Linux permission commands: 1. chgrp command, used to modify the group belonging to files and directories; 2. chown command, used to modify the owners and groups belonging to files and directories; 3. chmod command, can be modified Permissions of files or directories; 4. The umask command can make newly created files and directories have default permissions.
#The operating environment of this tutorial: CentOS 6 system, Dell G3 computer.
Linux chgrp command: Modify the group ownership of files and directories
The chgrp command is used to modify the group ownership of files (or directories).
To make it easier for beginners to remember, chgrp can be understood as the abbreviation of "change group".
The usage of the chgrp command is very simple. Its basic format is:
[root@localhost ~]# chgrp [-R] 所属组 文件名(目录名)
-R
(note that it is capitalized). The option is used to change the directory. The group that represents the change together with the group information of all files in the subdirectory.
One thing to note when using this command is that the group name to be changed must actually exist, otherwise the command cannot be executed correctly and "invaild group name" will be prompted.
For example, when logging in to the Linux system as root, there will be a file named install.log in the home directory. We can use the following method to modify the group to which this file belongs:
[root@localhost ~]# groupadd group1 #新建用于测试的群组 group1 [root@localhost ~]# chgrp group1 install.log #修改install.log文件的所属组为group1 [root@localhost ~]# ll install.log -rw-r--r--. 1 root group1 78495 Nov 17 05:54 install.log #修改生效 [root@localhost ~]# chgrp testgroup install.log chgrp: invaild group name 'testgroup'
It can be seen that under the premise of having group1 group, we successfully modified the group to which the install.log file belongs. However, when we tried to modify the group to testgroup again, the command execution failed because of the system's /etc/ In the group file, there is no testgroup group.
Linux chown command: Modify the owner and group of files and directories
The chown command can be considered the abbreviation of "change owner" , mainly used to modify the owner of a file (or directory). In addition, this command can also modify the group to which a file (or directory) belongs.
When you only need to modify the owner, you can use the following basic format of the chown command:
[root@localhost ~]# chown [-R] 所有者 文件或目录
-R
(note the capital letters) option representation Along with all files in the subdirectory, change the owner.
If you need to change the owner and the group you belong to at the same time, the basic format of the chown command is:
[root@localhost ~]# chown [-R] 所有者:所属组 文件或目录
Note that in the chown command, there are also You can use dot (.), but there will be a problem. If the user adds a decimal point (such as zhangsan.temp) when setting the account, it will cause the system to misjudge. Therefore, it is recommended that you use colons to connect the owner and the group it belongs to.
Of course, the chown command also supports simply modifying the group to which a file or directory belongs. For example, chown :group install.log means modifying the group to which the install.log file belongs. However, the chgrp command is usually used to modify the group, so It is not recommended that you use the chown command.
Another thing to note is that when using the chown command to modify the owner (or owner) of a file or directory, you must ensure that the user user (or user group) exists, otherwise the command cannot be executed correctly and will Prompt "invalid user" or "invaild group".
[Example 1]
In fact, modifying the owner of a file is mostly to obtain higher permissions. Here is an example:
[root@localhost ~]# touch file #由root用户创建file文件 [root@localhost ~]# ll file -rw-r--r--. 1 root root 0 Apr 17 05:12 file #文件的所有者是root,普通用户user对这个文件拥有只读权限 [root@localhost ~]# chown user file #修改文件的所有者 [root@localhost ~]# ll file -rw-r--r--. 1 user root 0 Apr 17 05:12 file #所有者变成了user用户,这时user用户对这个文件就拥有了读、写权限
As you can see, By modifying the owner of the file file, the user user changes from another person's identity (only having read permissions to the file) to the owner's identity, having read and write permissions to the file.
[Example 2]
In the Linux system, the division of user level permissions is very clear. The root user has the highest permissions and can modify the permissions of any file, while ordinary users can only modify themselves. The permissions of the file (the owner is its own file), for example:
[root@localhost ~]# cd /home/user #进入user用户的家目录 [root@localhost user]# touch test #由root用户新建文件test [root@localhost user]# ll test -rw-r--r--. 1 root root 0 Apr 17 05:37 test #文件所有者和所属组都是root用户 [root@localhost user]# su - user #切换为user用户 [user@localhost ~]$ chmod 755 test chmod:更改"test"的权限:不允许的操作 #user用户不能修改test文件的权限 [user@localhost ~]$ exit #退回到root身份 [root@localhost user]# chown user test #由root用户把test文件的所有者改为user用户 [root@localhost user]# su - user #切换为user用户 [user@localhost ~]$ chmod 755 test #user用户由于是test文件的所有者,所以可以修改文件的权限 [user@localhost ~]$ ll test -rwxr-xr-x. 1 user root 0 Apr 17 05:37 test #查看权限
You can see that the user user does not have the right to change the permissions of the file whose owner is the root user. Only ordinary users are the owners of this file. File permissions can be modified.
