Users and their rights management

Source: Internet
Author: User

I. Classification of users and users

(a) the user

For a computer, each consumer is a user, and the computer provides each consumer with a unique identity, which is the user's ID (UID). Each user will have their own user name and corresponding password, which can be used to make a comparison with the information base on the system to achieve the authentication mechanism.

(ii) categories of users

1. Administrator (uid:0)

The administrator, root, has the maximum permissions to manage all resources.

2. Ordinary Users

(1) System User (uid:1-499 (CentOS6), 1-999 (CentOS7))

This type of user never needs to log on to the system in order to enable a background process or service class process to run as a non-administrator.

(2) login user (uid:500-60000 (CentOS6), 1000-60000 (CentOS7))

This type of user needs to log on to the system every time, and the permissions are not as large as the root user.



II. Authority and Authority management

(a) authority:

1. The so-called permission is the use of the resource specified by the user before the resource is used, and is not eligible to use the resource within the scope of the resource being used.

2. User's privileges:

(1) r:readable, read access

(2) w:writeable, write permission

(3) x:excuteable, execute permissions

3. The meaning of the permissions for the file:

(1) R: Can obtain the data of the file;

(2) W: can modify the data of the file;

(3) x: This file can be run as a process.

4. The meaning of permissions for the directory:

(1) r: You can use the LS command to get a list of all the files under it, but do not use the ls-l command;

(2) W: can modify the list of files in this directory, that is, create or delete files;

(3) x: You can switch to this directory, and you can use Ls-l to get more information from the directory list.

5. Permission Model:

(1) model, MODE:RWXRWXRWX

(2) Affiliation, Ownership:user,group

6. User privilege combination mechanism:     


User Rights Binary representation Octal representation
--- 000 0
--x 001 1
-w- 010 2
-wx 011 3
r-- 100 4
R-x 101 5
rw- 110 6
Rwx 111 7

(ii 650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/ U261/lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/> "Rights Management commands

1.chmod: Permission to change files

U: Owner, which user the file belongs to

G: Genus Group, which group the file belongs to

O: Others, other users

A: all, all users

(1)

Empowerment notation: Direct manipulation of a class of user's ownership limit rwx, you can specify more than one at a time, each separated by commas.

# chmod u=rwx FILENAME

# chmod u=rwx,g=rwx FILENAME

# chmod ug=rwx FILENAME

Authorization notation: A permission bit that operates directly on a class of users, and only one permission bit can be specified at a time.

# chmod u+w FILENAME

# chmod ug+w FILENAME

(2)

In octal format, the full three-bit octal number must be written, otherwise the permissions of the successful file will not be modified.

# chmod 660 FILENAME

(3)

Refer to the permissions of a file, modify the permissions of the file to be modified to the reference file permissions, which is called as reference modification.

# chmod--reference=rfile FILENAME

Common options:-R, recursive modification, recommended authorization and empowerment notation, and several others that are not recommended for use.

Note : Users can only modify permissions for those files that belong to the group's own files.

2.umask: The file's permission reverse mask, also known as mask Code, the default mask code is 022.

(1) Mask for file: 666-umask
(2) Mask for directory: 777-umask

(3) view current umask:# umask

(4) setting Umask:# umask MASK

Note : The file with 666 minus the mask code, that is, the file does not have the default execution permissions, if the result of the reduction has EXECUTE permission to add 1, but such settings are only valid for the current shell process.





















This article is from the "Blankmanba" blog, make sure to keep this source http://shuanglong.blog.51cto.com/10743732/1722637

Users and their rights management

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.