Linux section Fourth

Source: Internet
Author: User

Phase Three third Lecture
1. Group Management/user management (important file system will be backed up in real time file-)
Vim/etc/group: Group Management File://Group name: Password Control key: Group ID: member
Vim/etc/gshadow: Group Password Management file://Group name: Password: Administrator: Member
2.groupadd
Function: Add Group
Syntax: Groupadd [-G gid [-O] [-R] [-F]]

3.groupdel
Role: Delete a group

4. Primary group, satellite group
: Create User A is a group that creates user A and the user ID by default, and when this user joins other Group B, the other group B is the group A's satellite.

4. Basic Rights Management
: New file permission is (rw-r--r--)
New directory permission is (rwxr-xr-x)

5.chmod
Role: Modify file permissions (= Assignment regardless of existence or not, + increase permissions)
Syntax 1:chmod u=rwx,g=r--, o=r--(ugo=r) filename
Syntax 2:chmod 744 filename
Syntax 3:chmod u+x filename

chmod go+x Install.log
chmod GO=RW

6.chown
Role: Modify the file belongs to the main, belong to the group
Syntax: chown user:group filename
PS: You can also modify the owner or genus individually, with the command syntax chown user filename and chown:group filename

7.umask Reference: http://blog.itpub.net/7318139/viewspace-920215/
Function: To control the initial permissions of the new directory file and the normal file by setting the Umask value (specifies the permission mask that is preset when the file is created)
Syntax: umask=022 (customizable)
Principle: The default full permission of the directory file is 777 (RWXRWXRWX), minus umask 022 (----w--w-), so the new directory file permission is (rwxr-xr-x) 755;
The default full permissions for normal files are 666 (rw-rw-rw-), minus umask 022 (----w--w-), so the new directory file permission is (rw-r--r--) 644.
(For files, the maximum value for this number is 6, respectively.) The system does not allow you to give it permission to create a text file, and you must add this permission with the chmod command after creation. The directory allows you to set execution permissions, so that for the directory, the number of umask can be up to 7)
Whether a file can be deleted depends on the parent directory permission

8.vim
Role: Modifying files
Mode: Default comes in general mode, I edit mode, ESC exit edit, shift+: Bottom row mode
Parameter: w:write/q:quit/! Force
Edit mode:
A: Insert content after cursor
A: Cursor last inserted content
O: The current cursor under the new line insert content
O: New line inserted at current cursor
X: Remove Backward
X: Delete Forward
U: Undo Current Action
U: Undo All actions
Shift+d: Delete the character after the cursor

---supplemental Permissions---
In fact, in the implementation of UNIX, the file permissions with 12 bits, if the value at the location is 1, indicating that there is a corresponding permission, if 0 does not have the appropriate permissions
The 11th bit is suid bit, 10th bit is sgid bit, 9th bit is sticky bit, 第8-0位 corresponds to the above three group rwx bit
11 10 9 8 7 6 5 4 3 2 1 0
S G T R W x r W x r W x
The 9th bit represents the file type, which can be P, D, L, S, C, B, and-:
P indicates named pipe file-pipe
D represents the catalog file-directory
L represents a symbolic connection file-link
-Indicates normal file-
s represents the socket file-socket
C represents a character device file-character device
b represents a block device file-block

第8-6位, 5-3-bit, 2-0-bit represent the permissions of the file owner, the permissions of the same group of users, and the permissions of other users, in the form of rwx:
(Other users above, not including root this super user.) )
R is readable, the contents of the file can be read-the number 4 indicates
W is writable and can modify the contents of the file-the number 2 indicates
X is executable and runs the program--the number 1 indicates
Where no permissions are used-Indicates

chmod u+s filename setting suid bit
chmod u-s filename Remove suid settings
chmod g+s filename setting sgid bit
chmod g-s filename Remove sgid settings

-RWSRWXSWT ======> appeared t,t role in memory to save A.txt as much as possible, saving the time of system reload.
From S and s we can see that before the SU is set, the corresponding execution permission of the script is not set (there is the S, not the s).
It is similar to the settings for Sgid. The sticky bits are denoted by T and T, but the meaning of the inclusion is the same.

rwsrw-r– indicates a setuid flag.
rwxrwsrw-indicates a setgid flag.
RWXRW-RWT indicates a sticky flag.

chmod 4777//is set SID
chmod 2777//is set GID
chmod 1777//is set sticky--t this bit can be understood as anti-delete bit. Whether a file can be deleted by a > user depends largely on
Whether the group to which the file belongs has write access to the user. If no write permission is available, all files in this directory are not
Can be deleted, and new files cannot be added at the same time. If you want users to be able to add files but cannot delete files at the same time,
You can use the sticky bit bit for the file

0: Do not set special permissions
1: Set Sticky only
2: Set Sgid only
3: Only set sgid and sticky
4: Set SUID only
5: Only set suid and sticky
6: Only set suid and Sgid
7: Set 3 kinds of permissions

Linux section Fourth

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.