Summary of common commands related to Linux users and permissions

This article mainly introduces Linux users and common commands related to permissions, such as viewing identities, changing passwords, changing permissions, and switching users. For more information, see

1. View identity
Id: Display user identity.
The output of this command displays uid, gid, and user group.
Uid is the user ID, which is assigned when the account is created.
Gid is the primary group ID. Of course, this user can also belong to more groups.
User account information is defined in the/etc/passwd file, and group information is defined in the/etc/group file.

II. chmod
Command name: chmod
Command: change the permissions mode of a file
Command path:/bin/chmod
Syntax: chmod [{ugo} {+-=}{ rwx}] [file or directory] [mode = 421] [file or directory]
Function description: change the file or directory permissions.

User type:
U: user, actually the owner
G: group
O: others of others
A: all owner, that is, the ugo combination. if the user type is not specified, the default value is all.
+ Add permissions.-remove permissions. = grant permissions directly.
R is readable, w is writable, and x is executable.

It has different meanings for files and folders. for example, if a file named doc is added to the owner with the wx permission: chmod u + wx doc

3. use numbers to indicate permissions
　　
Copy codeCode: R-4
W-2
X-1

Add the permission numbers of each group as the permissions of the entire group, for example:
Rwx is 7, r-x is 5, r -- is 4
Then rwxr-xr -- can be expressed as 754
Commonly used numbers: 7 (rwx), 6 (rw-), 5 (r-x), 4 (r --), 0 (---)

IV. umask command
Umask command: displays and sets the default permissions of files.
Umask command syntax: umask [-S]
-S: displays the default permissions of new files or directories in the form of rwx.
Run umask:
Show 0022
First 0: special permission bit
022 user permission bit, permission mask value.
You must subtract 777 from 022 to get 755. The three numbers indicate the permissions of ugo (user, group, others.
Umask-S:
U = rwx, g = rx, o = rx
Linux permission rules:
The file created by default cannot be granted the executable x permission, which is for the sake of security and cannot be executed by default.
You can use umask to change the default permission and use umask to add a mask value.
For example, if you want to change the permission to 750, you must use the 777 minus 750 and umask 027 commands.
5. change the identity Changing Identities
In Linux, you can change your current identity in three ways:
1. log out and log in with another account (... Orz ...).
2. run the su command.
3. use the sudo command.

A: su
Su: Run a Shell with Substitute User and Group IDs.
Su [-[l] [user]
If the-l option is used (often abbreviated as-), the result is a login shell.
This means that the user's environment will be loaded, and the current working path will be changed to the user's home path. If no user is specified, the default value is superuser.
After executing the su-command, you need to enter the superuser password. after successful input, a new shell is started and the command prompt will be changed to # (previously $ ), and the current working directory is changed to the home directory (/root) of superuser. if you want to exit after the end, enter exit and return to the previous shell.
You can also directly execute a command:
　　
Copy codeThe code is as follows: su-c 'command'
You need to put the command in quotation marks for distinction.

B: sudo
Sudo: Execute a Command as Another User.
Similar to su, sudo has some additional attributes. the administrator can configure sudo to allow common users to execute commands in different identities under good control.
A user may be restricted to some specific commands and cannot execute other commands.
Another difference is that sudo does not need to know the superuser password. it only needs to know the password of the current user. after the password is entered, the authentication is completed. sudo does not create a new shell or load the environment of another user, the command does not need to be enclosed in quotation marks. This behavior can be overwritten by various options, and the man page of sudo can be viewed.
Sudo-l can view the permissions granted by sudo.
 
6. change owner and group
Change owner: chown
Command: change file ownership
Syntax: chown [user] [file or directory]
Function: change the owner of a file or directory.
　　
Change Group: chgrp
Command: change file group ownership
Syntax: chown [user group] [file or directory]
Function: change the group of a file or directory.
The chown command can also be used to change the group.
　　
Copy codeThe code is as follows: chown [owner] [: [group] file...
7. change the password
Passwd [user]
Enter the old password when resetting the password.
If you have superuser permissions, you can set passwords for other users.
For other options, you can set account locking and Password Expiration. for details, you can view the man page of passwd.