chmod command: Change file permissions.
1. Symbol pattern:
Command format: chmod [who] operator [permission] filename
The options included by the WHO and what they mean:
u Files are master permissions.
g subordinate group user permissions.
o Other user permissions.
a All users (file owner, group user, and other users).
Options included in operator and what they mean:
+ Increased permissions.
- Cancel permissions.
= Set permissions.
Permission includes options and what they mean:
r read permission.
w write permission.
x Execution permissions.
s file belongs to the main and group set-ID.
t viscous bit*.
l Lock files so that other users can't access them.
u,g,o for files that belong to the master, group users, and other users.
filename is the file name of the file you want to manipulate.
* When columning files or directories, sometimes encounter the "t" bit. The "t" represents the sticky bit. If the "t" bit appears on a directory, it means that only its owner can delete files in that directory, even if a user of a dependent group has the same permissions as the owner. However, some systems are not very strict in this rule. If you see a "t" in the file list, it means that the script or program will be placed in the exchange area (virtual storage) when it is executed.
Further explanation about the "t" permission
[quote]Original post by "風流濿�":
1. T permission is a sticky bit, for example: in the TMP directory, anyone has read and write execution permissions, but not anyone can delete the files with writable permissions inside, of course not, this is the use of the sticky bit, only the owner has the right to delete his own files, of course, except for ROOT
2. Another permission regarding file security, i permission is the unmodifiable permission Example: Chattr U+i AAA then the AAA file cannot be modified, no matter who it is, if it is deleted, just use U-I
A permission is only appended, which is very useful for the logging system, this permission allows the target file to be appended, not deleted, and cannot be added through the editor. The method is added in the same way as i permissions
If you want to see if a file has this permission, just use lsattr filename
Example of changing permissions (temp as a file):
chmod a-x temp //rw- rw- rw- retract execution privileges from all users
chmod og-w temp //rw- r-- r- - revoke write access to the subordinate group user and other users
chmod g+w temp //rw- rw- r- - Grants write permissions to the subordinate group users
chmod u+x temp //rwx rw- r- - gives the file master execution permissions
chmod go+x temp //rwx rwx r- x gives the subordinate group users and other users execution permissions
2: Absolute mode:
Command format: chmod [mode] file
where mode is an octal number, and each permission is represented by an octal number.
For example: 0 4 0 0 files are master readable
0 2 0 0 files are mainly writable
0 1 0 0 files are master executable
0 0 4 0 genus group users can read
0 0 2 0 genus group users can write
0 0 1 0 can be executed by the user of the genus group
0 0 0 4 Readable by other users
0 0 0 2 Other users can write
0 0 0 1 Other users can do it
When setting permissions, just follow the above to find out the numbers corresponding to the permissions of the file owner, group users and other users, and add them up to the corresponding permission representation.
For example, the symbolic mode permissions of a temp file are found to be:
-rwxr--r-- 1 wjr root 0 2008-09-21 16:40 temp
The first "-" indicates that the file is a general file.
The corresponding absolute mode permission conversion process is:
rwx: 0400 + 0200 +0100 (the file is readable, writable, and executed) = 0 7 0 0
r--: 0 0 4 0 (readable by genus group users) = 0 0 4 0
r--: 0 0 4 0 (readable by genus group users) = 0 0 4 0
0 7 4 4
It can also be calculated like this:
The corresponding octal value is as follows, if there is corresponding authority, the value is added, and if there is none, zero is noted.
File belongs to the master: r w x:4 + 2 + 1
Genus group user: r w x: 4 + 2 + 1
Other users: r w x: 4 + 2 + 1
temp files have permissions:
r w x r - - r - -
4+2+1 4 4
Add the corresponding permissions together, which is 744
It can be seen that the maximum permission value that a file owner, a group user and other users can have is 7.
Commands to change permissions such as:
$chmod 744 temp
$ls -l temp
Results:
-rwxr--r-- 1 wjr root 0 2008-09-21 16:40 temp
Command:
$chmod 766 temp
$ls -l temp
Results:
-rwxrw-rw- 1 wjr root 0 2008-09-21 16:40 temp
It can also be set with the file in the subdirectory by using the -R option:
$chmod -R 664 /temp/*
In this way, all files in the /temp directory and the files in each subdirectory can be read and written by the main and group users, and only read by other users. Use the R option with caution and only use it if you need to change the permissions of all files in the directory tree. |
Posted on 1/12/2016 9:10:28 PM
|
|
|
