Linux Sixth day: (August 03) Linux Rights Management

Source: Internet
Author: User

Linux Sixth day: (August 03) Linux Rights Management

Chown User:group file change files or directories belong to the main
Chown-r recursion
Chown--reference=<> Reference

CHGRP group DIR (or file) change file or directory belongs to groups


R View Content
W Modify Content
X draws the boot to process


R View Catalog File list
W Create file Delete file
x ls-l view File list, CD enter this directory

x only give directory x permission, do not give file X permission

chmod u g o = +-
---000 0
--x 001 1
-w-010 2
-WX 011 3
r--100 4
R-x 101 5
RW-110 6
RWX 111 7

New file permission 666-umask even constant odd +1
New DIR permission 777-umask
Non-privileged user umask is 002
Root Umask is 022.
Umask View
Umask # Settings
Umask 002
Umask-s Mode display
Umask-p output can be called

Modify Global Settings/ETC/BASHRC
Modify user Settings ~/.BASHRC

chmod u+s FILE Add suid permission
chmod u-s FILE minus suid permissions

chmod g+s FILE Add sgid permission
chmod g-s FILE minus sgid permissions

chmod g+s DIR Add sgid permissions
chmod g-s DIR minus sgid permissions

chmod o+t DIR Add sticky permissions
chmod o-t DIR minus sticky permissions

SUID user occupies the owner's execution permission bit
s owner has x permission
S owner does not have X permission
SGID group occupies the execution permission bit of the genus
s group has x permissions
S Group does not have X permissions
Sticky other occupies the execution permission bit of other
t other has x permission
T other does not have X permission

Chattr +i cannot be deleted, renamed, changed
Chattr +a can only increase
Lsattr Display Specific Properties

ACL Access Control List

Manual creation of EXT4 manually adding ACLs
Tune2fs-o ACL/DEV/SDB1
Mount-o acl/dev/sdb1/mnt
ACL effective order owner, custom user, custom group, others

Serfacl-b--remove-all Remove all extended ACL rules
Serfacl-k--remove-default Remove the default ACL rule
serfacl-d--default to set default ACL rules
Serfacl-r--recursive Recursion
Serfacl--Version output Setfacl and exit
Serfacl-Mask Recalculate effective permissions even if ACL mask is explicitly specified
Serfacl--Help output helper information
Serfacl--Identifies the command line argument after which all parameters are considered to be file names
Serfacl-If the file name is-then SETFACL will read the file name from the standard input
Serfacl--set and--set-file settings file or directory ACL rules previous settings will be overwritten
Serfacl-m (--modify) and-M (--modify-file) modify file or directory ACL rules
Serfacl-x (--remove) and-X (--remove-file) Remove ACL rules
Getfacl FILE1 | setfacl| --set-file=-FILE2 copy ACL permissions
Getfacl-r DIR1 >acl.txt backup ACL
Setfacl-r-B DIR1
Setfacl-r--set-file=acl.txt DIR1
Gerfacl-r DIR1

Linux Sixth day: (August 03) Linux Rights Management

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.