in the Linux system, we often need to modify the file permissions, such as to increase the security of the main group of what, or access rights, this is very common, all we need to understand a few three commands: Chown,chgrp,chmod,umask
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/75/90/wKioL1Y8U8aTY5rMAAEYoJCBjRM463.jpg "title=" 2.png " alt= "Wkiol1y8u8aty5rmaaeyojcbjrm463.jpg"/> in the previous blog post(Linux file Management common commands Finally, we briefly explained the file attributes, such as some of the areas are not very clear, look at this blog post is introduced
First, Chown (change owner)
Chown-change file owner and group # Modify the owner and group of files Synopsis chown [OPTION] ... [OWNER] [: [GROUP]] File ... chown [OPTION] ...--reference=rfile file ...-r: recursively modifying subdirectories and genera--reference=/path/to/somefile: modifying files according to a file Owners and genera [[email protected] ~]# lltotal 8-rwxr-xr-x 1 root root 518 Nov 1 20:02 iptables.sh
(1). Modify the owner of the user only
[[email protected] ~]# chown mysql iptables.sh # modified file owner for Mysql[[email protected] ~]# lltotal 4-rwxr-xr-x 1 mysql Root 518 Nov 1 20:02 iptables.sh
(2). Modify both the owner and the group
[[email protected] ~]# chown Apache.apache iptables.sh # The owner and group of the modified file are Apache[[email protected] ~]# lltotal 4-rwxr-xr-x 1 Apache Apache 518 Nov 1 20:02 iptables.sh
(3). Recursively modifies the owner and owner groups of all files under the directory and its subdirectories
[[email protected] ~]# chown-r mysql:mysql test/# recursively modifies the owner and owner group of all files under test [[email protected]/]# ll/test/total 4-rw-r --r--1 mysql MySQL 0 Nov 6 16:33 a-rw-r--r--1 mysql mysql 0 Nov 6 16:33 b-rw-r--r--1 mysql mysql 208 Jul 6 13:41 Id_rsa_1024.pub
(4). Refer to other documents to modify the genus Group
[[email protected] test]# lltotal 4-rw-r--r-- 1 mysql mysql 208 jul 6 13:41 id_rsa_1024.pub # The original genus of this file is mysql[[email protected] /]# ll /etc/passwd -rw-r--r-- 1 root root 1592  NOV  5 15:55 /ETC/PASSWD     # PASSWD files belong to and belong to root[[Group email protected] test]# chown --reference=/etc/passwd id_rsa_1024.pub # Reference passwd to modify id_rsa_1024.pub[[email protected] test]# ll id_rsa_1024.pub - rw-r--r-- 1 root root 208 jul 6 13:41 id_rsa_1024.pub # This is the main group has been changed to Root[[email protected] ~]# chown testuser iptables.sh # Modify the owner of the file as a non-existing user testuserchown: ' testuser ': invalid user
Ii. chgrp (change group)
Chgrp-change Group Ownership # can only modify the file's genus Synopsis Chgrp [OPTION] ... GROUP file ... chgrp [OPTION] ...--reference=rfile file ... [[email protected] ~]# chgrp root iptables.sh # modified file belongs to group Root[[email protected] ~]# lltotal 4-rwxr-xr-x 1 apache Root 518 Nov 1 20:02 iptables.sh
Third, chmod (change mode)
chmod - change file access permissions # modifying access rights to files SYNOPSIS chmod [option]... mode[,mode]... file... chmod [ option]... octal-mode file... chmod [option]... - -reference=rfile file... [[email protected] ~]# lltotal 4-rwxr-xr-x 1 root root 518 nov 1 20:02 IPTABLES.SHR permissions are divided into 3 categories: File owner, file group, other users For example rwxr-xr-x three of them are a set of permissions, respectively, the permissions of the file owner: rwx, readable, writable, executable Permissions for the group to which the file belongs: r-x, readable, non-writable, executable other user rights: R-x, readable, non-writable, enforceable permissions:read, write, execute r, w, x file:r: can use the Content view Class command to display its related content w: You can use a text editor to modify its contents x: can initiate a process directory:r: can use the LS command to view file information for directory contents w: can create and delete files x: can use the ls -l command to view file information for directory contents, and can switch into this directory using the CD command
(1). Numerical notation
---: 0 unreadable non-writable--x:1 unreadable non-writable executable-w-:2 unreadable writable non-executable-wx:3 non-readable writable execution r--:4 readable non-writable unenforceable r-x:5 readable non-writable executable rw-:6 Readable writable non-executable rwx:7 readable writable execution [[email protected] ~]# lltotal 4-rwxr-xr-x 1 root root 518 1 20:02 iptables.sh # Now the right to change the number Word means 755[[email protected] ~]# chmod iptables.sh # Modify this file's permissions to 600[[email protected] ~]# lltotal 4-rw-------1 root R Oot 518 Nov 1 20:02 iptables.sh
(2). Letter notation
U: Genus G: Group O: Other User A: all users [[email protected] ~]# lltotal 4-rw-------1 root root 518 Nov 1 20:02 iptables.sh[[email protected] ~]# chmod +x iptables.sh # Add executable permissions for all users, at which point a can be omitted [[email protected] ~]# chmod u=rwx,go=r iptables.sh # Modify Iptables.sh File permissions are 744[[email protected] ~]# lltotal 8-rwxr--r--1 root root 518 Nov 1 20:02 iptables.sh
Four, Umask (mask code)
(1). create file default permissions: 666-umask
PS: The file by default does not allow execution permissions, even if the 666-umask after the file has execute permissions, it will be removed executable permissions
[[email protected] ~]# umask # root User default umask is 022, as for why look back summary 0022 [[email protected] ~]# umask 023 # temporarily modified Umask value of 023[[email protected] ~]# touch Testfile[[email protected] ~]# lltotal 4-rw-------1 root root 518 1 2 0:02 iptables.sh-rw-r--r--1 root root 0 Nov 6 16:01 testfile # This should be 643, and +1 will be 644
(2). Create directory default permissions: 777-umask
[[email protected] ~]# Umask # default umask for 0220022[[email protected] ~]# mkdir TestDir # Create a new empty directory [email Pro Tected] ~]# lltotal 8-rw-------1 root root 518 Nov 1 20:02 iptables.shdrwxr-xr-x 2 root root 4096 Nov 6 16:05 TestDir # This new directory has permissions of 777-022 for 755
Summarize:
When modifying a group of owners and genera, the corresponding owner or group must exist, and the error will be made when it does not exist.
The Umask value is 002 If the user name and the base group name are the same; otherwise 022
Chown and chmod can use two options: ①-r②--reference=/path/to/somefile
This article is from the "Hello,linux" blog, make sure to keep this source http://soysauce93.blog.51cto.com/7589461/1710375
Linux Rights Management Common commands