When creating a file, the system saves all information about the file, including: • The location of the file. • file type. • File length. • Which user owns the file and which users can access the file. • i node. • The modification time of the file. • The permission bit of the file. Let us create a file with the touch command:
Code: $ Touch Temp
Create an empty file, now use the ls -l command to view the properties of the files in the directory (I use the Chinese version here): as follows:
Code: [root @ Linux_chenwy Temp] # ls -l Total 36 -RW-R - R - ROOT ROOT 34890 October 19 20:17 httpd.conf -rw-r - r - 1 root root 0 October 19 20:16 Temp
Code: Total Delive 36: It is the number of bytes (in K) listed in the entry listed in LS. 1 The number of hard links of this file. The owner of the root file. The default group (also called R o O t) of the owner R O T of the root file. 34890 The length of the file represented by bytes, remember, not k bytes! October 19 20:17 file update time. Temp or httd.conf file name.
Sunsroad Writes: BTW: To check the space occupied by the directory All files should be used: du. For example, how to calculate the previous 36: First we must first understand how much the IO Block (Chinese called cluster) of the file system you use, the IO Block size of this file system you use is 4096 bytes. He is the smallest read and write and allocation unit of the file system, you can't be less than this size each time you read and write. Even if your file is only one byte. And the storage of files on the hard disk is also this unit, that is, if the file size is less than this value, it is 4096 bytes on the disk. The specific algorithm of the occupied space is: (Part (Document Size / 4096)) × 4096. According to this, you can calculate the space usage of the files you listed in the example: 34890 divided by 4096, approximately equal to 8.5, the import method is 9, that is, the document takes up 9 blocks on the disk, each Block is 4K, so the space occupied by these two files is 36K. This rule is also suitable for the directory, but it will not appear 0 directory, even if it is a empty directory
-rw-r - r -: This is the permission bit of the file. The first horizontal bar: specifies the file type, indicating that the file is an ordinary file. (The vast majority of the files created is a normal file or symbolic link file). Remove the front horizontal bar, a total of 9 characters, they respectively correspond to 9 rights. By these permission bits, the user's access to the file can be set. The exact explanation of these two files is:
Code: rw-: The top three, the file is the main readable, write r -: three in the middle, the same group users can read R -: The last three, other users can only read
Temp does not give execution permissions when it is created, and when the user creates a file, the system does not automatically set the execution rights. This is for the strengthening of system security considerations BTW: The owner of the file is not the default group where the file owner is located, but can be the first one mentioned earlier as the user group file type independent of the file owner. The bar, indicating that the file is seven in the ordinary file type file type, which can be seen from the first bit of the result listed in the ls -l command. Seven types:
Code: d Directory. l Symbol link (pointing to another file). S socket file. B block device file. C character device file. p Named pipe file. - Ordinary document, or more accurately, not with several types of files. There is three right points in each set of characters in the permission bit of the file: Code: R Read Permissions W Write / Change Permissions x Permission to execute this script or program, such as:
Code: r ----- 文 文件 属 属 属, but cannot write or execute R-r - --- text file owner and the same group user (generally, it is the owner of the file The default group) readable R-R - R- - Wen any user readable, but can not write or execute RWX R-R-RWX RWX, written, write, execute, the same group users and Other users can only read RWX RX --- text file owner readable, write, execute, and the same group user readable, execute RWX RX R-X text file owner readable, write, execute, group users and other users Readable, execute rw- rw- --- text file owner and the same group user readable, write RW-RW-R-- text file owner and the group user readable, write, other users can read RW-rw ---- 文 文 文件 属 属 属 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 权 用户 用 用 用 用 用 用 用 用 用户 文件 文件 文件
Sunsroad Writes: The owner group of the file is not the default group where the file owner is located, but can be any user group that is not related to the owner of the file. Use chmod to change the right limit this command with symbol mode and absolute mode. The general format of the symbol mode chmod command is: chmod [who] Operator [permission] FileName W H o The meaning of:
Code: u Files are primary permissions. g from the same group user permissions. o Other user privileges. A All users (file owners, group users, and other users). The meaning of o P e r a t o r:
Code: Add permissions. - Cancel permissions. = Set permissions. The meaning of P e r m i s s I o n:
Code: R read permissions. W Write permissions. x Execute Permissions. S file owner and group set-id. T viscous position *. l Plus files to make other users cannot access. U, g, O for the file owner, the same group user, and other users. * When a column file or directory, sometimes the "T" bit will be encountered. "T" represents the viscous position. If a "T" bit appears on a directory, this means that the file in the directory can only be deleted, even if a group user has the same permissions and the owner. However, some systems are not very strict in this rule. If "T" is seen when the file list, this means that the script or program will be placed in the switching area (virtual memory). I haven't figured out that this is "sunsroad" explanation for "t".
