Shulou(Shulou.com)06/03 Report--

Lsattr: view hidden permissions for files or directories

-a: view all including hidden files

-d: view the hidden permissions of the current directory

-R: view the hidden permissions of all files under the file

* Hidden permissions e: represents the ext4 file system

Chattr: change hidden files in a file or directory

I: completely reject any operation on a file or directory

A: for files: you can append redirect, cannot vi cp mv chmod rm touch, etc., for directories: you can touch to change time, for files in directories, you can touch, >, >, etc.

* you need to subtract the permission and change + to -.

Redirect symbol: > (writes the contents to the file and overwrites the contents of the previous file)

Append the redirect symbol: > > (write the contents to the file and retain the contents of the previous file)

-set_uid: let the user executing the file temporarily have the permissions of the file owner

* set_uid can be set only if it is an executable binary file, such as passwd, ls, etc.

In the following figure, you can see that the owner of the passwd command is root, but the owner permission is not rwx, but rws, where s represents the permission of set_uid. Let's take a look at the permission of the password configuration file shadow, so set set_uid. When ordinary users change their own password, they can temporarily have the permission of root, the owner of the passwd file, to complete the password modification.

The following figure is tested with the ls command. The user1 user is used to view the directory of the root user without permission. After adding the set_uid permission to the ls command, the user1 user can view the / root directory.

1. Add set_uid permissions: chmod Ubuns / path / filename

two。 The second way to add set_uid permissions:

* in the following figure, set_uid is added through chmod u=rws, but when the view is added, s becomes uppercase because there is no x permission, because adding set_uid with u=rws omits x execution permission, but this does not affect user1 users to view / root directory using ls, because the third paragraph of ls file permissions: other user permissions have x permissions. When x execution permission is added through chmod uplink, set_uid 's s becomes lowercase.

Set_gid:

1. When acting on a file, the effect is similar to set_uid, allowing other users executing the file to temporarily have permissions for the file user group:

The user group for viewing user user1 is user1, the user group for viewing / root directory is root, and the user prompt for viewing / root using user1 cannot open *

* add set_gid permissions to the / usr/bin/ls command

Use the user1 user to view the / root directory again to show that set_gid is used to give other users temporary access to the group to which the file belongs *

2: when acting on the directory:

Change the testfile directory user group from root to user1*

* when creating subdirectories and files in the testfile directory, the files and user groups of the subdirectories belong to the group of the current user (use the root user to create files under the testfile directory, and directories, files and directories belong to the group of the root user)

After adding set_gid permission to the testfile directory, the files and subdirectories created by the root user under the testfile directory belong to user1 (so when set_gid acts on the directory, you can make the subdirectories and file groups created under that directory belong to the group of the parent directory, rather than according to the user who created the subdirectories and files) *

Stick_bit: prevent other users from deleting files and directories you create (except root)

* you can see in the following figure that the / tmp directory has stick_bit permissions. Use user1 users to create test directories testfile, test.txt and add 777 permissions, so that other users have sufficient permissions to operate.

Permissions are set using the first s in chmod sxxx filename, where:

4: SUID2, SGID1, Stick Bit

* switch the user2 user to delete the files and directories created by the user1 user. In this case, the user2 user has rwx permission for both the testfile directory and the test.txt file, but the prompt cannot be deleted, because the / tmp directory has stick_bit permission, and no other user can delete the directories and files created under this directory (except root), but if the user1 user creates subdirectories and files in testfile, other users can delete them. Because the testfile directory does not have stick_bit permissions, while other users have rwx permissions, stick_bit permissions only apply to the current parent directory

Soft links: equivalent to Windows system shortcuts, soft links take up very little disk space in linux systems

Create soft link command: ln-s source file path soft link file path

For example: soft link / tmp/test.log file to / root/lntest/test2.log

* when the soft link is added successfully, the data is added to the soft link file and it will be updated to the source file.

(for example, when an application keeps writing logs to / root/lntest/test2.log and the amount of data is large, and the disk where / root is located is almost full, you can create a log file / tmp/test.log on the disk with enough space, soft link to the / root/lntest/test2.log file, and the data will be written to test.log, reducing the pressure on the disk where the / root directory is located, and the soft link file will only take up a small amount of disk space. And does not affect continuous logging while the application is running)

* 1. In addition to files, soft link objects can also be directories, 2. Soft links can be across partitions, 3. Soft links try to use absolute paths, 4. Soft link cancellation: rm-rf soft link file

Hard links:

Create command: ln source file hard link file

* the following figure creates both a soft link and a hard link, as can be seen by comparison: 1. Hard link file and source file are the same size, inode number is the same, source file and target file are hard link to each other, so hard link can be deleted, 2. Hard links cannot cross partitions, which may result in different files having the same inode number, 3. Hard links cannot be directories, they can only be files

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.