Permissions for Linux files

Source: Internet
Author: User

Oneview of file propertieswith the above describedls–lYou can view the file's property information,Ls–ldYou can view the property information for a directory

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9C/43/wKioL1luCSXSy06WAACDQ5SOO3I281.png "title=" 1.png "alt=" Wkiol1lucsxsy06waacdq5soo3i281.png "/>

1. File Type

-# Normal file

D # Directory

C # character device

S # Sockets

P # Pipe

B # block device

L # Connection

2, owner, group, other user's rights

- # represents a permission to change a file or directory missing

R # Read permission to change files

# Read permission to change directory

W # Write permission to change files

# There is a permission to add delete to the directory

X # Execute right for files that perform the actions described in their files

# have access to the catalogue

3 . Meaning of "1"

to file: The number of times a file's contents have been recorded

to Directory: The number of bytes of the file attribute in the directory

4 . The first root means

The owner of the file

5 . The second root means

change the group to which the file is owned

6, the meaning of Ten

the size of the file contents

7, Jul 18 20:56

time the file was last modified

8, Feitian

the name of the file

Twoadministration of the file owner, the owning group   

1. Chown Command

1"He can modify the owner of the user

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9C/5B/wKiom1lvQ4ny7tDfAAAgV4nEKOA787.png "title=" 2.png "alt=" Wkiom1lvq4ny7tdfaaagv4nekoa787.png "/>

2He can simultaneously modify the user's owning group and its owner

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9C/5B/wKioL1lvQ7jRURpNAAApDRuTTdk558.png "title=" 3.png "alt=" Wkiol1lvq7jrurpnaaapdruttdk558.png "/>

3He can only modify the group

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9C/5B/wKioL1lvQ9qBaFkJAAAgTpz_d6k102.png "title=" 4.png "alt=" Wkiol1lvq9qbafkjaaagtpz_d6k102.png "/>

so the basic CHGRP command is not available .

1. chmod Command

1the way to modify the characters

chmod U+r|w|x|file # indicates that the owner of the file is added to read or write or to perform file permissions

chmod u-r|w|x| File # represents the deletion of files that the owner reads or writes or executes.

chmod G+r|w|x/file # indicates that the group to which the file belongs is added read or added permission to delete or to enter file directory

chmod G-r|w|x/file # indicates that the deleted file belongs to the group read or delete the permission to add a or enter the file directory

chmod U+rw,g+rwfile # indicates to the owner of the file to increase read and write permissions to the group to which the file belongs

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9C/5B/wKiom1lvRGqx-jBEAAAimiFMRis983.png "title=" 5.png "alt=" Wkiom1lvrgqx-jbeaaaimifmris983.png "/>

2. Modify the permissions of a file in a digital way

X # is equivalent to x, which has a value of 1

W # is equivalent to write, it has a value of 2

R # equivalent to read, with a value of 4

RWX------>7

RW------>6

RX------>5

R------>4

W------>2

x------>1

chmod 777 File # indicates that the owner of the modified files, the group to which it belongs, and other users have read and write permissions to the file

chmod 777/file # indicates that the owner of the directory is modified, the group to which it belongs, and that other users have read more permission to delete and access the directory

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9C/5B/wKiom1lvRP7QWQayAAAfeScj7Mk710.png "title=" 6.png "alt=" Wkiom1lvrp7qwqayaaafescj7mk710.png "/>

use grep to filter out the total number of files displayed for easy viewing

1. Chgrp Command

CHGRP Linux File # modifies the group to which the files belong to Linux

ThreeModify permissions for directories and files created by default on the system

1 . File and directory default permissions determination

1default permissions of File

666 minus The value of umask # Note: If the value of Umask is greater than 666, the permission for that location is 0

2default permissions for catalog files

777 minus the value of umask

2. Modify the umask value

1Temporary modification of umask value

umask+ the umask value you want to modify

2"permanently fix the umask value

modifying The value of umask in /etc/profile

If [$UID-gt 199] && ["' id-gn '" = "' Id-un '"]; Then

Umask 002 # # Ordinary user Umask

All else

Umask 077 # # Super User Umask

Modify The umask value in /ETC/BASHRC

If [$UID-gt 199] && ["' id-gn '" = "' Id-un '"]; Then

Umask 002 # # Ordinary user Umask

All else

Umask 077 # # Super User Umask

Note: The umask values of the above two files must be consistent, and errors may occur if different. After modifying the above file, use "." or "source" executes the source file to let the system reload the contents

Fouraccess control for files

1. ACL definition

ACL = AccessControl, specifying special-time users have specific rights to files

2, command setfacl,getfacl

1 " Getfacl

Gerfacl +/file A special list of rights to view the directory

2"Setfacl

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9C/5B/wKioL1lvRzmxpJ1VAAA-QIbdk4U060.png "title=" 8.png "alt=" Wkiol1lvrzmxpj1vaaa-qibdk4u060.png "/>

getfacl/westos/

#file: westos/# # file name

#owner: Root # # file owner

#group: Root # # file All groups

USER::RWX # # Owner Permissions

USER:STUDENT:RWX # # Special User Rights

Group::---# # groups Permissions

MASK::RWX # # permission mask, maximum permissions for a file

Other::---# # other people permissions

Note:The value of mask is less than the permissions that the user ls sees,ls-l can see the permission is false, the maximum is the mask permission.

parameters of the Getfacl

-M # Add special permission lists for directories or files

Setfacl-m <u|g>:<usrname|groupname>:< Permissions > files or directories

-X # Deletes a list of special permissions for a directory or file

Setfacl-x <u|g>:<usrname|groupname> files or directories

-B # special permission list to close files or directories

Setfacl-b file or directory       

FiveSpecial Permissions

1. Suid # #冒险位

1 "for directories: only for binary executables, the files that are recorded within the process are the owner of the file owner and the process initiator, regardless of the identity of the person who created the file.

2"to file: Execute the action of the file as the owner

Setting Mode: His value suid=4, he is the umask value 0422 in 4

Chmodu+s file

Chmod4xxx file

2.sgid # # adventure for bit,s permission

1"to file: only for binary executables, anyone running a binary program when the program produces the process of all groups is not the identity of all the groups of the file and the program initiator group

2for directory: All groups of all files created in the directory after the directory has sgid permissions

are automatically attributed to all groups in the directory, regardless of the group that the file creator resides in

Setting Mode: Its value sgid=2, he is the value of umask 2

Chmodg+s File|dir

Chmod2xxx File|dir

3.sticky## Sticky bits

only for Directories , when a directory has t permissions, then the files in the directory can only be deleted by the owner of the file

Set Mode: Its value is Sticky=1, and he umask 1 of the value of

Chmodo+t Direcotry

chmod 1xxx Direcotry



















This article is from the "13122323" blog, please be sure to keep this source http://13132323.blog.51cto.com/13122323/1949078

Permissions for Linux files

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.