Continue to the previous section, this time mainly for users and some knowledge points of authority.
Command creation User: Useradd
To create a user manually:
/etc/passwd
/etc/shadow
/etc/gshadow
/home/User name/
/var/spool/mail
ID user to view the user's personal information.
User home directory of hidden files template/etc/skel
Ls-ld Viewing directory Details
Chown-r Oldboy:oldboy/home/oldboy Recursive change
Home Directory Environment configuration file
ENV Query Environment variables
Set query all variables
Environment variables can inherit from the quilt process export b=2
Custom variables cannot be inherited by the quilt process a=1
Environment profile (exists under each user's home directory)
. bash_history Save the user's history command when the user exits the save to file
. bash_logout save a command to execute when the user exits
. BASHRC Save User alias (opens a new terminal to read the file)
. bash_profile where to save user search commands
. BASHRC shell-level environment variable configuration file
. bash_profile logon Level environment variable profile
Su-Logon level switching
SU Shell level switch
Global Environment configuration file
/etc/bashrc
/etc/profile
Load order
/etc/profile
. bash_profile
. BASHRC
/etc/bashrc
Defining variable file Order
/etc/profile1
/etc/profile2
. bash_profile1
. bashrc1
/etc/bashrc1
/etc/bashrc2
. bashrc2
. bash_profile2
Permissions (Basic and Advanced permissions)
[Email protected] ~]# ls-l Install.log
-rw-r--r--1 Robin Upup 39751 05-23 11:15 aa.txt
rwx | rwx | Rwx
Robin Upup Other
Uid=0----->uid=robin----->group=upup----->other
For file R--------Cat head tail ....
W--------vim,gedit,vi,> >>
x--------execute./absolute path
For directory R--------LS r-x view the file information in the directory
W--------mkdir TOUHC rm rwx
X--------CD
User U
Group G
Other O
chmod u+r File/dir
chmod u+r,g+w File/dir
chmod UG-RW File/dir
chmod ugo+rwx File/dir
chmod a+rwx File/dir
chmod u=r File/dir
chmod u=r,g=w File/dir
chmod UO=RW File/dir
chmod ugo=rwx File/dir
chmod a=rwx File/dir
/rwxr-xr-x 755
/etc/rwxr-xr-x 755
/usr/rwxr-xr-x 755
/var/rwxr-xr-x 755
/TMPRWXRWXRWT 1777
/ETC/SHADOWR--------400
/etc/passwdrw-r--r--644
/HOME/ROBINRWX------700
/rootrwxr-x---750
Root Create file default permissions rw-r--r--644
Root Create directory default permissions rwxr-xr-x 755
Normal user Create file default permissions rw-rw-r--664
Normal user Create directory default permissions Rwxrwxr-x 775
R------4 W------2 x-----1
777
RWXR----x 741 123--x-w--wx
r-x-wx-w-532 456r--r-xrw-
Default Permissions calculation method
666023
110110110000010011
111101100111101100
110100100
644
Chmod-r 777/test
Modify the owning group
Chown Robin Tt.txt
Chgrp uplooking Tt.txt
Chown robin.uplooking Tt.txt
Chown. uplooking Tt.txt
.=:
Chown-r robin.uplooking dir/
Practice:
Create User Tom and Jerry
1. Create a file in the/tmp directory Tt.txt
Requirements:
Tt.txt permission set to 651 is changed to RWXR----x
chmod 651/tmp/tt.txt
chmod u=rwx,g=r,o=x/tmp/tt.txt
Set up tt.txt file owning this Tom belongs to the group Jerry
Chown Tom.jerry/tmp/tt.txt
2. Set up owners and permissions according to the following requirements
Create the directory test/in the/tmp directory and create the file in the test directory Aa.txt
Tom can read and write files Aa.txt cannot be deleted
Jerry can not read and write files Aa.txt can be deleted
mkdir/tmp/test/
Touch/tmp/test/aa.txt
/tmp/test/jerry Root Rwxr-xr-x
/tmp/test/aa.txt Tom Root Rw-r-----
Primary Group Attach Group
Robin Robin Robin,uplooking
/tmp/test rwxrwx---root uplooking
Robin, can you go in/tmp/test? Why?
Can be because the additional group has uplooking
Create a file after entering aa.txt the file owner belongs to the group??
Robin Robin
What if the user wants to create a file that belongs to the uplooking group?
SG uplooking
Robin Uplooking robin,uplooking
Tt.txt Robin Uplooking
Advanced Permissions
1.suid
must act on binary executable file
chmod u+s File
Function: Any user who executes a command with SUID permission executes as the owner of the command
Experiment:
Enable normal user Robin to view/etc/shadow file content using cat without changing/etc/shadow permissions
Which cat
chmod U+s/bin/cat
Robin user test
2.sgid
must act on the directory
chmod g+s dir
Role: Any user who creates a file in a directory that owns Sgid inherits the group of that directory
Useradd-g job-g uplooking Tom
Useradd-g Job-g uplooking Jerry
Useradd-g sal-g uplooking Zorro
Useradd-g sal-g uplooking Shrek
/job ZHB uplooking Rwxrwsr-x
Aa.txt Tom Job
Tt.txt Tom Uplooking rw-r-----
3.sticky (t adventure bit paste bit)
must act on the directory
chmod o+t dir
Role: Any user created under the directory with the T permission is the user's own, other people do not have permission to delete (root, directory owner)
Linux Basic Knowledge Part2