It's csdn the pit today! Last night I wrote a blog, saved to the online draft! But today, open the blog, drafts can not be found in the article, published articles can not be found! As a specialized research technology website, incredibly still will appear in the technical this kind of problem, this is clearly in the face that is beating oneself!
Complain not to say more, now have to reinvent, consider yourself unlucky. In order to start with the file Rights Management, and so on that day to have the energy and then the missing part of the content to fill.
Default permissions and hidden permissions for files/directories
In the previous several blogs for also has mentioned, the file/directory basic permission has rwx, then in addition to these three basic permissions, the Linux uses the Ext2/ext3 file system also has the file/directory the hidden permission. The hidden permissions can be set using chattr and lsattr to view. The most important feature of hidden permissions is that it can be set so that the file owner cannot modify it, which is critical for system security.
Default permissions for Files Umask
As we all know, when a file is created without specifying a specific permission, the system assigns it a default permission, which is umask.
//我们可以使用umask命令来查看默认权限umask0022
Directly input umask without any parameters, we will get 0022 of these four numbers. First number we don't care, the back three number 022 is the default permissions of the file system!
Here's a note, 022 means that the file/directory is denied permissions based on the default permissions, besides, the default permissions for files and directories are different, the default permissions for files are RW-RW-RW, and the default permissions for directories are rwxrwxrwx; So when we create a file, Then the default permissions of the file are: (RW-RW-RW)-(--w–w-) = (rw-r–r–);
The default permissions for the directory are: (RWXRWXRWX)-(--w–w-) = (rwxr-xr-x).
Umask In addition to the above-mentioned numerical representations, there are also character representations:
//只要增加参数-S,即可以字符表示-Su=rwx,g=rx,o=rx
umask002 //这样即可修改umask值
PS: Different user identity corresponding to the default Umask value is not the same! Root default umask is 022, that is, Root umask will take away more permissions, this is due to security considerations; The default hungry umask value for normal users is 002, which preserves the user's read/write rights to the file/directory.
For umask settings, you can view ETC/BASHRC this file, but do not modify the value in this.
Hidden properties of the file
- Sets the hidden properties of a file chattr
chattr [+-=] [option] 文件/目录
The following parameters refer to the hidden properties of the file:
A |
after a is set, when the file/directory is accessed, its atime will not be changed, which will prevent the IO slow machine from accessing the disk frequently, which is very helpful for the slow computer | .
S |
General files are written asynchronously to disk, and the file is written synchronously to disk after setting s |
A |
Can only add data, cannot delete and modify data, this parameter function root setting |
C |
After setting this parameter, the file will be compressed automatically and will be extracted automatically when it is read. |
I |
After setting it, the file cannot be deleted, renamed, set to connect, unable to write data, is helpful for file security, but only root can use it |
S |
After setting it, if once the file is deleted, it will be permanently deleted from the hard disk |
U |
After setting it, if the file is deleted, in fact it is still on the disk, can retrieve the file |
Ps:a and I are more common, and they all need root privileges.
Example 1:
//取消文件chai的隐藏属性i-i /chai
Example 2:
//给文件chai增加隐藏属性ichattr +i /chai
PS: The common hidden property is a, i,a can only increase the data, I is nothing to allow dry. Just like a log file, its hidden property is a, which can only add data, cannot modify the original data, and cannot delete or modify the file name.
- Show file Hidden Properties lsattr
lsattr [option] 文件/目录
a |
after setting it, the hidden properties of hidden files can also be displayed | .
D |
It must be followed by a directory that shows only the hidden properties of the directory itself, not the hidden properties of the files and directories in the directory |
R |
The following directories, along with the hidden properties of subdirectories, are displayed |
View types of files: file
When we want to see what type of data a file is made of, such as whether the file is an ASCII file, a data file, or a binary file, you can view it using the file command.
输入:file /chai显示:Ascii、data……
command-and-file queries
- Query for script files
which [-A] command name
-A: Lists all eligible commands under all path paths, not just the first one found.
Example:
ipconfig
PS: Because of different user identity path is not the same, so which get the result is not the same.
- Looking for the specified file Whereis
In general, we do not use Find for file lookup, because the speed is very slow, generally used locate and whereis to find, because locate and Whereis is the database query, and do not query the hard disk, so the speed is relatively fast, and find is to query the hard disk.
whereis [option] 文件/目录-b:只找二进制文件-m:只找在说明文件manual中出现的文件-s:只找源文件source-u:查找不在上述三个选项中的其他文件
The general user of Ps:which cannot find the ipconfig directive, because which is only found in path, and Whereis is found throughout the file system, although the general user does not have ipconfig access, but this file does exist in the file system. So Whereis can find it.
Ps:linux will record all the files in a database table, then use Whereis and locate to find the file is found in this table, and sometimes because this table update is slow, you may find the deleted files, you may not find the most recently created files.
locate [option] 关键字-i:忽略关键字大小写-r:关键字可以用正则表达式代替
Locate and Whereis, are to find the database, and this database is usually only updated once a day, so we can not find the file using the UpdateDB command to update the database, this update may have to wait a few minutes.
find [PATH] [option] [action]//PATH表示在哪个目录下寻找//newer file中file是一个文件,表示寻找比这个文件更新的文件option+action的第一种取值:option=mtime/ctime/atimeaction=n/+n/-n/newer file//n是一个数字,若n为4表示:往前推第四到第五天的那一天;若n为+4表示:往前推第五天到很久以前;若n为-4表示往前推第四天到今天。option与action的第二种取值:gid/uid = 用户/用户组的id号user/group 用户/用户组的名字nouser:寻找在文件etc/passwd中不存在的用户nogroup:寻找在etc/group中不存在的用户组//PS:若一个文件从网上下载来,或者etc/passwd下把一个用户删了,这时候才会出现无主的文件,才可能使用到最后两个参数option与action的第三种取值:name 文件名:根据文件名查找size [+-] SIZE:查找比SIZE大/小的文件type TYPENAME:查找文件类型是TYPE的文件,文件类型有:f(普通文件)\b\c\s\d\l\p
The default permissions and find commands for Linux files are detailed