In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/03 Report--
Attributes and permissions of Linux users and groups
The structure of this chapter
1. Overview of user accounts and group accounts
two。 User account and group account management
3. Query account information
4. View the properties of a directory or file
5. Set permissions for a directory or file
6. Set the attribution of a directory or file
Preface
Everything is a file in linux (folders and hardware devices are special files), and try to use text files if possible. Text files are documents that people and machines can understand, and they also become the best way for people and machines to communicate. Since all configuration files are text, you only need the simplest editor to modify them. Because it is so easy to modify text files, the Linux system itself must be standardized. This leads to the concepts of users (groups) and permissions. The introduction of these two concepts ensures the security of Linux perfectly without adding complexity. Because everything is a file. So Linux introduces three files to manage users (groups), / etc/passwd stores user information, / etc/shadow stores user password information, / etc/group stores group information, and then adds the relationship information between users and files in the header of each file in the file system.
I. View the information of users and groups
1. Users: under Linux, users are divided into three categories: superusers (root), ordinary users and program users.
Super user: UID=0
Program user: Rhel5/6,UID=1-499; Rhel7,UID=1-999
Ordinary users: Rhel5/6,UID=500-65535; Rhel7,UID=1000-60000
There is only one superuser, and it cannot be replaced!
Anonymous user (nobody): the one with the least privileges among ordinary users
two。 Groups: a collection of user permissions is called a group
Private group: created with the creation of the user, with the same name as the user
Common group: the additional group creates an empty group directly. You can add existing users and set permissions to the group. All users in this group have this permission.
3.UID and GID: identification numbers of users and groups, with uniqueness
4. User account file / etc/passwd: save basic information such as user name, host directory, login shell, etc.
User account file / etc/shadow: save the user's password, account validity and other information
Add user account useradd
-u: specify UID
-d: create a home directory to specify a location
-e: specify failure time
-g: specify the basic group
-G: specify a common group
-M: do not create a home directory
-s: specifies that you can log in from a shell terminal
Users cannot log in directly and be switched to login in sbin/nologin status
Users cannot log in directly when they are locked out. You can switch logins from root users.
Passwd command
-l: lock the account
-u: unlock the account
-d: clear the account
-S: check whether the account is locked
If you do not specify a user name, it is the password of the current account!
Usermod modifies the attributes of a user account
-u: specify UID
-d: create a home directory to specify a location
-e: specify failure time
-g: specify the basic group
-G: specify a common group
-M: do not create a home directory
-s: specifies that you can log in from a shell terminal
-L: lock
-U: unlock
Userdel deletes a user account
-r delete the user's host directory as well
The initial configuration file of the user account
When creating a new account, copy it from the / etc/skel directory
Primary user initial profile
~ / .bash_prolile
~ / .bashrc
~ / .bash_logout
Hide Fil
The profile environment variable is loaded when it enters bash.
Bashrc will be loaded without entering bash
Group account file
/ etc/group: save the basic information of group account
/ etc/gshadow: save the password information of the group account
Groupadd: add a group account
Gpasswd: add and remove group members command
Gpasswd-a: add a user to the group
Gpasswd-d: removes a user from the group
Gpasswd-M: defines a list of members within a group, separated by commas
Groupdel: delete group account
Query account information
Groups queries the group to which the user belongs
Id queries user identity
W, who, user commands: query the information of users logged in to the host
II. Authority and attribution of files and directories
1. Access permission
1) read r: allow you to view file contents and display directory lists
2) write w: allows you to modify the contents of the file and to create, move or delete files or subdirectories in the directory
3) Executable x: allows you to run programs and change directories
two。 Ownership (ownership)
1) owner: a user account with a modified file or directory
2) Group: the group account that owns the file or directory
-rwxr-xr-x. 1 root root 5343 August 2 2017 znew
Data file
D directory
L connection file
C device file (character)
B block device file
Rwx RMIX RMIX permissions
Rwx belongs to primary permissions (can read, write and execute)
Rmurx belongs to the group permission (can read or write can be executed)
RMurx owner permission other other (can read or write can be executed)
Root owner
Root genus group
5343 size units: bytes
August 2 2017 creation time
Ordinary data files cannot be executed, the highest permission is 666, the highest permission of the folder is 777
Set permissions for files and directories chmod
Chmod command
Chmod [ugoa] [+-=] [rwx] file or directory or chmod nnn file or directory
U, g, o, a represent owner, group, other users and all users, respectively.
+, -, and = indicate how to home, remove, and set permissions, respectively.
Nnn represents a 3-digit octal number
Common option
-R: recursively modify the permissions of all subitems under the specified directory
Set the home chown of files and directories
Chown command
Chown command
Chown master file or directory
Chown: a group file or directory
Chown owner: group file or directory or chown owner. Group file or directory
Common option
-R: recursively modify the attribution of all files and subdirectories under the specified directory
Permission mask umask
Umask action
Control permissions for newly created files or directories
The default permission removes the permission of umask to the permission of the newly created file or directory
Umask setting: umask 022
Umask View: umask
Example
Set umask to 000, create a new directory or file, and view permissions
Set umask to 022, create a new directory or file, and then check the permissions
Summary
Linux user and group permissions to manage, the content is not much, but there are a few new commands that we need to remember. It is important to note that when you use the gpasswd-M command to add users to a group, it will overwrite the users in the original group, so it is best to use this command under an empty group. Generally, we use gpasswd-a to add users one by one to avoid some unnecessary trouble. The second point is to pay attention to the use of chomd nnn in the permissions and attribution of files and directories.
Set permissions for users and groups in an easy way.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.