logs in, the GID in the/etc/passwd file is the user's initial user group.
The fact that the user's initial user group is no longer reflected in the/etc/group.

To view the user group commands for the current user:
[[email protected] opt] #groups
Root bin daemon Sys adm disk wheel
Output information, the first user group is a valid user group for the current user (current user group)

To toggle a valid user group command:
[[email protected] opt] #newgrp user group name
To leave the new active user group, enter exit carriage return.


New User command:
[[email protected] opt] #useradd [parameters] User name

Parameters:

-G Initial User group #用户组必须已经存在

-G Other user groups (modify/etc/group)

-C User Description

-U Specify UID


Users need to set a password for the user:
[[email protected] opt] #passwd username


The user wants to modify their password command:
[[email protected] opt] #passwd


To modify the user Information command:
[[email protected] opt] #usermod parameter user name
Parameters:
-C Description
-G Group name Initial user group
-E Expiration date format: YYYY-MM-DD
-G group name other user groups
-L Modify User name
-L Lock Account (two exclamation mark in front of user's password password string in/etc/shadow file) )
-U unlock


To delete a user command:
[[email protected] opt] #userdel [-r] User name
where the parameter-R is the home directory for the user to delete.
In fact, there may be other places in the system also have the user file, to complete delete a user and its files to find the file belonging to him first:
[[email protected] opt] #find/-user user name
Then delete and then run Userdel to delete the user.


To view the available shell commands:
[[email protected] opt] #chsh-l


To modify your own shell command:
[[email protected] opt] #chsh-s


View yourself or someone uid/gid information:
[[email protected] opt] #id [user name]
Return information in groups as a valid user group


New User Group command:
[[email protected] opt] #groupadd [parameters] user group name

Parameters:--system Creating a system group

To modify a user group name command:
[[email protected] opt] #groupmod-n Name


To delete a user group command:
[[email protected] opt] #groupdel user group name


Set User Group Password command:
[[email protected] opt] #gpasswd user group name


If the GPASSWD plus parameter has other functions


Set User Group Administrator command:
[[email protected] opt] #gpasswd-a user name user group name


Add an account to group command:
[[email protected] opt] #gpasswd-m user name user group name


To remove an account command from a group:
[[email protected] opt] #gpasswd-d user name user group name

Parameters:
-L Lock User
-U Unlock User
-N days password cannot be changed days
-X days password expires in days
-W Days Warning days

 

Knowledge of file Permissions

Let's look at an example:
[[email protected] opt] #ls-al
The Ls-al command is to list all files in the directory, including hidden files. The first character of the hidden file's file name is '. '
-rw-r--r--1 root root bayi 08-02 14:54 gtkrc-1.2-gnome2
-RW-------1 root root 189 08-02 14:54 iceauthority
-RW-------1 root root 08-05 10:02. lesshst
drwx------3 root root 4096 08-02 14:54. metacity
Drwxr-xr-x 3 root root 4096 08-02 14:54 Nautilus


The columns of the list are defined as follows:
[Permission Property Information] [Number of connections] [owner] [owner-owned user group] Size [Last Modified time] FileName


The permission attribute list is 10 characters:
The first character indicates the file type, D is the directory-for normal file L for connection b for the storage interface device C for keyboard and mouse input device
2, 3, 4 characters represent owner permissions, 5, 6, 7 characters represent owner-group user Rights, 8, 9, 10 for other user rights
The second character represents the owner Read permission, or R if there is permission, or-
The third character represents the owner write permission, or W if there is permission, or-
The fourth character represents the owner execution permission, or X if there is a permission, or-
The fifth character indicates that the owner is in the same group as the user Read permission, if the permission is R, no permission is-
The sixth character indicates that the owner is the same as the group user write permission, if the permission is W, no permission is-
The seventh character indicates that the owner performs the permissions with the group user, and if the permission is x, no permission is-
The eighth character represents other non-identical read permissions, and if there is a permission R, no permission is-
The nineth character represents the other non-identical write permissions, if the permission is W, no permission is-
The tenth character represents the other non-identical group execution permissions, if the permission is x and no permission is-


Modify a file to belong to the Group command:
[[email protected] opt] #chgrp [-r] Group name file name
Where-R is the recursive setting


To modify the owner and group commands for a file:
[[email protected] opt] #chown [-r] User [: User Group] File name


To modify File access Permissions command:
[[email protected] opt] #chmod [-RV] 0777 file name

-V: Show details of permission changes
-r: The same permissions change for all files in the current directory and subdirectories (i.e., recursively changing one by one)
[[email protected] opt] #chmod ABC file name
Each of the a,b,c is a number that represents the permissions of the user, Group, and other respectively.
R=4,w=2,x=1
To rwx the attribute then 4+2+1=7;
To rw-the attribute then 4+2=6;
To r-x the property, 4+1=5.

 

At this point, users, files and permissions related things, summed up a 7788, the next is, usually dare to use a variety of commands, diligent to see the summary of this article.

Linux Linux users, user groups, file permissions settings

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.