Linux (11) file directory permissions chmod umask chown

Source: Internet
Author: User


A file directory permission definition

chmod directory

First of all, let's meet the permissions definition of the file directory, and see the ls-l results below.

We found a file or directory in front of the 10-bit information, the first bit represents the file type, chmod recursive directory there are probably several types: D for directory-ordinary file B block device (SDA,SDA1) L link file c character file p pipe file s socket file We are familiar with the first four kinds.
The following 9-bit, no 3-bit group, respectively, represents the user (owner/master), user group (owning group/genus),chmod all files in directory   other user's permissions. Symbol expressed as u (user), G (group), O (Others)
Each group has 3 permissions r,w,x the sub-table represents read,chmod directory permissions  write, execute. Digital notation for Rwx=421=7
Rw=42=6 in turn
Three permissions for the detailed meanings of files and directories see the table below

Note that file permissions expire under the root account, login to the general account verification


Modified Chown of the main genus of two genera


Change owner changes the file to which the user belongs
Format chown user filename
Users can also be chown: the user group filename is also modified to belong to the main group
-R parameter can be cascaded


Three-file directory permissions modification


Chmod There are three ways to change file permissions: chmod 777 directory 
1 chmod u=rwx filename
2 chmod u+r filename or chmod u-r filename
Note: u can be changed as G,o, can also be separated by commas, assign value at the same time, chmod cannot access gradlew no such file or directory the following permissions are customized
3 chmod 770 filename directly to U,g,o Modify permissions
4-r parameter can modify permissions for directory Cascade


Four Umask


Umask can be said to be a file permissions open standard, we create a new file or directory will have a default permissions, such as under the ordinary user, create a new file permissions of 664, the directory is 775, at this time we view umask discovery as 0002, the default four bit, the first bit 0 is a complement, The latter three bits represent the reference permission of the U,g,o, and the simple sum we found,
664+002=666 for normal file full permissions
775+002=777 for directory file full permissions
Then means that we do not give the normal file default X permissions, chmod files in directory as far as possible limit the normal user rights, the directory is not controlled from the source, the default maximum permissions.
We can modify the Umask value to modify the preset permissions
The command format is umask xxx xxx, which represents the base permission for three numbers


Five Hidden permissions chattr lsattr


Here are two hidden permissions I permissions and a permission
Command chattr:
chattr [+-=] [i,a] [file or directory name] Example chattr +a test.txt
' +-= ': increase, decrease, set, respectively
' A ': After adding this attribute, can only append cannot delete, non-root user cannot set this attribute;
' I ': added, so that the file can not be deleted, renamed, set link, write, add data;
Let's give an example of how I can see the effect in a directory:

After we add the I permission to the test directory, even the root user can no longer create or delete files inside
Below we add a permission to the directory to see the results

We found that adding a permission to the directory can create a file inside it, but it cannot be deleted
Below we add I and a permission to the file to see the results


Command: lsattr
This command is used to read special permissions for a file or directory, with the syntax lsattr [-ar] [File/directory name]
'-a ': Similar to the-a option for LS, which is listed together with hidden files;
'-R ': listed together with subdirectories ' data



Linux (11) file directory permissions chmod umask chown


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.