Reprint Please specify source: http://blog.csdn.net/suool/article/details/38318225
Part of the content is organized from the network, here thank you to the great God.
The file property stores the member variable i_mode of the struct inode, which stores the file type and permission information for the file.
The variable is of type short int.
Each bit function of this 16-bit variable is divided into:
For example, the following sample:
Drwxr-xr-x 5 root root 03:27 Desktop
The first, third, and fourth domains are associated with file permissions.
The third domain is the owner of the file, and the fourth domain is the group that owns the file, and the first domain restricts access to the file. In this example. All of the files are root, the group that belongs to is root, and the file access permission is drwxr-xr-x. For files and folders, each file and folder has a set of permission flags that are combined with them, and in the example above, the contents of the first domain. To analyze the meaning of each symbol in this field in detail:
The field is made up of 10 characters. Be able to divide them into four groups, with the detailed meanings of each:
D rwx R-x R-x
File type All rights flag Group permission flag other user rights flag
Of
File type: first character.
Because the Linux system treats devices, folders, and files as files, this character indicates the type of the file, characters and the corresponding meanings such as the following table:
File Flag File Type sample
There are 4 different types of users for each file or folder. Each class of users has access to a set of read, write, and run (search) files. These 4 categories of users are:
As root, they own the full range of read, write, and search permissions for all files and folders themselves. So it is not necessary to understand the permissions assigned to them.
Other class three users are able to authorize or revoke permissions on the basis of a delay in the file or folder. Therefore, for the other three categories of users, a total of 9 permission bits with the corresponding, divided into 3 groups, each group of 3, respectively, with R, W, x, respectively, corresponding owner, group, World.
The permission bits have a slightly different meaning for files and folders.
Each set of 3 characters corresponds to a left-to-right order, for a file : Read the contents of the file (r), write the data to a file (W), and run the file as a command (x).
for a folder : Read the file name (R) included in the folder, write the message to the folder (add and remove the connection to the index point), Search the folder (you can use the folder name as the pathname to access the files or subfolders it includes).
In detail, it is:
1. Users with read-only permissions cannot enter the folder with a CD. must also have access to the ability to operate.
2. A user with permission to run has access to files under the folder only if they know the file name and have read access to the file.
3. You must have read and run permissions to use LS to List folder listings, or to use a CD to enter a folder.
4. If a user has write permission to a folder, they can create, delete, or change any file or subfolder under the folder, which is the file or subfolder belonging to another user.
========================================================================================================
Change file PermissionsFirst of all, the right to change the file. use the chown and CHGRP commands :
Chown new_user file or directory: Change all of the files or folders.
CHGRP new_group file or directory: Changes the owning group of the files or folders.
Note Here is: ordinary users can not be the full rights of the file or folder with others, only Root has this permission. However, the normal user has the right to change the file or folder's owning group .
Because the permissions of each class of users are made up of rwx three bits. It is therefore possible to use three octal numbers to represent the file's access rights. An octal number can be represented by three binary digits, then the corresponding R with a weighted value of 4, and a bit corresponding w with a weight of 2. The weighted value is 1 bits corresponding to X. For a class of users, by multiplying the three bits with their corresponding weights, you can obtain access to the user.
the command to change access to a file is chmod. The format is:
chmod permission file_name
For example, chmod 764 A.txt, which represents the entire person for the file. has permission to read, write, and run the file.
For the user of the group to which the file belongs, have read and write permissions. For other users, there is only Read permission.
chmod is a command that sets file permissions under Linux, followed by a number that represents the permissions of different users or groups of users .
It is usually three numbers:
The first number represents the permissions of all the people in a file
The second number indicates the permissions of other users who belong to the same user group as the file owner
The third number represents the permissions of the other user groups.
Permissions are divided into three types: read (r=4). Write (w=2), run (x=1) . The combination also has a readable and operational (rx=5=4+1), readable writable (rw=6=4+2), readable writable operation (rwx=7=4+2+1).
Therefore, chmod 755 sets the user's permissions to:
1. All files are readable and writable and can be run
2. Other users of the same user group as the whole file can read and run
3. Other user groups can be read and run
the difference between chmod 4755 and chmod 755 is that it starts with a bit more, and this 4 means that other users have the same permissions as the entire person when they run the file .
For example: The root user has created a network authentication program Netlogin, assuming that other users want to use the Internet also need this program, it requires the root user to execute chmod 755 netlogin command so that other users can also execute netlogin.
However, the Netlogin runtime may need to access some files that only the root user has access to, and other users may run Netlogin because of insufficient permissions or inability to surf the internet.
In this case, you can use chmod 4755 Netlogin set other users to run Netlogin also have root user rights, so that the internet smoothly.
PS: Invalid for shell script settings! Only the app works!
Another way to do this is to use a string to set file access permissions . In the middle of reading with R, write with W, run with X, the whole is represented by U. The group user is represented by G. Other users are indicated by O. All users are represented by a. So the example above is written in the following pattern:
chmod a+r,u+w,u+x,g+w A.txt
======================================================================================
permission modifier bitssuid meaning : The bit of the file is set to 1, and when the file is run, the file will run as the full person. In other words, whoever runs the file, he has the privileges of all the files, assuming that all of them are root, then the user has the privilege of superuser. This is the bit that will become a security vulnerability. So do not set this bit easily.
sgid meaning : The performer will have permissions for all groups of files.
sticky Bonding bit : requires the operating system to be both after the operational program exits. You still want to keep the image of the program in memory. This is done to save the startup time of large programs. However, it consumes system resources. So setting this bit is better than writing the program.
