Linux Permissions and Permissions management

I. Rights Management

1. Types of permissions:

    r：读权限，对文件来说可以读取里面的内容，对目录来说可以列出目录下的文件。    w：写权限，对文件来说可以修改文件的内容，对目录来说可以创建删除目录下的文件。    x：执行权限，对文件来说可以运行这个文件，对目录来说可以进入这个目录。

2. Three categories of users of documents

    u：属主，表示此文件属于这个用户。    g：属组，表示这个文件属于此组。    o：其他用户。

3.chown usage
Chown change the owner of the file, belong to the group, only with the administrator to use permissions.
Usage chown [OPTION] ... [OWNER] [: [GROUP]] FILE ...
chown [OPTION] ...--reference=rfile FILE ...

         例如：chown student file，将file文件的属主改为student用户。                             chown -R student dir，将dir目录及其目录下的文件的属主改为student，如果不加-R只修改目录的属性。                             chown --reference=/tmp/test.txt file，将file文件的属主，属组改为和/tmp/test.txt的属性一致。                             chown student：student（student.student） file，将file文件的属主，属组改为student。

4.chgrp modifying the genus Group of files
Usage is similar to chown, but cannot modify the owner of the file.
5.chmod permissions to modify files

  chmod 666 file to change the permissions of the files to 666 (rw-rw-rw-) permissions.    chmod--reference=/tmp/test.txt file, the permissions of the files are consistent with/tmp/test.txt.    Chmod-r 666/dir, change the permissions of the/dir directory and the files in the directory to 666. * * NOTE: If the modified permissions are less than three bits, will be added in front of 0, such as chmod file, is actually to change the permissions of files to 066, that is, less than three bits before adding 0.            * * Modify the permissions of a class of users or certain classes of users: U: Master, G: Genus, O: Other, A: all chmod u=rwx file, change the owner permission of the file to rwx.            chmod u=rwx,g=rw file, change the master permission of the files to rwx, the group permissions to RW, if the permissions of G and u can use ug=rwx.            chmod u= file, the master permission of file is set to NULL, that is, the master does not have any permissions.            chmod u+x file, the host permission of the files and the X permission, then u-x means to remove the X permission, such as chmod a-x file, which means that all users have permission to remove X. The use of the directory is equally valid. 

6.umask Usage and introduction
Umask can be called "masking", it is used to modify the default permissions to create files, the default permissions of the file is 666 (Rw-rw-rw-,linux system for security purposes, all files are not the default X-execute permission), The default permission for the directory is 777, if your current umask value is 022 (you can use the command umask to view, take only the latter three bits, the first special permission bit is temporarily not considered), then you create the file with a permission of 644 (666-022), The permission to create the directory is 755 (777-022), the value of each user's umask may be different, the root administrator is 002, the normal user is 022,umask can be modified, using the command umask 023, change the value of the umask of the current bash environment to 023.
Note that variables modified with the command are only valid for the current bash environment, even if you are using the same user to log on to the same system and do not take effect, to be permanent or to be effective in other environments requires writing it to a configuration file. Let's talk about the user's login shell and the bash profile read after login:

    How does the user log on to the system?            From the user's point of view, Shell type: Login Shell: Normal login su-username through a terminal login su-l username login to the non-logon shell: SU Username login graphical terminal open command Line window automatically executes the shell script Bash profile has: Global configuration is valid for all users:/etc/profi LE,/ETC/PROFILE.D/*.SH,/ETC/BASHRC Personal configuration: ~/.bashrc,~/.bash_profile in general, profile files are used to set environment variables and run commands or scripts, b The ASHRC class file is used to set the local variable or alias (alias) when the user logs on to the system using a login shell, read the bash configuration file and order as follows:/etc/profile-->/etc/prof ILE.D/*.SH-->~/.BASH_PROFILE-->~/.BASHRC-->/ETC/BASHRC (This sequence reads bash configuration files ~ Indicates home directory) when you log on to the system using a non-logon shell, the read Bash configuration files and order are as follows: ~/.bashrc-->/etc/bashrc-->/etc/profile.d/*.sh all we use SU r            Oot and Su-root switch users with the environment is not the same, should read the bash configuration file is not the same, to make Umask 023 permanent effective in the corresponding bash profile write it, it is important to note that if you have logged in and then modify, you need to exit the re-login to take effect. Also note: If your umask is set to 023, what are your new file permissions? Calculate 666-023 = 643 (rw-r---wx), in fact when we create files such as file, using Ls-l file View will find that the permissions of the files are rw-r--r--(644), which is whyDo you? The reason is that, in the previous we have said that Linux system for security purposes, the file created by default does not have X Execute permission, that is, if you set the value of Umask to 023, then create a file after the calculation of the permission value is 643, with the Execute permission of X, which is not allowed by Linux,            So you add 1 to the number of bits that have the X Execute permission, and it becomes 644. If you will be umask 027, the permission to create the file is 640 (no negative number, OH).

7. Recommendations
To learn more about the usage of chown,chgrp,chmod, use man to view.

Linux Permissions and Permissions management