Linux file permissions, users, user groups

Linuxsocketgo Storage C

A single file name or directory name does not exceed 255 characters in length;

The absolute path length of the file or directory does not exceed 4096 characters;

First, the file owner and user group

A file has many properties, including file type, file permissions, file hiding permissions, file owner, user group, file size, creation date, modification date, access date, and so on, such as the following properties of the/etc/inittab file:

650) this.width=650; "Style=" Background:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat Center;border : 1px solid RGB (221,221,221); "src="/e/u261/themes/default/images/spacer.gif "alt=" Spacer.gif "/>

650) this.width=650; "src=" Http://img.my.csdn.net/uploads/201208/30/1346328835_6081.png "/>

1. File types

(1) D: Catalogue; find/-type D query;

(2)-: general document;Find/-type f query;

(3) L: Link file;Find/-type l query;

(4) B: block devices, i.e. storage devices, such as/DEV/SDA;Find/-type b query;

(5) C: a character device, i.e. a serial port device, such as a keyboard, such as/dev/zero;Find/-type c query;

(6) S:socket, such as/var/run/acpid.socket;Find/-type s query;

(7) P:pipe file, for example, we can create pipe file through mknod mypipe p ;Find/-type p query;

2. File owners and user groups

First of all: The file owner is not related to the user group itself, such as the user group can be root, but the file owner is Xiazdong;

Case Analysis:

(1) The file owner of a file is Xiazdong, the user group is root, the current logged on user is Xiazdong, if you want to make the file owner become root, can you succeed? Can't

(2) The file owner of a file is Xiazdong, the user group is root, the current logged on user is root, if you want to make the file owner root, can you succeed? Can

Summary point: Change the file owner, user group should be the responsibility of root;

One more point: a user will always belong to one or more user groups, a user group can have multiple users, such as root users belong to the root user group, but we can also create a user Xzdong, and belong to the group1 user group, but also belong to the group2 user group;

3. Mtime, Atime and CTime of documents

Mtime: File content modification time;

Atime: File access time;

CTime: File permissions, the time the owner was modified;

LS --time=atime/ctime

Command

CHGRP, chown command used to set the file owner, user group;

(1) chgrp Xiazdong test.txt: Set the Test.txt file user group to Xiazdong;

(2) chgrp Xiazdong dir: Set the file user group of dir to Xiazdong;

(3) Chown Xiazdong test.txt: Set the Test.txt file owner to Xiazdong;

(4) Chown xiazdong:root test.txt: The Test.txt file owner is set to Xiazdong, the user group is set to root;

Ii.. File permissions

File permissions Specify the file owner's permissions to the file/directory, the members of the user group to which the file belongs, the permissions to the file/directory, and other people's permissions to the file/directory;

(1) r: readable permission;

(2) W: writable permission;

(3) x: executable permission;

For directories and files, these permissions represent different meanings.

For files:

(1) R: can read the contents of the file;

(2) W: can write the contents of the file, but cannot delete the file, if you want to give permission to delete files, you need to specify directory permissions;

(3) x: Execute the file, not every file requires this permission, such as TXT file does not need;

For catalogs:

(1) R: can read the directory structure under the directory, that is able to execute the LS view directory under the file name;

(2) W: Can change the structure of the directory, that is, add, delete files under the directory, rename the file;

(3) x: Able to enter the directory, that is, CD to the directory;

Note, however, that if the directory is only R, but does not have X permissions, it can only be the LS out of the file name, not the document properties, as shown in:

650) this.width=650; "Style=" Background:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat Center;border : 1px solid RGB (221,221,221); "src="/e/u261/themes/default/images/spacer.gif "alt=" Spacer.gif "/>

650) this.width=650; "src=" Http://img.my.csdn.net/uploads/201208/30/1346328838_6474.png "/>

Note: If the Dir directory exists in the Test.txt file, if the Xiazdong user does not have the Dir write permission, even if the test.txt has rwx permissions, can not delete test.txt;

The most important thing to note is: Regardless of the file permissions set to what (here only the general permissions, special permissions do not count), root can be the file or directory rwx;

Case:-rwxr--r--(1) The file owner can read, write, and execute the file, (2) the user group is able to read the file, and (3) the other person can read the document;

Command

chmod command can set the file permissions;

Note: We can set permissions by numbers or symbols;

If it is a number, then 4 represents r,2 on behalf of w,1 X, if it is 5 on behalf of the R-X,6 representative rw-,7 on behalf of RWX;

