This article is for the study notes, read articles: Bird's Linux Private dishes-Linux file rights and configuration http://linux.vbird.org/linux_basic/0210filepermission.php
1 Users and Groups
1) file Owner
In Linux, when a file is created, the owner of the file is the user who created the file. The file user can modify the file owner and user group, of course, the root user can also modify any file owner and user groups.
2) Group Concept
One of the most useful features of a group is when you are developing resources in the team!
3) Other people's concept
2 Linux File Permissions concepts
2.1 Linux file properties
Use the Ls-al command to view the file properties.
Figure 1 The file attributes
Figure 2 Types and permissions for files
1) The first character represents the type of this file:
- [ d] is a catalog file
- [ -] is a normal file
- [ l] is a link file
- [ b] is a random storage device file, such as a hard disk
- [ c] One-time read device files, such as serial devices
2) The next characters are set in three and are all combinations of "rwx" three parameters.
- [R] stands for readable (read)
- [W] stands for writable (write)
- [x] stands for executable (execute)
2.2 How to change file properties and permissions
- CHGRP: Change the group to which the file belongs
- Chown: Changing the file has
- chmod: Changing the permissions of a file
2.3 Permission meanings for directory files and ordinary files
Type |
Content |
Analogue objects |
R |
W |
X |
Normal file |
Details data |
File folders |
Read the file contents |
Modify file Content |
Execute file Content |
Catalog files |
Filename |
Category Drawer |
Read the file |
Modify file name |
Permission to enter the directory (key) |
3 Linux Directory Configuration
3.1 Linux directory configuration based on--FHS
Filesystem Hierarchy Standard (FHS) stated that their main purpose was to let users know where the installation software is usually placed, so they want independent software developers, operating system creators, and users who want to maintain the system, are able to comply with FHS standards.
The meaning of the three directories in a FHS definition:
- /(Root, root directory): related to the switching system;
- /usr (Unix sofrware Resource): Related to Software installation/execution;
- /var (variable): related to the system operation process.
1) Meaning of the root directory (/)
All directories are derived from the root directory, and the root directory is also associated with actions such as switch/restore/system repair. Because the root directory is so important, in terms of the requirements of FHS, he wants the root directory not to be placed in a very large partition slot, because the larger the partition slot you will put more information, so that the root directory in the partition slot there may be more error opportunities.
So the FHS standard recommendation: the smaller the root directory (/) is, the better, and the software installed by the application should not be placed in the same split slot as the root directory, keeping the root directory as small as possible. So not only the performance is better, the root directory is located in the file system is less prone to problems.
According to the above instructions, FHS defines that the root directory (/) should have the following in the existence of this directory, even if there is no entity directory, FHS also want to have at least a linked document exists only good:
Directory |
File contents should be placed |
Part I: FHS requirements must exist directory |
/bin |
The system has a lot of directories to place execution commands, but/bin is more special. Because the /bin is placed in the single maintenance mode can also be operated instructions. The commands under/bin can be used by root and general account, mainly: Cat, chmod, chown, date, MV, mkdir, CP, Bash and so on. |
/boot |
This directory mainly places the files that will be used to boot, including the Linux core files and the boot options and the required settings files. Linux kernel commonly used file name: Vmlinuz, if the use of GRUB2 this boot manager, there will be/boot/grub2 this directory! |
/dev |
On the Linux system, any management of any device or peripheral is present in this directory in the form of a file. All you have to do is access a device by accessing one of the files under this directory, and more important files are/dev/null,/dev/zero,/dev/tty,/dev/loop*,/dev/sd* and so on. |
/etc |
The main system settings files are stored in this directory, such as the person's account password files, various server initialization files and so on. Generally speaking =, the various files under this directory can be consulted by the general user, but only the root has the right to modify. FHS does not recommend placing executable files (binary) in this directory. The more important documents are:/etc/modprobe.d/,/etc/passwd,/etc/fstab,/etc/issue and so on. In addition FHS also standardize several important directories preferably exist in/etc directory:
- /etc/opt (required): This directory places the relevant settings file for the third-party/opt
- /ETC/X11/(Recommended): The various settings files related to x Window are here, especially xorg.conf the x Server settings file.
