linux--file permissions and directory configuration

Source: Internet
Author: User

Here is a summary of some of the recent learning file permissions and directory configuration
Blog Park-Bang Bang sauce Good * * *


One of the best places in Linux is his multi-tasking environment. And in order to let each user have more confidential file data, so the rights management of the file becomes very important. Linux generally divides the identity of the file into three categories, namely, owner/group/others, and three kinds of identities have read/write/execute and other rights

1. Identity category
(1) File owner user
(2) Group concept
(3) Other people others
(4) Root
Files that correspond to record data:
(1) Information about various identities:/etc/passwd
(2) Password for individual:/etc/shadow
(3) Group name:/etc/group

2.Linux file Properties
Ls-al
-rw-r--r--1 root root 42304 Sep 4 18:26 Install.log
[File type permissions] [Number of connections] [User] [Group] [Archive Capacity bytes] [File Last modified] [File name]
(1) File type permissions
A total of 10 characters,
The first character indicates that the file is directory [d], file [-], link file link file[l], interface device such as a random access device [b], serial port device such as keyboard mouse [C].
The next characters are in groups of three and are all combinations of [rwx] three parameters, their positions will not change, and if they do not, they will be written as [-]
The three groups of permissions are: User,group,others

3. How to change file properties and Permissions
(1) Chgrp: Change the group that the file belongs to
(2) Chown: Change the file owner
(3) chmod: Change the file permissions, Suid,sgid,sbit and other characteristics

4. Change the owning group Chgrp
CHGRP [-r] GroupName filename
-r: Continuous changes to the recursive, that is, all files under the directory, the directory is updated to belong to this new group
CHGRP users Install.log #users这个群组必须存在于/etc/group recorded in the group

5. Change the file owner Chown
Chown [-R] ownername[:groupname] FileName
-R: Continuous change of recursion, that is, all files under the directory, directories are updated to belong to this new owner
Chown Bin Install.log #bin这个拥有者必须存在于 owner of the/etc/passwd record
#应用: After the CP source file target file, the new user may not be able to use the copy file, then need to give the new file a new owner and a new group.

6. Change Permissions chmod
(1) Number type change file permissions
The scores for each permission are as follows: R:4 w:2 x:1
Each identity's respective permissions are added to the above 3. such as 7=4+2+1,5=4+0+1 (cannot be 5=2+2+1 oh, because the first must be r, the value is not 4 if not 0, not 2)

chmod [-r] XYZ file or directory
chmod 770. BASHRC

(2) symbol type change file permissions
chmod Ugoa +-= rwx file or directory #a代表all即全部的身份
chmod u=rwx,go=rx BASHRC #u =rwx,go=rx is connected, without any space in the middle.

7. Meaning of permissions
(1) the file
R: Can read the actual contents of this file
W: editable, add or modify the contents of this file (but do not include deleting the file)
X: The file has permissions that can be executed by the system (the ability to execute a file under Windows is determined by an "extension", for example:. exe,. bat,. com, and so on, but under Linux, whether our files can be executed, is by having "X" This permission to decide)

(2) to the directory
R: Can read directory structure list, can query the directory of file name data, ls command can display them
W: can create new directories and archives, can delete existing directories and archives, can change their names, can move their location
X: The user can enter the directory to become the working directory, the CD command can enter it, if there is no X permission, can not execute any of the instructions below it
Be careful to grant the W permission to the directory!

Case: The home directory for Dmtai is/home/dmtai, the account Dmtai has rwx permissions to this directory. This directory has a file called The_root.data, which has the following permissions:
-rwx------1 root root 4356 Sep 20:20 the_root.data
Analysis: The file for account Dmtai belongs to others identity, so this file, Dmtai can not read, can not be edited and can not be executed.
But Dmtai to the directory Dmtai has RWX permission, that is to say Dmtai account can delete this file!!

8. Types of Archives
(1) Regular files, attributes:-
Plain text file (ASCII), binary file (binary), data format files
(2) directory, attributes: D
(3) Link file, properties: L
(4) Equipment and device files
1) block device file, properties: B (e.g. hard disk, floppy disk)
2) character device file, attributes: C (e.g. keyboard, mouse)
(5) Data interface file, properties: s
(6) Data transfer file, properties: P

9. File name extension
(1) *.sh: script or batch file
(2) *z,*.tat,*tar.gz,*.zip,*.tgz: Packed compressed file
(3) *.html,*.php: Web related files
The name of the file on the Linux system really just lets you know what that file might be used for, and whether the actual execution or otherwise requires permission to
Yes.

