Shulou(Shulou.com)06/03 Report--

This article introduces the knowledge of "how to understand the permissions in Linux Shell". Many people will encounter such a dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Once a file is created, it can be accessed in three ways:

1) read, you can display the contents of the file.

2) write, you can edit or delete it.

3) execute if the file is a s h e l l script or program.

The permissions of the file can be divided into three categories according to the user you are targeting:

1) File owner, the user who created the file.

2) users in the same group, any user in the user group that owns the file.

3) other users, that is, a user who does not belong to the user group that owns the file

All the information in the file includes the following:

Location of the file.

File type.

File length.

Which user owns the file and which users can access the file.

Node.

The modification time of the file.

The permission bit of the file.

You can view this information through ls-l, as shown below

[root@ksharpdabu home] # ls-ltotal 24drwxr-xr-x 2 root root 4096 Mar 15 10:00 Bakblog-rwx- 1 root root 786 Mar 15 10:18 backupblog.sh-rw-r--r-- 1 root root 614 Mar 16 18:38 bk.shdrwx- 2 www www 4096 Feb 28 17:04 wwwdrwxr-xr-x 7 www www 4096 Mar 15 10:04 wwwroot

Total24: indicates the space occupied by all files in this directory

The front horizontal bar represents a normal file, and the following is the file type:

D directory.

L symbolic link (points to another file).

S socket file.

B block device file.

C character device file.

P name the pipe file.

-ordinary files, or, more accurately, files that do not belong to the above types.

-rw-r--r--: represents the relevant permissions of the file, excluding the previous horizontal bar, a total of nine characters

Each corresponds to 9 permissions, the first three characters represent the primary permissions of the file, the middle three represent the same group of user rights, and the last three characters represent other user rights. Everyone has three operations on files.

R read permission

W write / change permissions

X permission to execute the script or program

When a user creates a new file, the system generally does not give the creator of the file the right to execute, that is, x, for security reasons. For file owners, it is still possible to write to the file through file redirection if only the read permission bit is set Note that whether a file can be deleted also depends on the setting of the right limit of the directory in which the file is located. Personally, I think it is the intersection of the directory where the file is located and the permissions of the file itself.

The setting of the right limit of the directory where the piece is located. Some examples:

What permissions represent

Rmurf-text files are readable, but cannot be written or executed.

Rmurf-rmure-the file owner and the same group of users (generally speaking, the default group where the file owner belongs) can be read

The text can be read by any user, but cannot be written or executed.

Rwx rmae-rmae-text files can be read, written and executed by the master, and can only be read by the same group of users and other users

Rwx rmerx-text files can be read, written and executed by the master, and can be read and executed by users in the same group.

Rwx RMIX text files can be read, written and executed by the master, and can be read and executed by users in the same group and other users.

Rw- rw--text file owners and users in the same group can read and write

Rw- rw- r-text file owners and users in the same group can read and write, and other users can read

Rw- rw--text file owner and other users in the same group and other users can read and write. Use this permission setting carefully, because any user can write to the file.

The following commands are commonly used to change the permissions of a file or directory. Remember

The general format of the chmod command is:

Chmod [who] operator [permission] filename

The meaning of w h o is:

U file belongs to the primary permission.

G user rights in the same group.

O other user rights.

An all users (file owners, users in the same group and other users).

The meaning of o p e r a t o r:

+ increase permissions.

-revoke the permission.

= set permissions.

The meaning of p e r m i s s i o n:

R read permission.

W write permission.

X execute permissions.

S file owner and group s e t-ID.

T viscous bit *.

L locks the file to make it inaccessible to other users.

The operation of urecoery gpeno is aimed at file owners, users in the same group and other users.

* the "t" bit is sometimes encountered when listing files or directories. "t" represents the sticky bit. If the "t" bit appears on a directory, this means that files in that directory can only be deleted by their owners, even if a user in the same group has and owner

Equal access. However, some systems are not very strict in this rule.

If you see "t" in the file list, this means that the script or program will be placed in the swap area when it is executed

Save). However, since the price of memory is so low today, you can ignore the use of the "t" of the file.

For example: modify the permissions of myfile

Meaning of command result

Chmod Amurx myfile rw- rw- rw- withdraws the execution rights of all users

Chmod og-w myfile rw- rmae-rmai-take back write permissions of users in the same group and other users

Chmod Grouw myfile rw- rw- r-- Grant write permissions to users in the same group

Chmod Ubunx myfile rwx rw- r-- Grant file owner execution rights

Chmod go+x myfile rwx rwx r-x gives execution rights to the same group and other users

When we create the test file, its permissions are as follows:

-rw-r--r-- 1 dave admin 614 Mar 16 18:38

I want to have execute permission and cancel the read permission of all other users, modify it as follows

# chmod uprix omurr test

The file permissions for test become

-rwxr- 1 dave admin 614 Mar 16 18:38

If you want a script file to be executable to you, and you are comfortable with the default permissions for that file, just make it executable for you.

# chmod uplix dt

Absolute mode of permissions (that is, permissions are represented by numbers)

The general form of the absolute mode of the chmod command is:

Chmod [mode] file

Where mode is an octal number. R is 4, w is 2, and x is 1.

File owner is in the same group as other users

R w x r w x r w x

4 + 2 + 14 + 2 + 14 + 2 + 1

7 7 7

Modify test file to rwxr--r--

# chmod 744 test

Modify the permissions of the mydir directory and its subdirectories to rwxr--r--

# chmod-R 744 mydir / / where-R indicates recursion, that is, change all files and subdirectories under the mydir directory to 744

Table of contents:

The permission bit of the catalog is different from the file. The read limit of the directory means that the contents of the directory can be listed. Write permission limit means that you can create files in this directory, and if you do not want other users to create files in your directory, you can cancel the corresponding write permission limit. The execute permission bit means searching for and accessing the directory. If the permissions of the same group or other users for a directory are set to-- x, they will not be able to list the files in that directory. If there is a script or program in this directory that executes location bits, as long as the user knows its path and file name, it can still be executed. The user's inability to access the directory does not hinder his execution. The permissions of the directory will override the permissions of the files in that directory. That is to take their intersection.

Note that the c h m o d command does not perform the necessary integrity checks and can give any permissions to a useless file, but

The chmod command does not check the set permission combination. Therefore, do not see a file with execute permissions

I think it must be a program or script.

Suid and guid will not be introduced here. You can use your own google documents or books.

Chown: modify the owner of the file

Chgrp: modify all groups of files

The general form of the c h o w n command is:

Chmod-R-h owner file

The-R option means that the same operation is done for files in all subdirectories. The-h option means that changing the owner of a symbolic link file does not affect the target file that the link points to.

The usage of chgrp is similar to that of chown, but you can man on your own.

View the command for the group to which you belong:

# group or # id

See which group command the other users belong to:

The # group user name "how to understand permissions in Linux Shell" ends here. Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.