Linux file attributes and permission Control

1 multi-user multi-task --> permission control required:

Access Method: Owner (owner) group (group) Other (Others)
Archive attributes: You can set archive attributes to control the access permissions of the preceding three methods.

2. Format and field meanings of key file attributes // practice

　
Use LS-Al to view files in the home directory in long format:

　　

 

Each row represents the content of an archive attribute. Each field is described using a file test:

File Attribute connection number owner's group file size last modified time file name

For example:

-Rwxrwxr-x 2 JMZ 1698 2012-3-12 19:00 Test

1) archive attributes:-rwxrwxr-x

The first character indicates that the file is a directory, file, or linked file 』:
If it is [d], it is a directory.
If it is [-], it is an archive.
If it is [L], the link file is used );
If it is [B], it indicates the interface device in the device file that can be stored;
If it is [c], it indicates the serial port device in the device file, such as the keyboard and mouse.

The above test is an archive

The group contains nine characters and three characters, which respectively indicate the owner and group members. Other members have permissions on the file.

For example, rwxrwxr-X indicates that the archive owner can read and write it, group members can read and write it, and other Members can read and write.

Note: When a file is a directory, you must first have the executable conditions to make it readable and writable. Therefore, suppose-drwxr -- r, are group members and other members readable? The answer is no. Because the file is a directory, it cannot be read or written if it cannot be executed (accessed, which will be explained later.

In Windows, the file execution is determined by the file name (suffix), such as EXE, bat, and COM files, however, it does not matter whether the file name and file name are executable in Linux. The file executable has another meaning, which will be explained below.

2) Number of connections

The number of nodes used by the connection (inode). If it is a directory, it depends on the number of directories in the directory. Later.

3) indicates the owner of the file.

4) indicates the group in which the archive owner belongs.

5) File Size

6) last modification time

7) file name

　　

3. How to change the File Permission // practice

1) Change the owner chown
　　　　
Chown-r newusr filename/dirname

Change the file owner to newusr. If the file owner is a directory, you can use the R parameter to recursively change the files in the directory.
　　　　

2) Change the chgrp of the Group

Same as above

3) Change nine attributes: chmod

Two methods:

A digit: The three characters rwx represent 4, 2, and 1 respectively.

[Root @ Linux ~] # Chmod [-R] xyz file or directory
Parameters:
XYZ: The permission attribute of the numeric type just mentioned. It is the sum of the values of the rwx attribute.
-R: Perform recursive changes, that is, all files and directories under the sub-directory.
Are updated to this group. It is often used to change a directory.

For example, chomod-r 740 testdir

740 indicates the meaning of rwxr -----

B. Change the File Permission.
There is another way to change attributes! From the previous introduction, we can find that the nine attributes are (1) user (2) Group
(3) three groups of others! Then we can use U, G, O to represent the attributes of the three groups! In addition, a represents all, that is, all three groups!

Example: chmod u = rwx, go = Rx. bashrc

Equivalent to the first chomod 755. bashrc

4. Understand the meaning of directory attributes

　　　　

The attribute we mentioned above is basically a description of the characteristics of general archives. If it is for the directory, the R, W, X pair
What is the significance of a directory? To put it simply:

•R (read contents in directory): indicates the permission to read the directory structure list.So when you have read (r)
You can use the LS command to display the content list of a directory!

• W (modify contents of directory): This writable permission is amazing for the directory! Because he
　　Indicates that you have the permission to change the directory structure list., That is, the following permissions:
O create new files and directories;
O Delete existing files and directories (no matter who the file belongs !)
O Rename an existing file or directory;
O move the files and directories in the directory.

Therefore, if you are a common identity user, such as dmtsai, the files created by no matter who (including root) are in the/home/dmtsai directory, no matter who the archive belongs or what its attributes are, the dmtsai user "has the right to delete the Archive!
　　
• X (Access Directory): we have mentioned this in the header., X depends on whether the directory can be accessed.!!

5. Learn more about the types of archives

All devices are archives under Linux. In addition, even interfaces for data communication have exclusive archives ~ Therefore, you will understand that there are many file types in Linux ~ In addition to the one mentioned above, D is the so-called general archives and directory archives. What types of archives are there?

1) regular file ):

The first attribute is [-], for example, [-rwxrwxrwx], in terms of the properties displayed by LS-Al. In addition, the file content can be classified:

O plain text files (ASCII): This is the most common archive type in Unix systems. It is called plain text files because the content is the data that we humans can directly read, such as numbers and letters.

O binary: Remember to mention the GNU development history in the chapter "What is Linux, in fact, our system only knows and can execute binary files? That's right. The executable file (scripts, text-type batch files are not counted) is in this format.
　　
O data files: Some programs read files in certain specific formats during operation. Files in specific formats can be called data files ). This file is a datafile that can be read through the last command! But when cat is used, garbled characters are read ~ Because it belongs to a special format file.

2) directory ):

Is the directory ~ The first attribute is [d], for example, [drwxrwxrwx].

3) link ):

It's like a shortcut under windows! The first attribute is [L], for example, [lrwxrwxrwx];

4) device and device files ):

Files related to the system perimeter and storage are usually stored under the/dev directory! There are two types:
　　
O block device: it refers to some interface devices that store data to provide system access. Simply put, it is a hard disk! For example, the Code of your No. 1 hard drive is/dev/hda1 and so on! The first attribute is [B].

Character O (character) device: it is an interface device with some serial ports, such as a keyboard or a mouse! The first attribute is [C].