- /etc/sgml/(recommended): Various settings files related to SGML format
- /etc/xml/(recommended): Various settings files related to XML format
|
/lib |
The system has a lot of function libraries, and/lib places the library of functions that will be used at boot, as well as the function libraries that the instructions under/bin or/sbin will call. What is the function library? You can think of him as a "plug-in", some instructions must have these "plug-ins" in order to complete the implementation of the program. In addition, FHS requires that the following directories must exist:
- /lib/modules/: This is the main type of core-related modules (drivers) that can be pumped.
|
/media |
Media is the "software" in English, as the name implies, this /media is placed under the removable device! including floppy disks, CDs, DVDs, and so on are temporarily mounted here. Common filenames are:/media/floppy,/media/cdrom, and so on. |
/mnt |
If you want to temporarily mount some additional devices, it is generally recommended that you place them in this directory. In the early days, this directory is the same as/media! Just after the/media, this directory is used for temporary loading. |
/opt |
This is the directory to which the third-party assistance software is placed . What is third party software? For example, the KDE desktop Management system is a standalone technology, but he can be installed on a Linux system, so KDE software is recommended to be placed in this directory. Also, if you want to install the extra software yourself (not the original distribution), then you can install your software here too. But, in the previous Linux system, we were still accustomed to being placed under the/usr/local. |
/run |
The various information generated by the early FHS system will be placed under the/var/run, and the new version of FHS is under/run. Because/run can use memory to simulate, so the performance will be much better! |
/sbin |
Linux has a lot of instructions to be used to set the system environment, these instructions only root can be used to "set" the system, the other users can only use to "inquire" only. placed under the/sbin is required for the process, which includes the instructions required for the machine, the restoration, and the original system. For some server software programs, it is generally put into/usr/sbin/. The system binary, which is produced by the machine's own software, is placed in the/usr/local/sbin/, too. Common commands include: fdisk, fsck, Ifconfig, MKFS, and so on. |
/srv |
SRV can be regarded as the "service" of the contraction, is a number of Web services after the activation of these services need to access the information. Common services such as WWW, FTP and so on. For example, the Web information required by the WWW server can be placed in the/srv/www/. But, if the system has not yet been offered to anyone on the internet, it is a suggestion to place it under/var/lib. |
/tmp |
This is where the general user or the program being executed temporarily places the file. This item is accessible to anyone, so you need to clean it up regularly. Of course, important information can not be placed in this catalogue ah! Because FHS even suggest that you should remove the information from/TMP at the start of the machine! |
/usr |
Second layer FHS set, continue to introduce |
/var |
The second FHS set, mainly to place the information of the change, and then continue to introduce |
Part II: FHS The list of possible existing items |
/home |
This is the user's home directory of the system's presets. When you add a general user account, the user's home record will be set here. More importantly, there are two generations of home records:
- ~: Represents the current user's home catalogue
- ~dmtsai: This represents Dmtsai's home catalogue!