If it is a symbol, then a for all people, u for Owner,g on behalf of Group,o representative Others,r is R,w is w,x is X, nothing is written to indicate a permission is not;

(1) chmod 755 test.txt: Giving Test.txt rwxr-xr-x

(2) chmod u=rwx,go=r test.txt: Giving Test.txt rwxr--r--

(3) chmod a=r test.txt: Giving Test.txt r--r--r--

(4) chmod a+x test.txt: To test.txt all the people to add X permission;

(5) chmod a-x test.txt: To test.txt all the people delete the X permission;

(6) chmod u=rwx,go= test.txt: Give Test.txt rwx------

The following sections are the exclusive features of the Ext file system

Third, file hidden properties

(1) A: Files can only be added, can not be modified, deleted, often used in log files;

(2) I: Files can not be modified, deleted, even if root is not, for fixed files;

Command

1, Lsattr

List attribute, which lists the hidden attributes of a file or directory;

lsattrFile: Lists hidden properties of files;

lsattr-d dir: Lists the hidden properties of the directory;

2, Chattr

Change attribute, which modifies the hidden attributes of a file or directory;

(1) I: If this attribute is set, the directory or file cannot be modified (even if root cannot modify or delete him).

(2) A: If you set this attribute, you can only add content, but not modify or delete the content;

chattr +ai file: adding attributes;

Chattr-ai file: delete attribute;

chattr =a file: Set properties;

Iv. Special permissions of the file

There are 3 special attributes for a file:

(1) SUID: The X-permission position of the user owner is "s", such as/USR/BIN/PASSWD;

(2) SGID: The X permission position of the user group is "s", such as/usr/bin/locate;

(3) Sbit: The other X-permission position is "T", such as/tmp;

SUID

SUID can only be given a binary file, and the user has X permission to the file, give SUID only effect;

Suid effect: When the general user has X permission to the binary file B, and B file already has the SUID permission, when the general user executes B, the user will have the permission of the file owner;

650) this.width=650; "Style=" Background:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat Center;border : 1px solid RGB (221,221,221); "src="/e/u261/themes/default/images/spacer.gif "alt=" Spacer.gif "/>

650) this.width=650; "style=" font-family: ' Microsoft Jas Black '; font-size:14px; src= http://img.my.csdn.net/uploads/201209/01/ 1346509639_1601.png "/>

SGID

Sgid can give directories or files , the performer must have X permission;

Sgid use: Team development, and a directory is the team's shared directory, anyone to create files in this directory, the user group of files is the team, not the individual user group;

Sgid Effect:

(1) When the file is Sgid: When the performer executes, this performer will have the user group's permission;

(2) When the directory Sgid is given: When the performer enters the directory, the effective user group is the user group of the directory, such as the user creates a file, the user group of this file is the user group of the directory;

For example, to create a chmodtest directory, the permission is drwxrwsrwx, then xiazdong into the directory after the creation of Test.txt, the Test.txt file owner is Xiazdong, but the user group is root;

650) this.width=650; "Style=" Background:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat Center;border : 1px solid RGB (221,221,221); "src="/e/u261/themes/default/images/spacer.gif "alt=" Spacer.gif "/>

650) this.width=650; "src=" Http://img.my.csdn.net/uploads/201209/01/1346509647_2393.png "/>

650) this.width=650; "src=" Http://img.my.csdn.net/uploads/201209/01/1346509651_8938.png "/>

Sbit

can only be given to the directory, if the directory is assigned to Sbit, then user a file or directory created in this directory only root and user A can delete, other people can not delete;

Command

Set suid, SGID, Sbit, through the chmod settings;

Suid:4

Sgid:2

Sbit:1

(1)-rwsrw-r--:

Digital representation: chmod 4764 file, the first number 4 is set up suid;

Symbol representation: chmod u=rwxs,g=rw,o=r file

(2)-rwxrwsr--:

Digital representation: chmod 2764 file, the first number 2 is set up Sgid;

Symbol representation: chmod u=rwx,g=rwxs,o=r file

(3)-rwxrwxr-t:

Digital representation: chmod 1764 file, the first number 1 is set up sbit;

Symbol representation: chmod u=rwx,g=rwx,o=rt file

U+s: Add suid;

G+s: Add Sgid;

O+t: Add sbit;

This article is from the "Fly Higher" blog, make sure to keep this source http://vqiao.blog.51cto.com/9368913/1612831

Linux file permissions, users, user groups