Linux users and permissions, Linux User Permissions

Source: Internet
Author: User

Linux users and permissions, Linux User Permissions

Library: lib

Shared Library:. so, shared object,



User: obtains the resource and service identifier.

Group, assign permission, identifier


Process: The process is performed as a user, with the owner and group

Security context)


Linux permission, three groups of users

File owner and file owner

File Group, the native Group of the file

Other users,



Each file has three types of permissions: file owner, file group, and other users.

Each type of user has three Permissions

R, w, x


R: readable. You can view the file content;

W: writable. You can edit or delete this file.

X: excutable, executable, and submitted to the kernel for running


R: You can execute ls for this directory to list all internal files;

W: You can create files in this directory;

X: You can use cd to switch to this directory, or you can use ls-l to view the details of internal files.


R --: Read-Only

R-x: read and execute

---: No permission


0 000, ---: no permission

1 001, -- x: Run

2 010,-w-: Write Permission

3 011,-wx: Write and execute

4 100, r --: Read

5 101, r-x: read and execute

6 110, rw-: read/write

7 111, rwx: read/write execution



755: rwxr-xr-x

Rw-r -----: 640

660: rw-rw ----

Rwxrwxr-x: 775


User: UID,/etc/passwd

Group: GID,/etc/group


Shadow password, which stores real passwords of users and groups




User Type:

The administrator ID is 0.

Normal user ID 1 ~ 65535

System User ID number 1 ~ 499

Average user ID: 500 ~ 60000


User Group category:

Administrator group:

Common group:

System group:

General group:


User Group category:

Private Group: if you do not specify a group for a user, the system automatically creates a group with the same name as the user name.

Basic group, default group of the user

Additional group, additional group, other than default group


Resolution: name resolution, -- IP



Account: Login Name

Password: password. x is displayed. The placeholder password is displayed. The real password is in/etc/shadow.

UID: User ID

GID: basic group ID

GECOS: The full name of a user.

Dir: Home Directory

SHELL: the user's default shell



Login name: Logon name

Encrypted password: encryption password, $1 $ indicates MD5 Encryption

The password is *,!! This user is locked and cannot log on

Days: from to the number of days after the last Password Change

Day: Minimum Password Validity Period

Day: Maximum Password Validity Period

Day: Password Expiration warning time

Day: before the user is disabled


Ls-lh $ (which useradd)

Ls-lh 'which useradd'

Ls-lh $ (which adduser)

Ls-lh 'which adduser'

Useradd tom, add user tom

Passwd tom, add a password to the user tom


Groupadd mygrp, add group mygrp


* File useradd, to view the file type

Useradd: ASCII text.


User Management:

Useradd, userdel, usermod, passwd, chsh, chfn, finger, id, chage

Group Management:

Groupadd, groupdel, groupmod, gpasswd,

Permission management:

Chown, chgrp, chmod, umask


* Encryption Method

Symmetric encryption: the same password is used for encryption and decryption.

Public key encryption: Each password becomes a pair. One is a private key and the other is a public key)

One-way encryption: Hash encryption, which can only be plaintext → ciphertext. Data signature is extracted and is often used for data integrity verification.

1. irreversible;

2. avalanche effect, anti-cracking

3. fixed-length output

MD5: Message Digest, information Digest version 5th, 128-Bit fixed-length output

SHA1: Secure Hash Algorithm, version 1st, 160-Bit fixed-length output

4. Collision

5. md5sum


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.