Modify folder directory permissions under Linux system

Source: Internet
Author: User
Tags anonymous ftp file readable ftp client

Modify folder directory permissions under Linux system

Folder permissions Issues

Linux, Fedora, Ubuntu modify files, folder permissions the same way. A lot of people start to get into Linux when they're having headaches with Linux file permissions issues. Here we show you how to modify Linux file-folder permissions. Take the example of a folder named CC under the home folder. The following step-by-step article describes how to modify permissions: 1. Open the terminal. Input SU (no

 

Linux, Fedora, Ubuntu modify files, folder permissions the same way. A lot of people start to get into Linux when they're having headaches with Linux file permissions issues. Here we show you how to modify Linux file-folder permissions. Take the example of a folder named "CC" Under the home folder.

The following step-by-step article describes how to modify permissions:
1. Open the terminal. Enter "su" (no quotation marks)

2. Next, you will be asked to enter your password and enter your root password.

3. Suppose my folder is in the home directory, the address is/var/home/dengchao/cc. Suppose I want to modify the file permission to 777, then enter chmod 777/var/home/userid/cc in the terminal

The permissions on the folder become 777.

If you are modifying folder and subfolder permissions you can use Chmod-r 777/var/home/userid/cc

The specific permissions (such as the meaning of 777, etc.) are explained below:
1.777 has 3 bits, the highest bit 7 is to set the file owner access rights, the second is to set group access, the lowest bit is to set other people access rights.

Each of these bits is represented by numbers. These permissions are specific:

R (read, reading, permission value 4): for a file, have permission to read the contents of the file, and for the directory, have permission to browse the directory.

W (write, write, permission value 2): for the file, has the new, modifies the file content the permission, for the directory, has the deletion, the move directory inside the file the permission.

x (Execute, execute, Permission value 1): for the file, it has permission to execute the file, and for the directory, the user has permission to enter the directory.

2. First we look at how to determine the number of permissions on a single one, for example, the highest bit represents the value of the file owner's permissions, when the number is 7 o'clock, 7 is denoted by "rwx" –{4 (R) +2 (W) +1 (x) =7}–

And if the value is 6, then "rw-" means –{4 (R) +2 (W) +0 (x) =6}–, "-" means no permissions, which means "execute" permission is not available.

If we set the access rights of other users to "R –", the value is 4+0+0=4

At first many beginners will be confused, it is very simple, we will rwx as a binary number, if there is 1, no 0 means, then rwx can be expressed as: 111

and the binary 111 is 7.

3. Let's take a look at how to determine the permissions on the 3 digits. If we want to set permissions for a file, the specific permissions are as follows:

The file owner has "read", "Write", "execute" permission, the group user has "read" permission, other users have "read" permission, the corresponding letter is expressed as "rwx r–r–", the corresponding number is 744

Typically the highest bit represents the file Owner permission value, the second represents the group user right, and the lowest bit represents the other user rights.

Here are some examples to familiarize yourself with.

Permissions

Numerical

RWX rw-r–

764

rw-r–r–

644

rw-rw-r–

664

Specific Linux Modify folder-file directory permissions are set.

Chmod is used to change the access rights of a file or directory. Users use it to control access to files or directories. There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.

1. Text Setting method
Syntax: chmod [who] [+ |-| =] [mode] File name

The meanings of the options in the command are:

Action object who is either or a combination of the following letters:
U means "user", which is the owner of the file or directory.
G means "same group user", that is, all users who have the same group ID as the file owner.
O means "other (others) users".
A means "all users". It is the system default value.
The operation symbols can be:
+ Add a permission.
-Cancels a permission.
= gives the given permission and cancels all other permissions, if any.
Setting the permissions represented by mode can be any combination of the following letters:
R is readable.
W writable.
X executable.
x append the x attribute only if the destination file is executable to some users, or if the target file is a directory.
S is the owner of the file in which the owner or group ID of the process is placed when the file is executed.
The way "U+s" sets the user ID bit of the file, "G+s" sets the group ID bit.
T save the program's text to the swap device.
You have the same permissions as the owner of the file.
G has the same permissions as a user with the same group as the file owner.
o have the same permissions as other users.
File name: A list of files separated by spaces to change permissions, and wildcard characters are supported.

  

Multiple permission methods can be given in one command line, separated by commas. For example:

chmod G+r,o+r example% enables the same group and other users to have read access to the file example.
2. Digital Setting method

We must first understand the meaning of the attributes represented by numbers: 0 means no permissions, 1 means executable permissions, 2 is writable, 4 is read, and then it is added. So the format of the numeric attribute should be 3 octal numbers from 0 to 7, in the Order of (U) (g) (O).

For example, if you want the owner of a file to have "read/write" Two permissions, you need to have 4 (readable) +2 (writable) =6 (read/write).

