Shulou(Shulou.com)05/31 Report--

This article mainly explains "what is the authority of linux". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is the authority of linux".

When we use Linux, we will more or less encounter some problems about users and groups, such as the most common error prompt when you want to execute an instruction under a certain path.

Permission denied

Anyway, I have a good chance to see that this error is when using FTP to transfer files, and the transfer percentage is still zero after waiting for a long time. Am I saying that the network is so slow? Why isn't it transmitted? In fact, I do not know, this is due to the issue of authority.

My general fix is to grant 777 permissions directly, or to log in directly using the su administrator.

You may not know what I am talking about, and some bosses may think that my way is too low. In any case, when you encounter this problem, you do not have enough authority. Why? Next we need to get to know the users and groups in Linux.

Users and groups

In Linux, file owners are divided into three categories, namely, file owners, groups, and others. The following three concepts are explained here.

File owner

Linux is a multi-user and multi-tasking system. Multi-user means whether the files created by some users are visible to other users. This is not only a visibility issue, but also a privacy issue. In order to take into account everyone's privacy, Linux designed the role of the file owner. If you have some information and files that are more private, you can set the file to "only I can see it", which is the role of the file owner.

Group

The concept of group is used in team development, and it is more useful to set permissions for the project. for example, if you work in the outsourcing department of a bank, you and other outsourcing departments work for a bank, and all outsourcing groups use a server, which will involve the issue of group permissions. Projects developed by your outsourcing department do not want other outsourcing departments to see. The project is set up to be visible in groups. But the bank is in charge, and all banks have the right to view all your outsourcing department projects, so you also need to set up bank authority.

Other people belong.

Other people are relative to the group, and others are outside the group and do not have permission to view files within the group.

In addition to the above three concepts, there is also a boss with the highest authority level, which is root, and this root permission is the highest.

Linux file permissions

After talking about the concepts of users and groups above, let's talk about how to set file permissions, which is important because it is the key to solving the permission denied problem.

Permission attribute

First log in to the Linux system, use su-you can switch to root identity, and then execute ls-al to see the following

There are seven columns, which are shown in the following figure.

You can use root directly when learning, because subsequent instructions such as chgrp,chown need to be handled by root, but it is strongly recommended not to use root permissions at work.

Use exit to exit your root identity.

In the above instruction, ls means list, that is, listing, while the option-al indicates the detailed permissions and attributes of the file.

Permissions. The first column represents permissions. Permissions are represented by a total of 10 characters. Let's take home permissions as an example to enumerate the meaning of each character.

The first character represents the file type, there are many file types, generally [d] represents the directory, you can use the cd command to enter this directory. You can see that almost everything in the picture is a directory.

If it's [-], it means a file, if it's [l], it's a linked file, if it's [b], it's a randomly accessible device in the device file, and if it's [c], it's an one-time read device (keyboard, mouse) in the device file.

The next nine characters are divided into three groups, a group of three, and other owner permissions, respectively. The permissions in each group are a combination of three rwx. [r] means readable, [w] means writable, and [x] indicates executable. It should be noted here that if there is no permission, it will become a-sign.

Link, this column indicates how many file names are linked to this node (i-node), and each file records its permissions and attributes to the i-node of the file system. However, the directory tree we use uses file names to record, so each file name is associated with an i-node, so this attribute records how many files are linked to the same i-node.

What is i-node?

The description of i-node is very similar to the Socket,Socket we talked about before, which is a quad, and sometimes the protocol type is changed into a quintuple. If you are not sure what I am talking about, you can take a look at my article that this is Socket!

We know that the smallest storage unit of a disk is the sector. when the operating system reads sectors, it will not read sector after sector, because the efficiency is too low, but read in blocks, which is composed of multiple sectors.

The data in the file is stored in the sector, but we do not know which piece of data we need. In order to store some meta-information of the file, such as the creator of the file, the creation date, and the size of the file, the developer proposed i-node, that is, the Inode. Generally speaking, i-node has the following content

We will talk about i-node later.

Then the third column shows the owner of the file, and as you can see from the figure, most of the files are owned by root users.

The fourth column indicates the group to which the file belongs. Under Linux, the account you log in will be added to one or more all groups, and this column indicates the corresponding group permissions.

The fifth column represents the file size, and the default unit is bytes (Bytes).

The sixth column is the date when the file was created and the date last modified. As you can see from the figure, this date format may not be what we want. If you want to display the full date format, you can use ls-l-full-time, including year, month, day, and time.

If you want to change the default language of the system to English, you can modify the system configuration file / etc/locale.conf. First of all, we can see which languages the system supports.

Modify the default language, enter

Vi / etc/profile

Enter at the end of the document

Export LANG= "en_US.UTF-8"

You can switch to English. If you want to use Chinese, you can type

Export LANG= "zh_CN.GB18030"

Then use esc +: wq to save, and then use

Source / etc/profile

You can complete the setup.

The seventh column is the file name, and there is a special file name that indicates a hidden file if there is one more file name before it. Which means hiding the file

The importance of authority

Provide system protection: non-authorized users cannot manipulate functions and data with certain permissions.

Suitable for team development and data sharing: all team members and individuals can share projects.

If you do not set the system permissions properly, it may cause some leaks or other consequences that can not be ignored, so the permission issue should be paid attention to. Let's talk about how to set the system permissions.

Change system permissions and properties

Now that we know the importance of file permissions to the security of a system, let's talk about how to modify file permissions. Common instructions for modifying file permissions are

Chgrp: change the group to which the file belongs

Chown: change the file owner

Chmod: change file permissions

Chgrp

Chgrp is the abbreviation of change group. I think Linus uses abbreviations to the extreme, which may be the reason why we are so popular with abbreviations now. Chgrp can change file groups, but to change groups, the name of the group to be changed must exist in the / etc/group file, otherwise an error will be displayed.

