Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to achieve file and folder permissions in Linux. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

Linux file permissions

First, let's take a look at the contents of the files in the current directory.

Ls-l view the list of files in the current directory

Ls-l xxx.xxx (xxx.xxx is the file name) to view the specified file

We can see the permissions of the file,-rw-rw-r--, which has a total of 10 digits.

Among them: the first one-represents the type (detailed as shown in the map below)

The middle three rw- represent the owner (user)

Then those three rw- represent group.

The last three RMI-represent other people (other)

Then I'll explain the last nine digits:

R indicates that the file can be read (read)

W indicates that the file can be written (write)

X indicates that the file can be executed (if it is a program)

-indicates that the corresponding permission has not been granted

File and folder operation permissions:

The role of permission abbreviations on ordinary files on folders read r view file contents list files in a folder (ls) write w modify file contents delete, add or rename files (folders) execute x files can be executed as a program cd to a folder

It is important to note that a directory can only open and view internal files with both read and execute permissions, while a directory must have write permission to create other files in it. this is because the directory file actually holds information such as a list of files in the directory.

Add:

Special permissions SUID, SGID, Sticky

There are also three file permission attributes in the linux system that are independent of the user's identity. Namely SUID, SGID and Sticky.

SUID (Set User ID, 4):

This attribute is valid only for files with execute permissions and is not valid for directories. When a program with SUID permission is executed, the owner of the raised process is the owner of the program file, not the user who started the program (unless they are the same person). For example, if the owner of a program is root and has the SUID attribute, a normal user executes the program just as root executes the program. (note that this property is not valid for Shell scripts.) this property facilitates the startup of some special programs, such as lpr. But sometimes it brings security risks: for example, if a program with the SUID attribute runs a shell when it is executed, then the user can get the highest privileges of the system. SUID can be represented by s, such as:

$ls-l / usr/bin/passwd-rwsr-xr-x 1 root root 47032 Feb 16 2014 / usr/bin/passwd

SGID (Set Group ID, 4):

For executables, SGID is similar to SUID in that all groups of processes that are raised are the groups to which the program file belongs. For a directory, the SGID property makes the group of the newly created files in the directory the same as that directory. SGID can also be represented by s, such as:

$ls-l / vardrwxrwsr-x 2 root staff 4096 Apr 10 2014 localdrwxrwxr-x 15 root syslog 4096 Apr 4 19:57 log

Sticky, 1:

Valid for directories only. Files or directories under directories with the sticky attribute can be deleted or renamed by their owners. The sticky attribute is often used to create a directory where group users can create new files and modify file contents, but only the file owner can delete or rename their own files. Such as the / tmp folder in the system. In an attribute string, it is usually represented by t.

$ls-l / drwxrwxrwt 8 root root 4096 Apr 4 23:57 tmp

Change the operation rights of users corresponding to files and folders

If you have a file of your own that you don't want to be read, written or executed by other users, you need to modify the permissions of the file. Here are two ways:

Method 1: binary number representation

Three sets of permissions for each file:

U stands for owner (user)

G represents the group in which the owner belongs (group)

O stands for others, but not u and g (other)

A stands for all the people, that is to say, uJournal g and o

According to the figure above, rwx can also be replaced by numbers.

R-4

W-2

X-1

-- 0

When everyone understands the above, then some of our common permissions are easy to understand:

-rw- (600) only the owner has read and write permission

-rw-r--r-- (644) only the owner has read and write access, and groups and others only have read permission

-rwx- (700) only the owner has the permission to read, write and execute

-rwxr-xr-x (755) only the owner has read, write, and execute permissions, and groups and others only have read and execute permissions

-rwx--x--x (711) only the owner has the permission to read, write, and execute, and groups and others only have the permission to execute

-rw-rw-rw- (666) everyone has read and write access

-rwxrwxrwx (777) everyone has access to read, write and execute

Practical operation

After viewing the permissions of test, the owner has the permissions to read, write and execute:

Then I added something to the file, changed the permissions (700RWX -), and tried to read the file under shiyanlou (owner), which can be read.

Change to another user Peter, and try to read it again as shown in the figure below. It shows that the permission is insufficient and cannot be read.

Method 2: add and subtract assignment operation

U stands for owner (user)

G represents the group in which the owner belongs (group)

O stands for others, but not u and g (other)

A stands for all the people, that is to say, uJournal g and o

+ and-means to increase and remove the corresponding permissions, respectively. The + sign is usually not displayed (I will still add it when I learn to practice)

At the terminal, enter:

Chmod Odysw xxx.xxx

Chmod o w xxx.xxx means to grant others permission to write to the xxx.xxx file.

Chmod go-rw xxx.xxx means to delete read and write permissions for groups and other people in the xxx.xxx

Chmod ug-r xxx.xxx

Modify the owner / group to which the file or folder belongs

Use the command chown to change the ownership of a directory or file (owner / group)

Note: what is said here is intermittent and will be added after learning the next content (user / group addition, deletion, modification and query).

Files and directories can be changed not only by permissions, but also by ownership and user groups. Similar to setting permissions, users can set them through the graphical interface or execute chown commands to modify them.

Let's first execute ls-l to look at the directory:

You can see that the user group of the test file is root and the owner is root.

Execute the following command to transfer ownership of the test file in the figure above to user peter:

# chown peter test

To change the group to which you belong, transfer the test file from the root group to the group Peter, using the following command:

# chown: peter test

Change the users and groups to which they belong

Change the owner of the folder or file test to shiyanlou, and the group to which you belong to shiyanlou, as shown below:

This is the end of this article on "how to achieve file and folder permissions in Linux". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.