A, What.

How many access permissions do files or directories have on Linux?

On Linux, each file or directory has four types of access rights: readable (R), writable (W), executable (x), and no permission (-).

Permission to name Meaning for the file Meaning for the directory
r You can read the contents of the file You can view the complete file information in this directory
w You can edit the file contents You can change all files and directories in this directory, that is, you can change the structure list in this directory (this should be paid attention to) specific rights as follows: You can create new files or directories in this directory; You can delete existing files or directories in this directory (regardless of the file’s permissions, be careful !!!!) You can rename and change the location of files or directories.
x In Windows, the executable permission of a file is indicated by an extension, such as exe, bat, etc. In Linux, the executable permission of a file is determined by the x, which has nothing to do with the file name. Directories do not have executable permissions, so the function of x in a directory is to allow other users to enter the directory.

What is the basic principle of permission control in Linux?

In Linux, all of our operations are essentially processes accessing files. Access to files requires access permission, which is obtained through the security model in the Linux system. If you want to learn more about security modeling, please go to

www.infoq.com/cn/articles…


Second, according to.

When do we need to set access rights?

When developing or deploying management projects in Linux, you need to set related permissions to share files with others and make them accessible to the outside world to avoid leaking important information, deleting or modifying important files.


Third, How.

How do I view permissions on files or directories?

You can run ls -l to view the permission of a file or directory under the current directory. Ls -l fileName to view the permission of a file or directory named fileName. The first field in the command execution result indicates the permission, which is a total of 10 characters. For example:

-rwxr-xr-xCopy the code
  • Bit 1: indicates the file type. – indicates the file. D indicates the directory
  • Bits 2 to 4: indicates the u permission of the file owner
  • Bit 5-7: indicates the g permission of the member in the group to which the file owner belongs
  • 8-10 bit: indicates the o permission of users outside the owner’s group
  • Bits 2-10: Sum of permissions sometimes called A permissions

How do I change the permission of a file or directory?

1. Modify permissions through digital representation

Numerical representation: x, w, r with 1, 2, 4 respectively to represent the grant of permission, not granted is 0. Such as:

Original jurisdiction Convert to numbers Numerical representation On behalf of the meaning
rwx–xr-x (421) (001) (401). 715 17 + 2 + 1, 1, 0 + 0 + 1, 5:4 + 0 + 1

Run the chmod num fileName command to change the permission of a file or directory named fileName to the permission of the num number, for example:

chmod 777 testCopy the code

Grant the test file RWXRWXRWX permission, that is, grant read, write, and execute permissions to the file owner, members of the group to which the owner belongs, and members outside the group.

chmod 777 /test/ *Copy the code

Grant the RWXRWXRWX permission to all files in the test directory in the root directory. That is, you can grant read, write, and execute permissions to the file owner, members of the owning group, and members outside the group.

2. Modify permissions through text representation

Text representation: 2-4 (owner), 5-7 (group), 8-10 (other members), 2-10 (all) four types of users, respectively represented by u, g, o, a, permissions are still using r, w, x, said by =, -, +, respectively for the specified user group to develop new permissions, decrease the permissions Settings, set permissions increases.

Run the chmod text fileName command to perform a permission operation for a file or directory named fileName as text, for example:

chmod u+x,g-x,o=x testCopy the code

Add execute permission to the owner of the test file, reduce execute permission for group members, and set other members to execute permission.

chmod u+x,g-x,o=x /test/ *Copy the code

Add the execute permission to the owners of all files in the test directory under the root directory, reduce the execute permission to the group members, and set the execute permission to other members.

3. Set the default permissions for new files or directories

> By setting default permissions, you can avoid creating files or directories with too small or too large permissions.Copy the code

The default permissions are controlled by setting a permission mask for four octal digits. In general, the default permissions are 0666 for new files and 0777 for new directories. If the permission mask is set to 0022, the default permission for each new file is 0666-0022=0644, and the default permission for the directory is 755.

Run the umask command to view the current permission mask. Run the umask num command to change the permission mask to num, for example:

umask 0002Copy the code

Indicates that the permission mask is set to 0002. When you create a new file or directory, the default file or directory permission is 0666-0002=0664, and the default directory permission is 0777-0002=0775.