Setuid. Setgid;sticky bit Difference
Each file has the entire number of people and groups, set UID, set GID can change the user's permissions to the file: Write and run.
Setuid: Has permissions to all the files at run time.
Setgid: Sets the folder. A folder is labeled with the Setgid bit, and the file created under this folder inherits the folder's properties.
Sticky bit: This bit can be understood as an anti-delete bit. After setting the sticky bit, the user can only add files and not delete files even if they have write permission to the folder.
The operation of these flags is the same as the command to manipulate the file permissions, both of which are chmod. There are two ways to do this,
1) chmod U+s Temp--add setuid flag to temp file. (setuid only valid for files, u= users)
chmod g+s tempdir--add setgid flag for TempDir folder (Setgid is only valid for folders. G= Group name)
chmod o+t Temp--Adds a sticky flag to the temp file (sticky only works on the file)
2) Adopt the eight-way system. The meaning of this set of octal digits three bits is as follows,
Abc
The A-SETUID bit, assuming that the bit is 1, indicates the setting setuid
The B-setgid bit, assuming that the bit is 1, indicates the setting setgid
The c-sticky bit, assuming that the bit is 1, indicates the setting sticky
After setting, you can use Ls-l to view. Assuming there is an X on that bit, these special flags appear as lowercase letters (s, s, T). Otherwise, it is shown in uppercase letters (s, S, T)
Such as:
rwsrw-r--indicates a setuid flag (rwxrw-r--:rwsrw-r--)
rwxrwsrw-indicates a setgid flag (rwxrwxrw-:rwxrwsrw-)
RWXRW-RWT indicates a sticky flag (RWXRW-RWX:RWXRW-RWT)
==============================================================================================================
Executable Files under Inux/unix:
is set to Setuid, when a program once set the tag, using the program can run the process will have the permissions of all the users of the running file, can promote the user's rights, ordinary users can run the change command, to upgrade themselves to root permissions .
Setuid is used in the following ways: chmod 4755 program or chmod u+s program (setuid is only valid for files)
Setgid is set, so the process that uses the program will have the permissions of all the groups in the program. Files that are setgid alone are rarely used, usually setuid and setgid, at the same time Setuid,setgid to bind special permissions for a particular user and its group.
Setgid is used in the following ways: chmod 2755 dir or chmod g+s dir (setgid only valid for folders)
How to set Setuid,setgid at the same time: chmod 6755 Program
is set to the sticky bit, the setting is used by: chmod 1777 file or chmod o+t file (sticky only valid for files)
When a folder is set to "sticky bit" (with chmod a+t), the files under this folder can only be
First, Super admin delete
Second, delete all the folders
Third, delete all of the files
That is, even if the folder is capable of writing by anyone, there is only a master talent for files that can be deleted.
1. Read File properties
Use the stat function. For example, the following demo sample:
The structure of the stat consists of the following: see Stat.h header file for more details on this document: http://blog.csdn.net/xuemiao1234/article/details/5544226
The structurestatcontains at least the following members:
struct Stat { dev_t St_dev; The file's device number ino_t St_ino; Node mode_t st_mode; The type of file and access permissions nlink_t st_nlink; The number of hard connections to the file, the newly created file value is 1 uid_t st_uid; User ID gid_t st_gid; Group ID dev_t st_rdev; (device type) If this file is a device file. The device number off_t st_size; Number of File bytes (file size) unsigned long st_blksize; Block Size (file system I/o buffer size) unsigned long st_blocks; Number of blocks time_t st_atime; Last interview time time_t st_mtime; Last modification time time_t st_ctime; Last change time (refers to attribute)};The same function with query function has lstat, see http://pubs.opengroup.org/onlinepubs/7908799/xsh/lstat.html
Query function for opening file: Fstat, see http://pubs.opengroup.org/onlinepubs/7908799/xsh/fstat.html
Same as in the change command above. For files that are already open, use the Fchmod type, plus the F prefix.
The following is a demo sample program that uses the Lstat function to query file properties to print the appropriate prompts based on the type of file.
The code is as follows:
#include <sys/types.h> #include <sys/stat.h> #include <stdlib.h> #include <stdio.h>int main ( int argc, char *argv[]) {int i;struct stat Buf;char *ptr;for (i = 1; i < argc; i++) {printf ("%s:", Argv[i]); if (Lstat (a Rgv[i], &buf) < 0)//obtains information about the File{perror ("Lstat"); continue;} if (S_isreg (buf.st_mode)) ptr = "Regular file"; Regular Fileelse if (S_isdir (buf.st_mode)) ptr = "directory file"; Directory Fileelse if (S_ISCHR (buf.st_mode)) ptr = "character special file"; Character_special Fileelse if (s_isblk (buf.st_mode)) ptr = "Block special file"; Block_special Fileelse if (S_isfifo (buf.st_mode)) ptr = "FIFO file"; Pip File#ifdefs_islnkelse if (S_islnk (buf.st_mode)) ptr = "symbolic link"; Link File#endif#ifdefs_issockelse if (s_issock (buf.st_mode)) ptr = "socket"; Socket File#endIFELSEPTR = "* * Unknown mode * *"; Unknown fileprintf ("%s\n", PTR); }return 0;}
Ok. That's all.
The Next:
Application project implementation of file management
Some important points of knowledge about file management systems:
Inode
Next-generation file management system Btrfs
Hard links, soft connections
Reprint Please specify source: http://blog.csdn.net/suool/article/details/38318225
Linux Programming Learning notes----file type and attribute management under Linux
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
