Table of contents
1. Shell commands and operating principles
2.1 Classification of file visitors (people)
2.2 File Type and Access Permissions (Thing Attributes)
2.3 Representation method of file permission value
2.4 Related setting methods of file access permissions
People always have to pay the price for past laziness!
1. Shell commands and operating principles
(1) From a technical point of view, the simplest definition of Shell : command line interpreter ( command Interpreter ) mainly includes:Translate the user's commands to the core ( kernel ) for processing; at the same time, translate the processing results of the core to the user.(2) The significance of the existence of the shell: the shell reduces the cost of operating the OS; protects the OS;
The command line interpreter (shell) commonly used by our centos 7 is called bash. [shell is a general term, bash is a specific one]
2. The concept of authority
(1) From ordinary user to ordinary user, a password is required.(2) From super user to common user, no password is required. [Super user password is very important]
Suggestion: The root password is recommended to be set differently from the common user password, and the super user password must be complex.
3. Rights Management
2.1 Classification of file visitors (people)
In the Linux system, people are divided into three categories: (1) the owner of the file (owner) (2) the group to which the file belongs (grouper)(3) Other users of the file (other)There are two types of users under Linux : super user ( root ) and ordinary user. (root and ordinary users can be one of the above three categories)
2.2 File Type and Access Permissions (Thing Attributes)
File type: (Under linux, the file suffix is not used to distinguish files)d : folder (text, source code, executable program, third-party static library, etc.) [directory file]- : normal filel : soft link (similar to Windows shortcut) [link file]b : block device file (such as hard disk, optical drive, etc.)p : pipeline filec : character device file (such as a serial device such as a screen)s : socket file
gcc is a compiler software on linux. [Although linux does not use file suffixes to distinguish files, but the software in linux will ]
b) Basic permissionsi. Read ( r/4 ): For a file, Read has the authority to read the content of the file; for a directory, it has the authority to browse the directory informationii. Write ( w/2 ): For files, Write has the right to modify the content of the file; for directories, it has the right to delete files in the moved directoryiii. Execution ( x/1 ): For files, execute has the permission to execute files; for directories, it has the permission to enter directoriesiv. "—" indicates that it does not have this permission
Permissions revolve around user and file attributes (read, write, execute).
Permission operations on files: (1) Modify file attributes (2) Modifiers
2.3 Representation method of file permission value
b) Octal value representation method
2.4 Related setting methods of file access permissions
root is not restricted by ordinary user rights.
The format of the permission value of the chmod command:① User indicator +/-= permission character+: Add the authority represented by the authority code to the scope of authority-: Cancel the permission indicated by the permission code from the permission scope=: Grant the authority represented by the authority code to the scope of authorityUser symbol:u : the ownerg : used by the same group as the ownero : other usersa : all usersExample:# chmod u+w /home/abc.txt# chmod ox /home/abc.txtchmod a=x /home/abc.txt【All users can only execute this permission】②Three-digit octal numbersExample:# chmod 664 /home/abc.txt# chmod 640 /home/abc.txt
chown to change the owner file ; at this time, an error will be reported, and it should be written as (1) sudo chown to change the owner file ; [sudo’s role is to elevate the authority to execute the program as root] (2) First change the user to a super user , then chown to change the owner of the file .
(1) Sudo chgrp changes the belonging group file [sudo function, elevates the privilege to execute the program as root] (2) First change the user to a super user, and then chgrp changes the belonging group file .
(1) sudo chown the changed owner: the changed group file (2) first change the user to a super user, and then chown the changed owner: the changed group file .
(1) Our permission to create a directory is: 775; the permission to create a file is: 664 (different systems may vary)
The default directory permission is: 777; the default file permission is: 666
(2) umark 0000; then our permission to create a directory is: 777; the permission to create a file is: 666 [that is, the default permission]
3. file command
file file/directory
4. Directory permissions ★
Executable permissions : If the directory does not have executable permissions , you cannot cd into the directory .Readable permissions: If the directory does not have readable permissions , you cannot view the list of files in the directory with commands such as ls .Writable permissions : If the directory does not have writable permissions , files cannot be created in the directory , and files cannot be deleted in the directory
5. Sticky bit ★
When you have write permissions to the directory, you can create and delete files. But everyone who has write permissions to the directory can delete any file in the directory. [At this time, we don't want others to delete our own files, and the directory can add sticky bits]
6. Summary of Permissions
(4) So in the directory, even if the ls command can be executed, there is still no permission to read the documents in the directory.