Linux File Permissions

For example, you can run ls-l to view files on Linux:

Drwxr-xr-x 5 root root 114 5月 20 11:4851la-dwz drwxr-xr-x. 9 root root 148 5月 19 11:06 App drwxr-xr-x 4 root root 48 2月 19 15:45 design-rwxrwxx 1 root root 365 5月 28 10:34 generate. Sh drwxr-xr-x. 2 root *r*oot 4096 9月 25 2019 install drwxr-xr-x. 4 mysql mysql 30 9月 25 2019 mysql drwxr-xr-x 2 root root 22 4月 22 11:06 scirptCopy the code

What does that lump of drwxr-xR-x stand for?

This is actually a file permission property,

explain

In simple terms, the file permission attribute indicates whether it is a file or a folder by ten letters, the read, write, and execute permissions of the root user, the read, write, and execute permissions of the same group of users, and the read, write, and execute permissions of other users. Read permission: R (Read), Write permission: W (Write), Execute permission: x(Execute)

The first letter indicates the file type. If this letter is a minus sign “-“, it indicates that the file is a normal file. The last nine letters are divided into three groups. The second to fourth digits indicate the operation permission of the root user, the fifth to seventh digits indicate the operation permission of the same group user, and the remaining three digits indicate the operation permission of the current user. The one who doesn’t have access is called –

For example

For example, if the file 51la-dwz has the drwxr-xr-x permission, it is a folder. The root user has the read and write permission, and the same group of users has the read and execute permission. Other users only have the execute permission. The file permission of generate.sh is -rwxrwxrwx, indicating that it is a file and all users have read, write and execute permissions. But be aware that this is very insecure, vulnerable to attack.

How do I change file permissions

1. Modify file/folder permissions by modifying permission values

In Linux, we tend to change the permissions of a file or folder by changing the permissions number

How to express permissions numerically

A very simple way, for example, as the root user, have permissions, read and write, execute, namely RWX, is represented by the binary bit permission, if there is 1, is 0, if there is no, read permission, namely RWX, can be represented by the binary 111, converted to the decimal 7. Similarly, if the same group of users have r-x permissions, it can be represented as binary 101, which is 5 in decimal, and if other users have R –, it can be represented as binary 100, which is 4 in decimal. The permissions of this file can be expressed as 754 numerically

How to modify file permissions

You can change the permission to the file/folder in the form of chmod XXX file. XXX is the numerical permission value, as shown in 754. File is the file name or file path, as shown in generate.sh

If I wanted to change the permission to generate.sh to -rwxr-xr– I could change it to chmod 754 generate.sh.

However, it should be noted that the modification of permissions must be careful, involving security issues. In particular, some people want to open the execution permission, read some articles online that chmod 777 added permission, but remember that the result is that anyone can execute, so sometimes the consequences are devastating

2. Modify file/folder permissions in general format

Chmod [optional]


I want to set up all user readable file A.conf

Chmod ugo+r a.conf or chmod a+r a.conf

Confused? You will understand after reading the following, we mainly focus on the middle part of the authority, such as ugo+ R or a+ R, each letter and symbol has a specific role

Parameter Description: [Optional] -c, --changes like verbose but report only when a change is made -f, --silent, --quiet suppress most error messages -v, --verbose output a diagnostic for every file processed --no-preserve-root do not treat '/' specially (the default) --preserve-root fail to operate recursively on '/' --reference=RFILE use RFILE's mode instead of MODE values -R, Make the same permission changes to all files and subdirectories in your current directory recursively --help displays this help information --version Displays version information [mode] Permission setting string in the following format: [ugoa...] [[+-=][rwxX]...] [,...]. , of which [ugoa...]. U represents the owner of the file, G represents those who belong to the same group as the owner of the file, O represents other people, and A represents all (including the above three). [+-=] + adds the permission, - cancels the permission, and = uniquely sets the permission. [rwxX] r indicates that the file is readable, w indicates that the file is writable, x indicates that the file is executable, and x indicates that the file is executable only if the file is a subdirectory or has been configured to be executable.

[file...] File list (single or multiple files, folders)

Copy the code

For example, grant read permission to all users, grant write permission to root users and group users, and grant write permission to other users. This can be expressed as follows:

chmod a+r,ug+w,o-w a.conf

This article is formatted using MDNICE