|
/lib<qual> |
Used to store two/lib in different formats, such as the/LIB64 Library, which supports 64-bit functions. |
/root |
The system administrator (root) 's home catalogue. The reason for this is that if you enter the single-person maintenance mode and simply download the root record, the record will be able to have root records, so we would like Root's home record and root record in the same slot. |
In fact, the standard of the FHS to the root of the record is only the above, but we have a lot of Linux under the title you also need to understand. Below are a few of the most important items in Linux:
Catalogue |
File contents should be placed |
/lost+found |
This is a record of using the standard EXT2/EXT3/EXT4 file system format, which is intended to place some of the missing fragments into this record when the file system is wrong. "."-- If you are using the XFS file system, there will be no such recording! |
/proc |
This is a "virtual filesystem" in itself, OH!! The information he places is in memory, such as the system core, the travel information (process), the state of the perimeter device, and the network state, and so on. Because the information in this project is in memory, so it doesn't occupy any hard disk space! More important files such as:/proc/cpuinfo,/PROC/DMA,/proc/interrupts,/proc/ioports,/proc/net/*, etc. |
/sys |
This is very similar to/proc, and is also a virtual file system, and it is primarily a matter of recording core and system hardware information. This includes the currently loaded core modules and the hard device information detected by the core. This record does not occupy the capacity of the hard disk Oh! |
2) The meaning and content of USR
According to the basic definition of FHS, the information placed in/USR is shareable and immutable (shareable,static).
Many readers will misunderstand/usr as the user's abbreviation, in fact, USR UNIX software resource abbreviation, that is, the [UNIX operating system software resources] placed directory, not the user's information! Pay attention to this. FHS recommends that all software developers should place their data reasonably in the sub-directory under this directory, rather than building the software's own separate directory.
Because all system software (software provided by distribution Publishers) is placed under/usr, this directory is somewhat similar to the Windows system's [C:\Windows\ (part of) +c:\program Files\] Complex of the two directories , this directory will take up the most hard drive capacity when the system has just been installed. In general, the sub-directories of/USR suggest the following:
Directory |
File contents should be placed |
Part I: FHS requirements must exist in the catalogue |
/usr/bin/ |
All the instructions that the general user can use are placed here! The new CentOS 7 now has all of the user instructions placed here, and the/bin is connected using a link! That is to say,/usr/bin and/bin are a model! In addition, FHS requirements in this catalogue should not have subdirectories! |
/usr/lib/ |
Basically, the/lib function is the same, so the/lib is connected to this catalogue! |
/usr/local/ |
The system administrator installed its own software (non-distribution), which is installed on the machine itself, and is designed to be installed in this catalogue, which is more manageable. For example, your distribution provides a newer version of the software and you want to install a new one, but you don't want to remove the old one, so you can install the new version of the software on the/usr/local/, and you can differentiate it from the original old version of the software! You can go to the/usr/local yourself to see, the record is also with bin, etc, include, Lib ... 's Sub-catalogue! |
/usr/sbin/ |
The system command required for non-system operation. The most common is the service instructions (daemon) of some Web server Software! The basic functions and/sbin are similar, so the current/sbin is connected to this record. |
/usr/share/ |
The main place is to read the structure of the information files, of course, including the sharing of documents. The information that is placed in this record is almost always readable by the hard structure, because it is almost a text file! " Here are some of the things you'll see in this catalogue:
- /usr/share/man: the online documentation
- /usr/share/doc: Software miscellaneous documents that explain
- /usr/share/zoneinfo: Time Zone Archives
|
Part Two: FHS suggested directories that can exist |
/usr/games/ |
The information that is relative to the game |
/usr/include/ |
The file header and the include file (include) of the C + + and other programming languages will be used when we install certain information in the Tarball Way (*.tar.gz), and we will use many of the files that are included in it! |
/usr/libexec/ |
Some of the files or script that are not used by ordinary users are placed in this catalogue. For example, most of the operation instructions under the X window are placed under this catalogue. |
/usr/lib<qual>/ |
Is the same as the/lib<qual>/function, so the current/lib<qual> is connected to this catalogue |
/usr/src/ |
General source code suggestions are placed here, SRC has the meaning of source. The core code is proposed to be placed under the/usr/src/linux/catalogue. |
3.2 Directory tree
The characteristics of the directory tree are:
- The starting point of the directory tree is the root directory (/,root);
- Each directory can not only use the local-side partition file system, but also use the filesystem on the network. For example, use the network File System (NFS) server to hang in a specific directory, and so on.
- Each file name (including the full path) in this directory tree is unique.
Notes File permissions and directory configuration for Linux