Shulou(Shulou.com)06/02 Report--

This article introduces you how to modify file permissions in the linux system, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Every file and directory in the Linux system has access permission, which is used to determine who can access and manipulate files and directories in what way.

Access to files or directories can be divided into three types: read-only, write-only and executable. In the case of a file, for example, read-only permission means that only its contents are allowed to be read, and any changes to it are prohibited. Executable permissions allow the file to be executed as a program. When a document is created, the file owner automatically has read, write, and executable permissions to the file to facilitate reading and modification of the file. Users can also set access rights to any combination they need.

There are three different types of users who can access files or directories: file owners, users in the same group, and other users. The owner is generally the creator of the file. The owner can allow the same group of users to have access to the file, and can also grant access to the file to other users in the system. In this case, every user in the system can access the files or directories owned by that user.

There are three groups of access rights for each file or directory, each group is represented by three digits, namely, the read, write and execute permissions of the file owner, the read, write and execute permissions of users in the same group as the master, and the read, write and execute permissions of other users in the system. When you use the ls-l command to display the details of a file or directory, the leftmost column lists the access permissions for the file. For example:

$ls-l sobsrc. Tgz

-rw-r-r- 1 root root 483997 Ju1 L5 17 Ju1 31 sobsrc. Tgz

The horizontal line represents an empty license. R stands for read-only, w for write, and x for executable. Notice that there are 10 locations here. The first character specifies the file type. In a general sense, a directory is also a file. If the first character is a dash, it represents a file that is not a directory. If it's d, it means it's a directory. For example:

-rw- r-r-

Normal file main group users other users

Is the access permission of the file sobsrc.tgz, indicating that sobsrc.tgz is an ordinary file; the owner of sobsrc.tgz has read and write permission; users in the same group as sobsrc.tgz have only read permission; and other users only have read permission.

After determining the access rights of a file, users can use the chmod command provided by the Linux system to reset different access rights. You can also use the chown command to change the owner of a file or directory. Use the chgrp command to change the user group of a file or directory.

These commands are described below.

The chmod command chmod command is very important to change access to a file or directory. Users use it to control access to files or directories.

Take a folder called "cc" under the home folder as an example. The following step by step describes how to modify permissions:

1. Open the terminal. Enter "su" (without quotation marks)

two。 Next you will be asked to enter your password and enter your root password.

3. Suppose my folder is in the home directory with the address / var/home/dengchao/cc. Suppose I want to change the file permissions to 777, then the permission to enter the chmod 777 / var/home/userid/cc folder on the terminal becomes 777.

If you are modifying folder and subfolder permissions, you can use chmod-R 777 / var/home/userid/cc.

The specific permissions (such as the meaning of 777, etc.) are explained below:

There are 3 bits in 1.777, the highest bit 7 is to set file owner access, the second is to set group access, and the lowest bit is to set other people's access.

The permissions of each of them are represented by numbers. Specifically, there are these permissions:

R (Read, read, permission value is 4): for files, it has permission to read the contents of files; for directories, it has permission to browse directories.

W (Write, write, permission value is 2): for files, it has the permission to add and modify file contents; for directories, it has the permission to delete and move files in the directory.

X (eXecute, execute, permission value is 1): for files, have permission to execute files; for directories, the user has permission to enter directories.

\ 2. First of all, let's look at how to determine the permission value on a single bit. For example, the highest bit represents the file owner permission value. When the number is 7, 7 is represented by "rwx"-{4 (r) + 2 (w) + 1 (x) = 7}-and if the value is 6, then "rw-" is used to indicate-{4 (r) + 2 (w) + 0 (x) = 6} -, "-" indicates that you do not have the permission, here the table shows that you do not have the "execute" permission.

If we set the access rights of other users to "r -", the value is 4, 0,0,4.

At first, many beginners will be confused, in fact, it is very simple, we regard rwx as a binary number, if there is, it is expressed as 1, and if there is no, there is 0, then rwx can be expressed as: 111l

And the binary 111 is 7.

3. Let's take a look at how to determine permissions on three digits. If we want to set permissions for a file, the specific permissions are as follows:

If the file owner has "read", "write" and "execute" permissions, group users have "read" permissions, and other users have "read" permissions, the corresponding letter is "rwx r-r -", and the corresponding number is 744.

Generally, the highest bit represents the file owner permission value, the second bit represents group user rights, and the lowest bit represents other user rights.

Here are some examples to familiarize yourself with.

Permission value rwx rw- RW 764rw-r RMI 644rw-rw- RMI 664 this command can be used in two ways. One is a text setting method that contains letters and operator expressions; the other is a numeric setting method that contains numbers.

1. Text setting method chmod [who] [+ |-| =] [mode] file name quarter

The options in the command mean:

The Operand who can be any of the following letters or a combination of them:

U stands for "user", that is, the owner of a file or directory.

G stands for "group users", that is, all users who have the same group ID as the file owner.

O means "other (others) users".

A stands for "all all users". It is the system default.

The operation symbol can be:

+ add a permission.

-revoke a permission.

= Grant the given permission and cancel all other permissions, if any.

The permissions represented by mode can be set with any combination of the following letters:

R is readable.

W is writable.

X is executable.

X appends the x attribute only if the target file is executable to some users or if the target file is a directory.

S sets the process owner or group ID as the file owner of the file when the file is executed. The user ID bit of the file is set by mode "Utility", and the group ID bit is set by "Groups".

T save the text of the program to the switching device.

U has the same permissions as the file owner.

