Getting Started with Linux: File permissions, users, user groups __linux

A single filename or directory name is no longer than 255 characters long, and the absolute path length of a file or directory is no more than 4096 characters;
first, file owners and user groups

A file has many properties, including file types, file permissions, file-hiding permissions, file owners, user groups, file size, creation date, modification date, access date, and so on, such as the/etc/inittab file properties:

1. File Type
(1) d: directory; Find/-type D query, (2)-: general file; Find/-type f query; (3) L: Link file; Find/-type l query; (4) B: block device, i.e. storage device, such as/DEV/SDA; Find/- Type B query; (5) C: Character device, i.e. serial port device, such as keyboard,/dev/zero Find/-type C query, (6) S:socket, such as/var/run/acpid.socket; find/-type s query; 7 p:pipe files, such as we can create pipe files through Mknod mypipe p; Find/-type p query;
2. File owners and user groups
The first point is that the file owner has nothing to do with the user group itself, such as the user group can be root, but the file owner is xiazdong; case analysis: (1) The file owner of a file is Xiazdong, the user group is root, and the current logged-on user is Xiazdong. If you want to make the owner of the file root, can you succeed. No, (2) The file owner of a file is Xiazdong, the user group is root, and the current logged-on user is root, if you want to make the file owner into root, can you succeed. To sum up: The owner of the file, the user group should be the responsibility of root;
Another point: A user will always belong to one or more user groups, a user group can have multiple users, such as root users belong to the root group, but we can also create a user Xzdong, and belong to the group1 user group, but also belong to the group2 user group;
3. Mtime, Atime, CTime of documents
Mtime: File content modification time; atime: file access time; CTime: File permissions, time the owner was modified;
Ls --time=atime/ctime

Command
The CHGRP, Chown command is used to set the owner, user group of the file, (1) chgrp Xiazdong test.txt: Set the Test.txt file user group to Xiazdong; (2) Chgrp Xiazdong Dir: Set dir's file user group to Xiazdong (3) chown Xiazdong test.txt: Set test.txt file owner to Xiazdong; (4) Chown Xiazdong:root Test.txt: Set the Test.txt file owner to Xiazdong and the user group to root;

Second, file permissions

File permissions Specify the permissions of the file owner to the file/directory, file/directory permissions for members of the user group to which the file belongs, other people's permissions to the file/directory, (1) R: Readable permission, (2) W: Writable Permission, (3) x: Executable permissions;
For directories and files, these permissions represent different meanings. For a file: (1) R: can read the contents of the file, (2) W: can write the contents of the file, but can not delete the file, if you want to give permission to delete files, you need to specify directory permissions; (3) x: Execute file, not every file needs this permission, such as TXT file does not need;
For the Directory: (1) R: You can read the directory structure under the directory, that is, can execute the LS to view the file name under the directory, (2) W: Can change the structure of the directory, that is, add, delete the directory of files, rename the file, (3) x: Access to the directory, that is, CD to the directory; , but does not have X permissions, only ls out of the filename, not the file properties, as the following illustration shows:


Note: If the dir directory exists test.txt files, if the Xiazdong user does not have dir write permission, then even if the Test.txt have rwx permissions, can not delete test.txt;
The most attention is: Regardless of file permissions are set to what kind of (here only to discuss the general permissions, special permissions do not count), root can be file or directory rwx;
Case:-rwxr--r--(1) The file owner is able to read, write, and execute the file, (2) the user group is able to read the file, and (3) Others can read the document;
Command
The chmod command can set permissions on a file; Note: We can set permissions by number or symbol, and if it is a number, 4 represents r,2 on behalf of w,1 X, and 5 for r-x,6 on behalf of rw-,7; if it is a symbol, then a represents all, and you represent owner, G on behalf of Group,o Others,r is R,w is w,x is x, nothing to write a permission is not; (1) chmod 755 test.txt: Conferred Test.txt rwxr-xr-x (2) chmod u=rwx,go=r Test.txt: Test.txt rwxr--r--(3) chmod a=r test.txt: Given Test.txt r--r--r--(4) chmod a+x test.txt: Add x permissions to all test.txt people; (5) C Hmod a-x test.txt: Remove x permissions for all test.txt; (6) chmod u=rwx,go= test.txt: given test.txt rwx------
The following sections are all Ext file System exclusive Features

third, file hidden properties

(1) A: Files can only be added, can not be modified, deleted, often used in log files, (2) I: Files can not be modified, deleted, even if root is not, used for fixed unchanged files;

Command
1, lsattr list attribute, that is, list the hidden attributes of files or directories;
Lsattr file: Lists hidden attributes of files; lsattr-d dir: Lists the hidden attributes of the directory;
2, Chattr
Change attribute, that is, to modify the hidden attributes of a file or directory; (1) I: If this property is set, the directory or file cannot be modified (even root cannot modify or delete him). (2) A: If you set this property, you can only add content, but not modify or delete content;
Chattr +ai file: add attribute; Chattr-ai file: delete attribute; chattr =a file: Set properties;

iv. File Special permissions

The file has 3 Special properties: (1) SUID: The user's owner's X permission position is "s", such as/USR/BIN/PASSWD (2) SGID: The X permission location of the user group is "s", such as/usr/bin/locate; (3) Sbit: In other X permission locations "T", such as/tmp;

SUID
SUID can only be assigned binary files, and the user has X permissions on the file, give SUID only effect; SUID effect: When the average user has X permission on binary file B, and the B file already has SUID permissions, the user will have the permissions of the file owner when the normal user executes B;

SGID
Sgid can give directories or files, the performer must have x authority; SGID use: Team development, and a directory is a shared directory of the team, anyone in this directory to create files, the file's user group is a team, not a personal user group; Sgid effect: (1) When the file Sgid is given: When the performer executes, This performer will have the permissions of the user group; (2) when the directory Sgid: When the performer enters the directory, the effective user group is the user group of the directory, for example, users create a file, the user group of this file is the user group of the directory, such as the creation of Chmodtest directory, permissions for DRWXRWSRWX, Test.txt is created after entering the directory with Xiazdong, the Test.txt file owner is Xiazdong, but the user group is root;



Sbit
only directory can be assigned, if the directory is given sbit, user a file or directory created in this directory only root and user A can be deleted, others can not delete;
Command
Set up suid, SGID, Sbit, through chmod setting;
Suid:4 Sgid:2 sbit:1

(1)-rwsrw-r--: Digital representation: chmod 4764 file, the first number 4 is set suid; symbol: chmod u=rwxs,g=rw,o=r file (2)-rwxrwsr--: Number representation: chmod 2764 file , the first number 2 is set Sgid symbol: chmod u=rwx,g=rwxs,o=r file (3)-rwxrwxr-t: The number indicates: chmod 1764 file, the first number 1 is set sbit; symbol: chmod u= Rwx,g=rwx,o=rt file
U+s: plus suid; G+s: plus sgid; o+t: plus sbit;