[Example 3]
[root@localhost ~]# chown user:group file [root@localhost ~]# ll file -rw-r--r--. 1 user group 0 Apr 17 05:12 file
chmod command: modify the permissions of a file or directory
chmod command sets file permissions There are two ways, you can use numbers or symbols to change permissions.
1. The chmod command uses numbers to modify file permissions
In the Linux system, the basic permissions of a file consist of 9 characters. Taking rwxrw-r-x as an example, we can Use numbers to represent each permission. The corresponding relationship between each permission and the number is as follows:
r --> 4
w --> 2
x --> 1
Since these 9 characters belong to 3 types of users, each user identity contains 3 permissions (r, w, x). By combining the numbers corresponding to the 3 permissions Accumulated, the final value can be used as the permissions of each user.
Take rwxrw-r-x as an example. The permission values corresponding to the owner, the group to which it belongs and other people are:
Owner = rwx = 4 2 1 = 7
Group = rw- = 4 2 = 6
Others = r-x = 4 1 = 5
So, the permission value corresponding to this permission is 765.
使用数字修改文件权限的 chmod 命令基本格式为:
[root@localhost ~]# chmod [-R] 权限值 文件名
-R
(注意是大写)选项表示连同子目录中的所有文件,也都修改设定的权限。
例如,使用如下命令,即可完成对 .bashrc 目录文件的权限修改:
[root@localhost ~]# ls -al .bashrc -rw-r--r--. 1 root root 176 Sep 22 2004 .bashrc [root@localhost ~]# chmod 777 .bashrc [root@localhost ~]# ls -al .bashrc -rwxrwxrwx. 1 root root 176 Sep 22 2004 .bashrc
再举个例子,通常我们以 Vim 编辑 Shell 文件批处理文件后,文件权限通常是 rw-rw-r--(644),那么,如果要将该文件变成可执行文件,并且不让其他人修改此文件,则只需将此文件的权限该为 rwxr-xr-x(755)即可。
2、chmod命令使用字母修改文件权限
既然文件的基本权限就是 3 种用户身份(所有者、所属组和其他人)搭配 3 种权限(rwx),chmod 命令中用 u、g、o 分别代表 3 种身份,还用 a 表示全部的身份(all 的缩写)。另外,chmod 命令仍使用 r、w、x 分别表示读、写、执行权限。
使用字母修改文件权限的 chmod 命令,其基本格式如下图所示。
例如,如果我们要设定 .bashrc 文件的权限为 rwxr-xr-x,则可执行如下命令:
[root@localhost ~]# chmod u=rwx,go=rx .bashrc [root@localhost ~]# ls -al .bashrc -rwxr-xr-x. 1 root root 176 Sep 22 2004 .bashrc
再举个例子,如果想要增加 .bashrc 文件的每种用户都可做写操作的权限,可以使用如下命令:
[root@localhost ~]# ls -al .bashrc -rwxr-xr-x. 1 root root 176 Sep 22 2004 .bashrc [root@localhost ~]# chmod a+w .bashrc [root@localhost ~]# ls -al .bashrc -rwxrwxrwx. 1 root root 176 Sep 22 2004 .bashrc
umask命令:令新建文件和目录拥有默认权限
Linux 通过使用 umask 默认权限来给所有新建的文件和目录赋予初始权限的。
那么,我们如何得知 umask 默认权限的值呢?直接通过 umask 命令即可:
[root@localhost ~]# umask 0022 #root用户默认是0022,普通用户默认是 0002
umask默认权限的修改方法
umask 权限值可以通过如下命令直接修改:
[root@localhost ~]# umask 002 [root@localhost ~]# umask 0002 [root@localhost ~]# umask 033 [root@localhost ~]# umask 0033
不过,这种方式修改的 umask 只是临时有效,一旦重启或重新登陆系统,就会失效。如果想让修改永久生效,则需要修改对应的环境变量配置文件 /etc/profile。例如:
[root@localhost ~]# vim /etc/profile ...省略部分内容... if [ $UID -gt 199]&&[ "'id -gn'" = "'id -un'" ]; then umask 002 #如果UID大于199(普通用户),则使用此umask值 else umask 022 #如果UID小于199(超级用户),则使用此umask值 fi …省略部分内容…
这是一段 Shell 脚本程序,不懂也没关系,大家只需要知道,普通用户的 umask 由 if 语句的第一段定义,而超级用户 root 的 umask 值由 else 语句定义即可。 修改此文件,则 umask 值就会永久生效。
相关推荐:《Linux视频教程》
The above is the detailed content of What is the linux permission command?. For more information, please follow other related articles on the PHP Chinese website!