5) data interface file (sockets ):
　　　　
Since it is called a data interface file, take it for granted that this type of file is usually used for data acceptance on the network. We can start a program to listen to the requirements of the client, and the client can communicate data through this socket. The first attribute is [s], which is most often seen in the/var/run directory.

6) data transmission file (FIFO, pipe ):

FIFO is also a special archive type, which aims to solve the problem caused by simultaneous access to one archive by multiple programs. FIFO is the abbreviation of first-in-first-out.
The first attribute is [p].

6. Be familiar with directory configuration, the meaning of each directory, and suggested planning, and understand the principle. // Principle

　　　　

Because there are too many Linux developers, if each of them shows their own directory configuration methods, it may cause a lot of Management troubles. As you can imagine, after you enter an enterprise, the Linux directory configuration method you have come into contact with is completely different from what you have learned before ?! It's hard to imagine ~ So, the so-called filesystem Hierarchy Standard (FHS) standard was released! This FHS (http://www.pathname.com/fhs)

FHS defines two levels of standards. The first layer is the file data of what content should be placed in each directory under,For example, the/etc file should be placed, and the/bin and/sbin files should be placed executable files.. The second layer is defined for the sub-directories of the/usr and/var directories.For example,/var/log placement of system logon files,/usr/share placement of shared data, etc.. Because FHS only defines the archive data that should be placed in the directory of the top (/) and lower (/usr,/var) layers, in other directory levels, you can configure them with the developer.

　　
1) We recommend that you do not separate directories from root partition.
　　

Is there a "must" directory in the root partition? Yes! That is:/etc/,/sbin/,/bin/,/dev/, And/lib. Why? This is because when the Linux system is started and the core is loaded, only one partition is mounted, that is /. However, many commands and function libraries are used during startup. For example, to mount the program, you need to mount the program, and you also need to init the program, you also need to use many configuration files, such as/etc/inittab. Our core module is placed in/lib. Of course,/Dev is the directory where all devices are stored and must be used at startup. Therefore, these directories must be associated!

2) It is recommended to become a single partition directory independently.
　　　　
As for some directories, it is because of security and special functions, but it is expected to become an independent partition! For example:/home,/usr,/var,/tmp, etc. We must first know that the user's personal home directory on the system is in/home, which is also one of the most frequently used directories. In addition, in order to evenly allocate resources, we may want to limit the maximum disk capacity (quota) that everyone can use, you have to separate/home, and it is better that this partition can be larger, especially when your Linux is used as a file server, it is more important. As for/usr, It is the directory installed by some programs, which can also be independent; And/var/, which records a large amount of common data and reads it frequently, so it's "Easy to mount Part 1! If he is able to stand out independently, "When/var/is true, in case of accidental failure, it will not affect other partition, at least with a certain degree of security!

3) Important Directories
　　
In addition to the importance of directories based on the concept of partition, you need to know about several important directories:

•/Etc:

This directory is where the system settings file is stored, including the account and password on your system (/etc/passwd,
/Etc/shadow), as well as various settings (/etc/sysconfig/*) to be used during startup, as well as various main network servers
The configuration files are all in this directory. That is to say, if the file under this directory is deleted or dead,
Hey hey ~ Your system will probably need to be rebuilt ~ ^_^. Therefore, laruence will regularly
Back up all the files in the directory. The directory size should not exceed 50 MB.
No problem!

•/Usr/local:

Although the importance of this directory has been moved to/OPT, laruence is still used
The software you develop or install is stored in the/usr/local directory. If your Linux system has multiple users
It is necessary to develop a good operation habit. So the habit of installing software should be well established.
Ah ~ Do not install it at will! Put them under/usr/local or/OPT! Pai_^

•/Var:

Once mentioned above, I would like to emphasize it again here. This directory is an important medium for storing data during the management system operation.
For example,/var/lib and/var/run. In addition, the final data such as email/var/spool/mail is also placed in
In this directory ~ In addition, there are almost all service LOGIN files (which can be used to record who, when, and where to log on to the host, and
What is it and so on !) Are stored in the/var/log directory. Therefore, this directory is also very important. Remember to check frequently
/Var/log/messages: Is the file abnormal ~

Now that you know the file permissions of Linux and what data may be stored in each file, let's talk about it.
The correlation between the Directory and the disk partition. Generally, a large host does not store all the data in one disk (that is, only
A "/" root directory) for the following purposes:

• Security considerations:
Your system is usually in/usr/, while personal data may be stored in/home. For some boot data
In/etc. If you put all the data together, when your system is accidentally damaged by hackers, Or you accidentally cut it yourself
A little thing, then all the things are gone... This may not matter to our city Jing Xiaomin. install another one.
This is good, but it cannot be done for some large enterprises! Therefore, you need to place the data in different disks separately.
More secure.

• Convenience:
If you need to upgrade your system, do you need to re-format the installation? Some data, such as the data in/home, is personal user data, and does not seem to be related to the system! Therefore, if you place the data on different disks separately, you will be more flexible when you want to upgrade or perform some system changes.

You may be able to make the Partition Distribution of your system as follows:
/
/Boot
/Usr
/Home
/Var

This is a common distribution of disks, where:
• The root directory can be allocated at least 1 GB;
• Boot is about 50 MB, because the boot file is not large;
•/Var requires at least 1 GB, because your mail and proxy preset storage areas are in this directory, unless you want to change some settings!
•/Home and/usr are usually the largest, because the data you install is in/usr/, and the user data is stored in/home, therefore, we recommend that you evenly allocate the remaining disk space to these two directories! But not necessarily! /Usr probably gives 10 Gb ~ Others can be assigned to/home, or some remaining space can be reserved for future installation and configuration!