G has the same permissions as users who belong to the same group as the file.

O have the same permissions as other users.

-c: if the permission of the file has indeed been changed, the change action will be displayed.

-f: do not display an error message if the file permissions cannot be changed

-v: displays the details of permission changes

-R: make the same permission changes for all files in the current directory as well as subdirectories (that is, change them one by one recursively)

-help: displays auxiliary instructions

-version: display version

File name: a list of files to change permissions separated by spaces. Wildcards are supported. Multiple permissions can be given on a command line, separated by commas. For example, chmod gadget example gives the same group and other users read access to the file example.

Example 1:

$chmod axix sort

That is, set the attribute of the file sort to:

File owner (u) increases execution authority

The user (g) in the same group as the file owner increases the execution authority

Other users (o) increase execution rights

Example 2:

$chmod ug+w,o-x text

That is, set the attribute of the file text to:

File owner (u) increases write permission

Users in the same group as the file owner (g) increase write permissions

Other user (o) removes execution permission

Example 3:

$chmod Utility a.out

Suppose the a.out permission after executing chmod is (you can use the ls-l a.out command to see it):

-rws-x-x 1 inin users 7192 Nov 4 14:22 a.out

And this execution file uses a text file shiyan1.c, whose file access permission is "- rw---", that is, only the owner of the file has read and write permission.

When another user executes the a.out program, his identity temporarily changes to inin because of the program (because the s option is used in the chmod command), so he can read the shiyan1.c file (although the file is set to no one else has any permissions), which is the function of s.

Therefore, in the whole system, especially the root itself, it is best not to set too many files of this type (unless necessary) so as to ensure the security of the system and avoid the intrusion of the system because of the bug of some programs.

Example 4:

$chmod a murx mm.txt

$chmod-x mm.txt

$chmod ugo-x mm.txt

The above three commands delete the execution permission of the file mm.txt, which sets the object for all users.

two。 Numeric setting method We must first understand the meaning of numeric attributes: 0 indicates no permission, 1 indicates executable permission, 2 indicates writable permission, 4 indicates readable permission, and then adds them. So the format of the numeric attribute should be three octal numbers from 0 to 7, in the order of (u) (g) (o).

For example, if you want the owner of a file to have read / write permissions, you need to put 4 (readable) + 2 (writable) = 6 (read / write).

The general form of digital setting method is: chmod [mode] file name quarter.

Example 1:

$chmod 644 mm.txt

$ls-l

That is, set the attribute of the file mm.txt to:

-rw-r-r- 1 inin users 1155 Nov 5 11:22 mm.txt

File owner (u) inin has read and write permissions

User (g) who is in the same group as the owner of the file has read permission

Others (o) have read permission

Example 2:

$chmod 750 wch.txt

$ls-l

-rwxr-x- 1 inin users 44137 Nov 12 9:22 wchtxt

That is, set the properties of the wchtxt file to:

File owner (u) inin readable / writable / enforceable right

Person in the same group as the document owner (g) readable / enforceable

Others (o) do not have any authority

Chgrp command function: change the group to which the file or directory belongs.

Syntax: chgrp [options] group filename quarter

Parameters:

The-c or-changes effect is similar to the "- v" parameter, but only returns part of the change.

-f or-quiet or-silent does not display an error message.

-h or-no-dereference only modifies symbolic link files and does not change any other related files.

-R or-recursive recursive processing, processing all files and subdirectories under the specified directory together.

-v or-verbose displays the instruction execution process.

-help online help.

-reference= reference file or directory > sets all the groups of the specified file or directory to be the same as those of the reference file or directory.

-version displays version information.

This command changes the user group to which the specified file belongs. Where group can be the user group ID or the group name of the user group in the / etc/group file. The file name is a list of files to be changed to the group separated by spaces, and wildcards are supported. If the user is not the owner or superuser of the file, you cannot change the group of the file.

The options of this command mean:

-R recursively changes the grouping of the specified directory and all subdirectories and files under it.

Example 1:

$chgrp- R book / opt/local / book

Change the group of all files in / opt/local / book/ and its subdirectories to book.

Chown command function: change the owner and group of a file or directory. This command is also very common. For example, the root user copies one of his files to the user yusi. In order to enable the user yusi to access the file, the root user should set the owner of the file to yusi, otherwise, the user yusi cannot access the file.

Syntax: chown [options] user or group files

Description: chown changes the owner of the specified file to the specified user or group. The user can be a user name or user ID. A group can be a group name or a group ID. Files are a list of files to change permissions separated by spaces, and wildcards are supported.

Parameter description:

User: ID, the user of the new file owner

Group: the user community of the new file owner (group)

-c: the change action is displayed only if the owner of the file has indeed changed it.

-f: do not display an error message if the file owner cannot be changed

-h: only changes are made to the link, not to the file that the link actually points to

-v: displays the details of the owner's changes

-R: make the same owner changes for all files in the current directory as well as subdirectories (that is, change them one by one by recursion)

-help: displays auxiliary instructions

-version: display version

Example 1: change the owner of the file yusi123.com to yusi.

$chown yusi yusi123.com

Example 2: change the owner of the directory / demo and all the files and subdirectories under it to yusi and the group to users.

$chown-R yusi.users / demo

For example: chown qq / home/qq (change the owner of the qq directory under the home directory to the qq user)

For example: chown-R qq / home/qq (change the owner of all subfiles under the qq directory under the home directory to the qq user)

On how to modify file permissions in the linux system to share here, I hope that the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.