Linux permissions issues (1)-sticky

background : When a friend uses PHP for the MV operation, there is a problem with permission denied. After viewing, the discovery directory set the sticky permission, after canceling this permission, the file can be normal MV and delete.

Sticky: for a multi-person writable directory, if the Sticky is set, then each user can only delete their own files (horse brother quotations, see horse Brother Linux Base learning notes)

As shown, this is a directory with sticky permissions

mkdirchmod1777-2 4096 17 : sticky_test

Use the Redheat user to enter the Sticky_test directory, touch a file, and add 777 permissions to the file

WhoAmItouch chmod 777 0 1 0  in :ten Redheat_file

Normally, a file with 777 permissions is added, and any user can perform read, write, and perform operations on it.

Now use the MyUser user to enter the directory and perform the delete operation

WhoAmI010:rm -   RM: Cannot remove ' redheat_file': Operation not permitted

It can be found that the system gives the prompt to deny permission.

Change back to Redheat user, perform the delete operation

RM -0

command to execute normally.

Create the file again, and use the root user to change the file's genus to MyUser

Chown010: Redheat_file

Use the MyUser user again to execute the delete command

0 1 0  in :rm -RM: Cannot remove ' redheat_file': Operation not permitted

is still not available for deletion.

Use the root user to remove the sticky permissions of the directory and change the group of Redheat_file files back to the Redheat user

chmod o-24096:chown redheat.redheat sticky_test/redheat_file # ll sticky_test/10  £ º sticky_test/redheat_file

The file can be successfully deleted by using the MyUser user

RM0

Summary: When a directory is set with sticky permissions, a group or other user cannot perform a delete operation on the file, even if it has permissions on the file in that directory.

Command:

chmod 1777  chmod o+chmod o-t sticky_test

Linux permissions issues (1)-sticky