The general form of the digital setting method is:

Syntax: chmod [mode] file name

instruction Example:

% is the property of the set file sort:
File owner (u) Increased execution permissions
Increase execution rights with the owner of the file in the same group as the user (g)
Additional users (O) Increased execution permissions
chmod ug+w,o-x Text
% is the property of the set file text:
File owner (u) Add Write permission
Add write permissions to the same group of users as the file owner (g)
Other users (O) Remove Execute permissions
chmod u+s a.out
The% assumes that the A.out permission after performing chmod is (can be seen with the Ls–l a.out command):
–rws--x--x 1 inin users 7192 Nov 4 14:22 a.out
And this execution file to use a text file shiyan1.c, its file access permission is "–RW-------",
That is, the file has read and write access only to its owner.
When other users execute a.out this program, his identity is temporarily changed to Inin due to this program (due to chmod
The S option is used in the command, so he is able to read the shiyan1.c file (although this file is set to
Other people do not have any permissions), this is the function of S.
Therefore, in the whole system, especially the root itself, it is best not to set this type of file too much (unless
necessary) This will ensure the security of the system and avoid the intrusion of the system due to bugs in some programs.
chmod a–x Mm.txt
Chmod–x Mm.txt
chmod ugo–x Mm.txt
% of these three commands is to delete the execution permission of the file Mm.txt, it sets the object to all the users.
$ chmod 644 Mm.txt
% is the property of the set file Mm.txt:-rw-r--r--
File owner (U) inin has read and write permissions
User with file owner (g) has Read access
Other people (O) have read access
chmod wch.txt
% is set wchtxt the properties of this file are:-rwxr-x---
File owner (U) inin readable/writable/executable rights
(g) readable/enforceable rights with the main group of files
Other people (O) do not have any permissions

FTP Server built under Linux

FTP File Description *********************
This FTP server package is vsftpd-2.3.4-1.fc14.i686.rpm
The FTP client package is ftp-0.17-51.fc12.i686.rpm
1, vsftpd no longer controlled by xinetd;
2, FTP use port 21 to initiate the connection, using port 20 for data transmission;
3. VSFTPD configuration file:/etc/vsftpd/vsftpd.conf #主配置文件
/etc/vsftpd/vsftpd/ftpusers #拒绝该文件中列出的用户登录FTP
/etc/vsftpd/vsftpd/user_list #默认同ftpusers相同
4, view the/etc/passwd file, you can see the FTP default shared directory path is/var/ftp;
5. FTP log file:/var/log/xferlog
6. Related software packages: Tcp_wrappers, ip_conntrack_ftp, ip_nat_ftp
(these 3 packages are listed in the textbook, I have not tested their use, interested friends can study it)
7. Start and stop vsftp instructions:
#service vsftpd Start//Start VSFTPD Service
#service vsftpd Stop//Stop VSFTPD Service
#service vsftpd Restart//Restart VSFTPD service, you must restart the VSFTPD service with this command each time you change the FTP-related configuration
#chkconfig vsftpd on//enable VSFTPD service to boot. (Optional operation)
8, pay attention to the security nature of SELinux:
The general SELinux is forcibly enabled, many services are default permissions control, if we encounter some strange errors in the FTP server testing, we can turn off SELinux,
You can also turn off the SELinux protection settings for the FTP service only;
#sestatus//view current system SELinux is turned on
If it is turned on, open the/etc/selinux/config file, edit: Change selinux=enforcing to selinux=disabled, and comment out the selinuxtype=targeted!

or #setsebool-p Ftpd_disable_trans 1//Turn off SELinux protection for FTP only
FTP Permission Requirements **********************
A. Allow anonymous users to log on;
B. Allow anonymous users to upload and download data (refuse to overwrite existing data);
C. Allow local users to log on; (Note the impact of SELinux)
D.ftp shared directory/var/ftp/
E. Deny anonymous users the creation of new files or folders;
F. Enabling logged-in users to download shared data
============================================================================

1, check whether the machine has installed ftp-server and ftp-client;
#rpm-qa vsftpd
#rpm-QA FTP

2, if not installed, download the appropriate package, or yum online installation;
#yum Install VSFTPD//FTP Server package
#yum Install FTP//FTP client Package

3. Edit/etc/vsftpd/vsftpd.conf
Anonymous_enable=yes//Allow anonymous users to log in

Local_enable=yes//Allow local users to log in

Write_enable=yes//Allow users who log on to FTP to perform write operations

local_umask=022
anon_umask=077//Anonymous user uploaded file permissions will be umask calculation, into-rw-------

Anon_upload_enable=yes//Allow anonymous users to upload files

Xferlog_file=/var/log/vsftpd.log//ftp server log file default path

Ftpd_banner=***********welcome to My FTP server***********

4. Open VSFTPD Service
#service vsftpd Start

5. Create a folder under the FTP share directory
#mkdir/var/ftp/pub//For storing shared file information
#mkdir/var/ftp/incoming//For storing information uploaded by anonymous users

#ls-L/var/ftp/
Drwxr-xr-x. 2 root root 4096 May 8 14:13 incoming
Drwxr-xr-x. 2 root root 4096 May 8 14:15 Pub
The newly created folder belongs to the root user and user group by default and needs to be corrected!

#chown ftp.ftp/var/ftp/incoming//change to the owning user is FTP, the user group is an FTP group
#chown ftp.ftp/var/ftp/pub
#ls-L/VAR/FTP
Drwxr-xr-x. 2 FTP FTP 4096 May 8 14:13 incoming
Drwxr-xr-x. 2 FTP FTP 4096 May 8 14:15 Pub

6. Log on to the FTP server
#ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
************welcome to My FTP server*************.
Name (127.0.0.1:root): FTP//Login user name Here enter FTP or anonymous or local valid account name
331 Specify the password.
Password://When logged in anonymously, enter directly
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
Ftp>

There is also a way to log on to the FTP server: Open firefox browser, enter ftp://127.0.0.1, you can log on anonymously;
7, allow users to download/var/ftp/pub files
To use an administrator account:
#chmod +r/var/ftp/pub/*//Modify Read permissions for files under the pub directory

Modify folder directory permissions under Linux system

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.