Common basic permission operation commands:
- chmod command
- chown command
- chgrp command
1. chmod command
The basic information of the command chmod for modifying permissions is as follows:
- Command name: chmod
- change file mode bits
- Path: / bin/chmod
- Execution permission: all users.
- Function Description: modify the permission mode of the file.
chmod command format:
[root@localhost ~ ] # chmod [options] permission mode file name Options: -R: Set permissions recursively, that is, set permissions for all files in the subdirectory
2. Permission mode
The format of the permission mode of the chmod command is [ugoa] [+ - = [perms], that is, the format of [user identity] [granting method] [permission]. Let's explain.
(1) User identity.
- u: On behalf of the owner (user).
- g: Represents the group to which it belongs.
- o: On behalf of other s.
- a: Represents all identities.
(2) Giving way.
- +: Join permission.
- -: subtract permissions.
- =: set permissions.
(3) Permissions.
- r: read permission.
- w: write permission.
- x: execute permission.
# Permission to view abc files [root@192 ~]# ll -rw-r--r--. 1 root root 0 12 September 29-21:41 abc # 1. Add execution permission to the owner of abc file. [root@192 ~]# chmod u+x abc [root@192 ~]# ll -rwxr--r--. 1 root root 0 12 September 29-21:41 abc # 2. Grant permissions to multiple identities at the same time, separated by commas. [root@192 ~]# chmod g+w,o+w abc [root@192 ~]# ll -rwxrw-rw-. 1 root root 0 12 September 29-21:41 abc # 3. Directly grant the desired permission to the corresponding identity, with =. [root@192 ~]# chmod u=rwx,g=rwx,o=rwx abc [root@192 ~]# ll -rwxrwxrwx. 1 root root 0 12 September 29-21:41 abc
3. Digital rights
The way of giving numerical authority is the simplest, but it is not as easy to remember and intuitive as the previous letter authority.
Let's look at the meaning of these digital permissions.
- 4: Represents r permissions.
- 2: Represents w permissions.
- 1: Represents x permissions.
explain:
r. w and x represent the permission to read, write and execute. If 1 represents permission and 0 represents no permission, then 111 has all three permissions. 111 is regarded as a binary number, which is translated into decimal, 7101 is 5, and so on.
4. Common file permissions
The method of giving digital permission is simpler, but users need to be more familiar with these numbers. In fact, there are not many common permissions, only the following.
- 644: This is the basic permission of the file, which means that the owner has read and write permission, while the group and others have read-only permission. (the standard permission of the file is this permission)
- 755: This is the execution permission of the file and the basic permission of the directory. It represents that the owner has read, write and execution permissions, while the group and others have read and execution permissions.
- 777: This is the maximum permission. In the actual production server, we should try our best to avoid giving such permissions to files or directories, which will cause certain security risks. (it means that everyone has the maximum permission for the file, which cannot be set in practice.)
5. chown command
chown is a command to modify the owner and group of files and directories. Its basic information is as follows:
- Command name: chown
- change file owner and group
- Path: / bin/chown
- Execution permission: all users.
- Function Description: modify the owner and group of files and directories.
chown command format:
[root@localhost ~ ] # chown [option] owner: the file or directory of the group to which it belongs Options: -R: Set permissions recursively, that is, set permissions for all files in the subdirectory
Note: in the newly installed Linux system, there are a large number of system users, but these system users cannot log in. The only user who can log in is root.
Demo: the login user is root.
# 1. The owner of the file is user, so you need to create an ordinary user user1 first. [root@192 ~]# useradd user1 [root@192 ~]# passwd user1 Change user user1 Your password. New password: Invalid password: too simplistic/systematization Invalid password: too simple Re enter the new password: passwd: All authentication tokens have been successfully updated. # The above two commands are to add users and set passwords for users. # At this time, it is the root user. If an ordinary user modifies his password, it needs to comply with the principle of password complexity. # 2. View the owner and group of abc file [root@192 ~]# ls -l abc -rwxrwxrwx. 1 root root 0 12 September 29-21:41 abc # 3. Modify the owner of abc file to user1 [root@192 ~]# chown user1 abc [root@192 ~]# ls -l abc -rwxrwxrwx. 1 user1 root 0 12 September 29-21:41 abc #Note: in the description of chown command, 'change file owner and group' can be modified. # Therefore, you can modify the owner and user group of the file at the same time through the chown command. [root@192 ~]# ls -l abc -rwxrwxrwx. 1 user1 user1 0 12 September 29-21:41 abc [root@192 ~]# chown root:root abc [root@192 ~]# ls -l abc -rwxrwxrwx. 1 root root 0 12 September 29-21:41 abc # Tip: in the chown command, the owner and the group can be separated by: or.
6. chgrp command
chgrp is a command to modify the group of files and directories. Its basic information is as follows:
- Command name: chgrp
- change group ownership
- Path: / bin/chgrp
- Execution permission: all users.
- Function Description: modify the group of files and directories.
The same as the chown command above, the demonstration is as follows:
# 1. View the owner and group of abc file [root@192 ~]# ls -l abc -rwxrwxrwx. 1 root root 0 12 September 29-21:41 abc # 2. Modify the group to which the abc file belongs [root@192 ~]# chgrp user1 abc [root@192 ~]# ls -l abc -rwxrwxrwx. 1 root user1 0 12 September 29-21:41 abc
be careful:
In the demonstration of the chown command, only the user1 user was created, not the user1 group. However, there is a user1 group in the system. In Linux system, if you add a user, the system will generate a group with the same name (user1 group) by default as the initial group of the user, so you don't need to create a user1 user group separately. This is different from Windows system.
7. Summary
- 1. Ordinary users can modify the permissions of files whose owner is their own.
If you modify the file to the permissions of other advocates, only root can.[user1@192 ~]$ touch test [user1@192 ~]$ ls test [user1@192 ~]$ chmod 755 test [user1@192 ~]$ ls -l -rwxr-xr-x. 1 user1 user1 0 12 June 30 00:49 test
- 2. Ordinary users cannot modify the owner of the file, even if they are the owner of the file.
Only a superuser can modify the owner of a file.[user1@localhost ~ ] $ chown user2 test chown: Changing"test"Owner of: operation not allowed