Permission management in Linux
1, Authority overview
1. Basic concepts of permissions
In the management of multi-user computer system, permission refers to that a specific user has a specific right to use system resources.
In Linux, you have read, write and execute permissions respectively:
| Permissions for files | Permissions for directory | |
|---|---|---|
| Read r | Indicates that the file contents can be viewed | Indicates that you can (ls) view the file name existing in the directory |
| Write w | Indicates that the contents of the file can be changed | Indicates whether you can delete sub files in the directory or create a new sub directory (rm/touch/mkdir) |
| Execute x | Indicates whether the program recorded in the file can be opened, generally referring to binary files | Indicates whether you can enter the directory (cd) |
2. Linux user identity category
Linux system generally divides file permissions into three categories: read, write and execute.
The users of linux system files are also divided into three categories: File owners, users in the file group and other users.
☆ user file owner
By default, whoever creates the file is the owner of the file.
☆ users in the group to which the group file belongs
Users in the group to which the file belongs (the default is the primary group of the user who created the file).
☆ other users
Other users represent those who are neither the owner of the file nor the users in the group to which the file belongs. These users are called other users.
☆ special user root
In the Linux operating system, root has the highest permission (for all files), so the permission setting has no effect on the root account.
2, General permission management
1. View file permissions
Syntax: # ls -l readme.txt -rw-r--r-- 1 root root 0 Jan 22 15:45 readme.txt Result description: -rw-r--r--:The first column is the file type+Permissions, bit 1-Indicates the file type, 2-4 position rw-Indicates the permission of the file owner, 5-7 position r--Indicates the user permissions within the file group, 8-10 position r--Indicates the permissions of other users 1: The second column is the number of file nodes root: The third column is the owner of the file root: The fourth column is the group to which the file belongs 0: The fifth column is the file size Jan 22 15:45: The sixth column is the last modification time of the document readme.txt: The seventh column is the name of the document
2. File type
There are seven file types in Linux, as follows:
-: normal file
d: Catalog file
l: Soft links (Windows like shortcuts)
b: Block, block device file (e.g. hard disk, optical drive, etc.)
p: Pipeline file
c: Character device file
s: Socket interface file / data interface file (for example, a mysql.sock file will be generated when starting a MySql server)
3. File or folder permission settings
To set permissions, you can use the chmod command
# chmod [options] permission sets the name of the file or directory Option Description: -R : Recursive settings for folders (directories) Key points for setting permissions: First: confirm which identity you want to set permissions for, u,g,o,ugo(a) The second one: confirm to add permissions(+),Delete permissions(-)Or give permission(=) Third: confirm what permissions are set for this file or folder for this user, r,w,x
Case: to readme Txt file owner, add an executable permission
# chmod u+x readme.txt
Case: readme The executable permission of the owner of TXT file is removed
# chmod u-x readme.txt
Case: readme Txt. Users in the group to which they belong are given rw permission
# chmod g=rw readme.txt
Case: uniformly add w writable permissions to the test directory and its internal files
# chmod -R ugo+w test
In Linux, if you want to delete a file, it depends not on whether the file has the corresponding permission, but on whether the directory where the file is located has write permission. If so, you can delete it (and you must have execution permission).
3, File owner and file group settings
1. View of file owner and group
# ls -l readme.txt -rw-r--r-- 1 root root 0 Jan 22 15:45 readme.txt Result description: root: The third column is the owner of the file root: The fourth column is the group to which the file belongs
2. File owner settings
To modify the owner of the file or the group to which the file belongs, you need to use the chown command
# chown [options] new file owner name file name Option Description: -R : Represents recursive modification, mainly for folders
Case: put / root / readme The owner of TXT file and the group to which the file belongs are changed to linuxuser
# chown linuxuser:linuxuser /root/readme.txt
Case: change the owner and group of / root/test folder to linuxuser
# chown -R linuxuser:linuxuser /root/test
4, Special permissions
1. Set bit S
☆ function of setting bit S
Function: to enable general users to temporarily have the execution permission of the master / group to which the file belongs, for binary files.
☆ remove S-bit permission
# chmod u-s /usr/bin/passwd perhaps # chmod 0755 /usr/bin/passwd
☆ add S-bit permission
# chmod u+s /usr/bin/passwd perhaps # chmod 4755 /usr/bin/passwd
2. Dip hysteresis T
☆ viscous potential action
Main functions: only the creator and root user of the file are allowed to delete the file (to prevent accidental deletion of the permission bit), only for the folder.
☆ remove the sticking position
# chmod -R o-t /tmp or # chmod -R 0777 /tmp
☆ add viscous bit
# chmod -R o+t /tmp or # chmod -R 1777 /tmp