Preface

This article will briefly introduce Linux The authority of the system . master Linux Authority related knowledge , It's good Linux The key of the system

One : Super users and ordinary users

  • The super user : Do whatever you want
  • Ordinary users : Permissions are partially restricted
    Ordinary users switch to super users

Linux series _2:Linux jurisdiction

 


Switch to other user

Linux series _2:Linux jurisdiction

 

(2)Linux Rights management

A: Classification of file visitors

Linux There are three types of visitors to a file

  • u(user): The owner of the file or file directory
  • g(group): Users in the group of owners of files and file directories
  • o(other): Other users

B: File types and access rights

Use ls-al List the properties of the file Information

Linux series _2:Linux jurisdiction

 


The meanings of various information are as follows

Linux series _2:Linux jurisdiction

 

A: file type

abbreviation

Indicates the type

d

Folder

l

Soft link ( You can understand Windows Shortcuts in )

s

Socket file

b

Block device file ; Binary

c

Character device file

p

Name the pipeline file

-

Ordinary documents

B: Basic authority

jurisdiction

explain

read (r)

To read a file is to read a file ; To a directory is to browse directory information

Write (w)

To a file is to modify the content of the file ; For a directory, it is to move and delete the files in the directory

perform (x)

To file is to execute file ; To a directory is to enter a directory

-

No authority

C: The representation of permissions

Character representation

Linux series _2:Linux jurisdiction

 


8 Decimal representation

Linux series _2:Linux jurisdiction

 


Example

Linux series _2:Linux jurisdiction

 

D: Permission settings

( Only the owner of the document and root To change permissions )
Command one :chmod( Modify the permissions )

// The basic format
chmod [ Parameters ][ jurisdiction ][ file name ]
//[ jurisdiction ] Format
[ User symbol ](+/-/=)[ Permissions character ]

The user symbol

  • u: The owner
  • g: The owner
  • o: Other users
  • a: All users

The permission character

  • +: Add the authority represented by the authority symbol
  • -: Remove the authority represented by the authority symbol
  • =: Give the permission represented by the permission symbol to the permission scope

Example 1 : Remove the read permission of the owner

Linux series _2:Linux jurisdiction

 


Example 2 : Batch operation

Linux series _2:Linux jurisdiction

 


Example 3 : Directory permissions and file permissions

  • The directory read jurisdiction : It means that you are allowed to view the files in the directory ( It has nothing to do with the files in the directory )
  • Catalog Write permission of : It means that you are allowed to create files in this directory ( It has nothing to do with the files in the directory )

Linux series _2:Linux jurisdiction

 

Linux series _2:Linux jurisdiction

 

  • Directory Execution Authority : It means whether Sure cd This directory . Because the read and write permissions of the directory are based on the execution permissions , So once execution permission is turned off , Then its read and write permissions will also be turned off

Linux series _2:Linux jurisdiction

 

Command two :chown( Modify file owners and groups )

chown [- Parameters (-R It's recursion , When you modify the directory, add )][ Target user name ][ file name ]

Linux series _2:Linux jurisdiction

 

chgrp [- Parameters (-R It's recursion , When you modify the directory, add )][ Target user group name ][ file name ]

Linux series _2:Linux jurisdiction

 


Three orders :umask( Default permissions )
The default permission to create a normal file or directory is as follows

Linux series _2:Linux jurisdiction

 


The default values for these permissions are set by umask It depends on the value of , It can be viewed through terminal input umask Value

Linux series _2:Linux jurisdiction

 


about root user , Its umask The value is 0022, For ordinary users, it is 0002
umask There are four arrays , The first is used to define special permissions , The remaining three are about authority . For directory , The maximum permissions a user can have are 777, For files, the maximum permission of the directory is removed from the execution permission , yes 666, Because the execution permission is required by the directory , It's not necessary for ordinary files .
because root Of umask The default is 022, as follows , Use root When creating a directory , Its authority is the maximum authority 777 Remove the corresponding position umask Authority , Write permission is removed for the group and others ; While using root When creating a file , So it is with , That is to say 644

Linux series _2:Linux jurisdiction

 


When setting default permissions for calculation , You shouldn't just subtract... From the maximum permissions umask value , The formula is mask& ~umask. For example, the maximum permission of a directory is 777, Corresponding to "111 111 111",umask The value is set to 2, Corresponding to “000 000 010”,~umask Then for “111 111 101”, Conduct and operate , Then for “111 111 101”, Then for 775, The corresponding permission character is “rwx rwx r-x”. For another example, the maximum permission of a file is 666, Corresponding to “110 110 110”, The process and operation are “110 110 100”, The corresponding permission character is “rw- rw- r--”

Linux series _2:Linux jurisdiction

 

Another example is to make umask Value settings 0003, How much will it be ? For the file : Then for “110 110 100”, That is to say 664, For the directory, it is “111 111 100”, Then for 774

Linux series _2:Linux jurisdiction

 

E: Sticky bits

( Be careful : The sticky bit is usually set for the directory )
as follows :test2 This folder belongs to root, But ordinary users can delete , This is dangerous

Linux series _2:Linux jurisdiction

 

It can be solved by viscous potential , Just set the sticky bit on the target directory

chmod +t [ Target directory ]

Linux series _2:Linux jurisdiction

 


When a directory is set to sticky bit , Only by the following three kinds of people to delete

  • Super administrator
  • The directory owner
  • The owner of the document