I. Interpretation of file permissions
As shown, the beginning of the-rwxrw-r--string identifies the file permissions.
This string has 10 bits, which can be divided into 4 segments to interpret. Note: r--readable, w--writable, x--executable.
The first paragraph (1th bit) indicates whether it is a directory or a file,-indicates a file, and D indicates a directory;
The second paragraph (第2-4位, a total of 3 strings) represents the permissions that the file's user has on it;
The third paragraph (第5-7位, a total of 3 strings) indicates the user's permission to the user group to which the file belongs;
The fourth paragraph (第8-10位, a total of 3 strings) represents the permissions that other users have on it;
Note: We use 3-bit 8 to represent the file permissions, r with 4 identification, W with 2 identification, X with 1 identification
The-rwxrw-r--can be represented in octal digits 764.
The horizontal line represents an empty license. R stands for read-only, W stands for write, and x stands for executable. Note there are 10 locations. The first character specifies the file type. In the usual sense, a directory is also a file. If the first character is a horizontal line, it represents a non-directory file. If it is D, the representation is a directory.
For example:
-Rwx rw-r--
Normal file file main group user other users
The first paragraph-indicates that hadoop-2.6.0.tar.gz is an ordinary file, and the second paragraph rwx indicates that the owner of the hadoop-2.6.0.tar.gz has read and write executable permission, and the third paragraph rw-indicates that the user with hadoop-2.6.0.tar.gz belongs to the same group has read and write permission; Fourth paragraph r--means Other users have read access only.
There are three different types of users who can access files or directories: The file owner, the same group of users, and other users. The owner is typically the creator of the file. The owner can allow the same group of users access to the file, as well as the access rights of the file to other users on the system. In this case, every user in the system can access the files or directories that the user owns.
Each file or directory has three groups of access rights, each group is represented by three bits, respectively, the read, write, and execute permissions of the file owner, the read, write, and execute permissions of the user belonging to the primary group, and the read, write, and execute permissions of other users in the system.
Second, the use of the CHMOD,CHOWN,CHGRP command
After determining the access rights of a file, users can use the chmod command provided by the Linux system to reset different access rights. You can also use the Chown command to change the owner of a file or directory. Use the CHGRP command to change the user group for a file or directory.
These commands are described separately below.
chmod Command
The chmod command is very important for changing the access rights of a file or directory. Users use it to control access to files or directories.
There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.
1. Text Setting method
chmod [who] [+ | - | =] [mode] filename?
The meanings of the options in the command are:
Action object who is either or a combination of the following letters:
U means "user", which is the owner of the file or directory.
G means "same group user", that is, all users who have the same group ID as the file owner.
O means "other (others) users".
A means "all users". It is the system default value.
The operation symbols can be:
+ Add a permission.
-Cancels a permission.
= gives the given permission and cancels all other permissions, if any.
Setting the permissions represented by mode can be any combination of the following letters:
R is readable.
W writable.
X executable.
x append the x attribute only if the destination file is executable to some users, or if the target file is a directory.
S is the owner of the file in which the owner or group ID of the process is placed when the file is executed. The way "U+s" sets the user ID bit of the file, "G+s" sets the group ID bit.
T save the program's text to the swap device.
You have the same permissions as the owner of the file.
G has the same permissions as a user with the same group as the file owner.
o have the same permissions as other users.
File name: A list of files separated by spaces to change permissions, and wildcard characters are supported.
Multiple permission methods can be given in one command line, separated by commas. Example: chmod g+r,o+r Example
Enables the same group and other users to have read access to the file example.
2. Digital Setting method
We must first understand the meaning of the attributes represented by numbers: 0 means no permissions, 1 means executable permissions, 2 is writable, 4 is read, and then it is added. So the format of the numeric attribute should be 3 octal numbers from 0 to 7, in the Order of (U) (g) (O).
For example, if you want the owner of a file to have "read/write" Two permissions, you need to have 4 (readable) +2 (writable) =6 (read/write).
The general form of the digital setting method is:
chmod [mode] file name?
Example:
(1) Text setting method:
Example 1:$ chmod a+x sort
The properties of the set file sort are:
File owner (u) Increased execution permissions
Increase execution rights with the owner of the file in the same group as the user (g)
Additional users (O) Increased execution permissions
Example 2:$ chmod ug+w,o-x text
The property of the set file text is:
File owner (u) Add Write permission
Add write permissions to the same group of users as the file owner (g)
Other users (O) Remove Execute permissions
Example 3:$ chmod u+s a.out
Assume that the permissions for a.out after executing chmod are (can be seen with the Ls–l a.out command):
–rws--x--x 1 inin users 7192 Nov 4 14:22 a.out
And this execution file to use a text file shiyan1.c, its file access permission is "–RW-------", that is, the file only its owner has read and write permissions.
When other users execute a.out this program, his identity is temporarily inin because of this program (because the chmod command uses the S option), so he can read shiyan1.c this file (although this file is set to other people do not have any permissions), this is the function of S.
Therefore, in the whole system, especially the root itself, it is best not to set too much of this type of file (unless necessary) to ensure the security of the system, to avoid the bug of some programs to make the system compromised.
Example 4:$ chmod a–x mm.txt
$ chmod–x Mm.txt
$ chmod ugo–x Mm.txt
All of the above three commands delete the execution permission of the file Mm.txt, and it sets the object to be all the users.
(2) Digital setting Method:
Example 1: $ chmod 644 Mm.txt
$ ls–l
The properties of the set file Mm.txt are:
-rw-r--r--1 Inin users 1155 Nov 5 11:22 Mm.txt
File owner (U) inin has read and write permissions
User with file owner (g) has Read access
Other people (O) have read access
Example 2: $ chmod wch.txt
$ ls–l
-rwxr-x---1 inin users 44137 Nov 9:22 wchtxt
That is, set wchtxt the properties of this file are:
File owner (U) inin readable/writable/executable rights
(g) readable/enforceable rights with the main group of files
Other people (O) do not have any permissions
Chown command
Function: Change a file or directory's owner and owner group. This command is also very common. For example, the root user copies a file of his own to the user Xu, in order for the user Xu to access the file, the root user should be the owner of the file to Xu, otherwise, the user Xu cannot access the file.
Syntax: chown [options] User or group file
Description: Chown changes the owner of the specified file to the specified user or group. The user can be either a user name or a user ID. A group can be either a group name or a group ID. The file is a space-separated list of files to change permissions, and wildcard characters are supported.
The options for this command have the following meanings:
-R recursively changes the owner of the specified directory and all subdirectories and files under it.
-V shows the work done by the Chown command.
Example 1: Change the owner of the file shiyan.c to Wang.
$ chown Wang Shiyan.c
Example 2: Change the owner of the directory/his and all files and subdirectories under it to Wang, and change the group to users.
$ chown-r Wang.users/his
CHGRP command
Function: Change the group to which the file or directory belongs.
Syntax: CHGRP [options] group filename?
This command changes the user group to which the specified file belongs. Where group can be the user group ID or the group name of the user group in the/etc/group file. The file name is separated by a space to change the list of files belonging to the group, support wildcard characters. If the user is not the owner or superuser of the file, you cannot change the group of the file.
The options for the command mean:
-R recursively changes the genus of the specified directory and all subdirectories and files under it.
Example 1:$ chgrp-r Book/opt/local/book
Change the genus of all files under/opt/local/book/and its subdirectories as book.
Readable, writable, executable permission interpretation and usage of CHMOD,CHOWN,CHGRP commands for Linux files