10. File Length Limitation
Under Linux, when using a preset ext2/ext3 file system, the file name length for the file is limited to:
(1) The maximum allowable file name of a single file or directory is 255 characters
(2) Full path name and directory (/) with full file name of 4,096 characters

limitations of 11.linux file names
Due to the Linux in the text interface some of the instructions to operate the relationship, in general, you set the name of Linux under the file, it is better to avoid some special characters, such as: *?><:&! []|\ ' "' () {}}. Because they have a special meaning under the text interface.
At the same time, the file name starts with a decimal. This file represents the file as hidden.
And because of the command release, often use to-option such as the election, so you'd better avoid the beginning of the file name with-or + to name!

12.linux Directory Configuration
1) configuration by: FHS (Filesystem Hierarchy Standard), focusing on the specification of what data should be placed in each specific directory
FHS whether the frequent use of the file system allows users to arbitrarily change, and the directory is defined as four types of interaction:
_____________|________ shareable ____________|_______ _________
unchanging | /usr (software placement) | /etc (config file)
(Static) | /OPT (third party collaboration software) | /boot (boot and core file)
Variable | /var/mail (user email) | /var/run (program-related)
(variable) | /var/spool/news (News Group) | /var/lock (program-related)

#可分享的: Can be shared to other systems mount the use of the directory, so including the execution of files and users of the mail and other data, is able to share to other hosts on the network mounted directory;
#不可分享的: The device files that operate on the machine or the socket files related to the program are not suitable for sharing with other hosts.
#不变的: Some data does not change frequently, as with distribution. For example, a function library, file description file, the system administrator manages the host service configuration file and so on;
#可变的: frequently changing data, such as log-in files, newsgroups that the general user can accept themselves

In fact, FHS only defines what data should be placed in the three-tier directory for the directory tree schema:
(1)/(root, root directory): Related to boot system
(2)/usr (Unix software Resource): Related to Software Installation/execution
(3)/var (variable): Related to System operation process

13. The secondary directory under the root directory
(1)/bin:/bin is placed in a single maintenance mode can also be operated instructions, they can be used by root and general account.
(2)/boot: The file to be used when the boot is placed
(3)/dev: On Linux systems, any device or interface device is present in this directory in the form of a file
(4)/etc: The main system configuration files are placed in this directory, such as the person's account password file, the start of various services and so on. In general, the file attributes in this directory are accessible to the general user, but only root has the power to modify it.
such as:/ETX/INIT.D (all services preset startup scripts are here),/ETC/XINET.D (Super daemon manages the configuration files directory of each service)
(5)/home: This is the default user home directory for the system. When you add a general user account, the default home directory will be standardized here. More importantly, the home directory has two code names OH:
~: Represents the current user's home directory, and ~dmtsai: Represents Dmtsai's home directory!
(6)/lib: The function library to be used when the boot is placed, and the function library that the instruction under/bin or/sbin will call.
(7)/sbin: Placed under the/sbin for the boot process required, which includes the boot, repair, restore the system required instructions
(8)/srv: It is the data directory that these services need to use after the start of some network services
(9)/tmp: A place where a general user or an executing program temporarily places a file

the meaning and content of 14./usr
Usr=unix Software Resource
(1)/usr/bin: Most of the users can use the instructions are here
(2)/usr/lib: A library of applications, target files, and executable files or scripts that are not commonly used by the general user
(3)/usr/local: The system administrator installs its own downloaded software (not the distribution default provider) on the machine, it is recommended to install to this directory
(4)/bin/sbin: System instructions required for non-system normal operation
(5)/bin/share: Where to place shared files

the meaning and content of 15./var
If/usr is a directory that occupies a larger hard disk capacity during installation, then Var is the directory that will gradually take up the capacity of the hard disk after the system is operating. Because the/var directory is primarily for files with normal changes, including cache, login file (log file), and files generated by certain software operations, including program files (lock file, run file), or files such as MySQL database, etc.

16. Absolute path and relative path
(1) Absolute path: The file name or directory name that is written by the root (/), such as:/HOME/DMTAI/.BASHRC
(2) Relative path: The name of the file to be compared to the current path. such as:./home/dmtai or. /.. /home/dmtai
Attention:
.: Represents the current directory,.. : Represents a previous level of directory. So.. The/var/log representative returns to the previous directory and then moves to the Var directory.

17. See which Linux standard Linux distribution uses and which core
-->uname-r #查看实际的核心版本
-->lsb_release-a #查看linux标准 (Linux standard Base)


linux--file permissions and directory configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.