Chown

Since chgrp can change the file group, chown can change the file owner, and it is also important to note that the file owner must be an account that exists in the system, that is, the user name recorded in the / etc/passwd file. In addition, chown can modify the group name directly.

Chmod

The chmod directive is used to change file permissions, but there are two ways to set permissions. You can use numbers or symbols to change permissions.

Use numbers to change file permissions

There are nine basic permissions for Linux files, which are owner/group/others three identities plus their own read/write/execute permissions. These nine permissions are grouped into three, and we can use numbers to represent each permission.

Generally, r means 4 + 2 + 1 = 1, and the permissions of each identity need to be accumulated. For example, rwx means 4 + 2 + 1 = 7. For example, our most common chmod 777 means giving all permissions, that is, anyone can read / write / execute, so this kind of file also has great security problems. Using numbers to change file permissions is one of our most common ways.

Use symbols to change file permissions

Nine kinds of file permissions correspond to: (1) user (2) group (3) others, so we can represent the permissions of the three identities by umemery. In addition, a stands for the full identity of all.

For example, if we want to set permissions for-rwxr-xr-x, then the command we use should be

Chmod uprirwx.goblrx .filename

If we want to increase write access to everyone, we can do this.

Chmod axiw.filename

If we want to remove write permissions for everyone, we can write instructions like this.

Chmod a murw. Filename

We have listed three instructions above, namely, the =, +,-sign, the sign means to assign the specified permission, the sign means to increase the permission, and the sign means to remove some permissions. In the state of + and -, as long as the item of the instruction is not found, then the permission will not change.

Linux directory and file permissions

What we are talking about above is file permissions, which are places to hold data, including general text files, database files, binary files, and so on. The significance of permissions to files is

R (read): you can read the actual contents of a file, such as the text contents of a text file

W (write): you can add, edit or modify the contents of a file (excluding deleting files)

X (execute): enables the file to be executed by the file system.

Windows the next factor to determine whether the file can be executed is to look at the file extension, such as .exe, .bat, .com, etc., but in Linux, to determine whether the file has executable permissions is to directly determine whether the file has x permissions, regardless of the file name.

But in Linux, not only files have permissions, but directories also have permissions. Files are the place where the actual data is stored, and directories are a list of the locations where files are located. Only through directories can we find out where to put files! Permissions also represent different concepts for different directories.

R (read contents in directory): indicates that you have permission to read a list of directory structures, so if you have permission to read a directory, it means you can query the files in the directory, so you can use ls to display the contents of the directory.

W (modify contents of directory): write permission indicates that you have the ability to modify the file directory and the files in the directory, including

Delete existing files and directories.

Create new files and directories.

Rename an existing file or directory.

Move files and directory locations within the directory.

X (access directory): what is the use of this executive permission? Can't the directory also be executed? In fact, this is not the case, the execution permission indicates whether you have permission to enter the specified directory, that is, cd (change directory).

Linux file type and extension

You must have heard the saying: any device is a file under Linux, but there are many kinds of files, including the following file types in addition to the general file (-) and directory file (d) introduced above.

Regular file (regular file): a regular file is the attribute that we display using ls-al, which is the first character we listed above

File types can be divided into

Plain text file (ASCII), which is the most common file type in Linux system, plain text file is the data that we can see directly, you can use cat to see this part of the content directly. For example, our most commonly used file, ens33, which sets Linux static ip, can use the cat command to output.

Cat ifcfg-ens33

Binaries, in Linux, viewing binaries can be formatted using xxd or od

Data format file, data file read directly by cat will show garbled code, but it can be output through last instruction

Directory, directory has nothing to say, but represents a list of files, and the representation of the directory is [d], that is, directory.

Linked file (link), a linked file is a type of file that needs to be linked to these linked files when some programs are executed.

Devices and device files (device), there are two types of devices under Linux, block devices and character devices:

A block device is a device that can store fixed-size block information, which supports reading and (optional) writing data to a fixed-size block, sector, or cluster. Each block has its own physical address. The size of the block is usually between 512 and 65536. All transmitted information is in contiguous blocks. The basic feature of block devices is that each block is relatively opposite and can read and write independently. Common block devices are hard disk, Blu-ray disc, USB disk.

The block device is generally located under / dev/sda, and its first attribute is [b].

Another type of Imax O device is the character device. Character devices send or receive a character stream on a character-by-character basis, regardless of any block structure. Character devices are not addressable and there is no seek operation. Common character devices are printers, network devices, mice, and most devices that are different from disks.

The biggest feature of the character device is that it can read at one time and cannot truncate the output. for example, you can't jump the mouse to another place at once, but use smooth movement. The first attribute of the character device is [c].

Data interface file (sockets): as the name implies, the data interface file uses socket to undertake network data. Its attribute is [s], which is generally found in directories such as / run or / tmp.

Data transfer file (FIFO,pipe): FIFO is also a special type of file, its main purpose is to solve the error problem caused by multiple programs accessing a file at the same time, its first attribute is [p].

Linux extension

Speaking of this extension is actually a headache, there is no concept of extension in Linux, but there are some extension naming methods, which is very embarrassing, so let's become an extension type for the time being. There are generally the following

* .sh, which is an execution script or batch script, also known as a shell script, contains instructions written in shell syntax.

.tar, .tar.gz, .zip, * .tgz, this extension type is a packaged compressed file, and there are different extension types according to different packaging methods.

HTML, .php: Web page-related files that represent HTML and PHP syntax, respectively.

Thank you for your reading, the above is the content of "what are the permissions of linux?" after the study of this article, I believe you have a deeper understanding of what the authority of linux has, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.