Sunsroad Writes: "T" permission is meaningless in the file, not what is in the exchange area concept, it is not related to the execution of the file, but mainly for file sharing settings. E.g
Code: Chmod AX Temp // RW- RW-RW-Recruit all users' permissions CHMOD OG-W TEMP // RW- R - R- - Return the same group user and other user write rights CHMOD G W TEMP / / rw- rw- r - 同 同 用户 用户 写 权 写 r 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户 用户Other users have such authority when creating a TEMP file:
Code: -rw-r - r - 1 root root 0 October 19 20:16 Temp If you want to make the owner and the same group of users have execution permissions, and cancel other users (all other users) write permissions, use:
Code: $ chmod ug x Temp $ chmod ow Temp This file's permissions becomes: -rwxr - r - 1 root root 0 October 19 20:16 Temp now has made the file owner to Temp files With the permissions of reading, write execution, the same group users have really read and write permissions, and other users have no permissions. The general form of the absolute mode CHM D command absolute mode is: chmod [mode] file where M O D E is an octal number. In absolute mode, the authority portion has different meaning. Each permission bit is represented by an octal number, such as
Code: 0 4 0 0 file owner can read 0 2 0 0 file owner can write 0 1 0 0 file owner can perform 0 0 4 0 Phase User read 0 0 2 0 The same group can write 0 0 1 0 Group User Executive 0 0 0 4 Other Users Read 0 0 0 2 Other Users Write 0 0 0 0 1 Other Users can execute when setting permissions, simply in accordance with the file owner, the same group Users and other users have the number of permissions, and add them, which is the corresponding permissions. It can be seen that the maximum weight limit that the file owner, the same group user, and other users can have 7. Let's take a look at the example:
Code: -rwxr - r - 1 root 0 October 19 20:16 Temp The appropriate permissions are:
Code: RWX-: 0400 0200 0100 (file owner can read, write, execute) = 0 7 0 0 r -: 0 0 4 0 (in group user readable) = 0 0 4 0 r -: 0 0 4 0 (the group user readable) = 0 0 4 0 0 7 4 4 There is a better way to calculate the eight-en-authority, as follows:
Code: Document Lord: RWX: 4 2 1 Group User: RWX: 4 2 1 Other users: RWX: 4 2 1 This phase, more easily calculate the corresponding permission value, as long as The number of the file owner, the group users and other users can add the numbers below the corresponding permissions. The TEMP file has such authority:
Code: R w x R - - R - - 4 2 1 4 4 adds the value corresponding to the right limit, is 7 4 4. Such as:
Code: chmod 666 rw- rw- rw- Give all users read and write permissions CHMOD 644 RW- R - R- - Give all files to the main reading and writing permissions, all other users read the right CHMOD 744 RWX R - R- - Give the file belong to the main reading, write and execution of permissions, all other users read the authority CHMOD 664 RW-RW- R- - 文件 属 属 属 属 属 主 读 读 读 读 读 读 读 读 读 读 读 读 读 读 读 读 读RWX --- 文件 文件 主 主 主 属 4 4 4 4 4 4 读 读 读 读 读 读 用户 读 读 用户 读 读 下 例 例 例 一 例 例 例 例 例Permissions:
Code: -rw-rw-r - 1 root 0 October 19 20:16 Test1 Now I want to read, write and execute the file, and the root group user reads read only the file, you can type:
Code: $ chmod 740 TEST1 $ ls -l -rwxr ----- 1 Root 0 October 19 20:16 Test1 If the file readable, write and execute, read only all other users, using:
Code: $ chmod 744 TEST1 $ ls -l -rwxr - r - 1 root 0 October 19 20:16 Test1 If you want to set the permissions of all files in the directory, you can use: Code: $ chmod 664 * $ ls - l -rw-r - r - 1 Root Member 19 20:16 Test1 This will make the file owner and the same group of users with read and write permissions, and other users have only read rights. You can also set with the files in the subdirectory by using the - R option:
Code: chmod -r 664 / temp / * This will set all the files in / temp directory together with all the files in each sub-directory to read and write, other users read only . Use - R option must be cautious, only if you need to change all file permissions under the directory tree. The permission bit of the directory directory is different. The read rights of the catalog means that the contents can be listed. Write rights means that you can create files in this directory, and if you don't want other users to create files in your directory, you can cancel the corresponding write-weight limit. Execution rights means searching and accessing the directory.
Code: R: You can list files in the directory W: You can create or delete files in this directory x: You can search or enter the directory permissions file belong to other users of the same group
Code: Drwx RWX R- X (775) is the main reading, writing, execution, the same group reading, writing, execution, other group read, executing DRWX RX R- - (754) belongs to the main reading, writing, execution, and group reading , Execute, other group read DRWX RX R- X (755) primary read, write, execute, the same group read, execute, other group read, execute if the peer user or other user is set to a directory permission to - - x, then they will not be able to list files in the directory. If there is a script or program that performs location bit, as long as the user knows its path and file name, it can still execute it. Users cannot enter the directory and do not hinder his execution. The permissions of the directory will overwrite the permissions of files in this directory. For example, if the directory TEMP has the following permissions:
Code: DRWXR - R - 1 Admin Saver November 19 20:16 Temp and the permissions of the file MyFile in the directory:
Code: -rwxrwxrwx 1 Admin SOMMOM 9 20:16 MyFile The user will not be able to edit this file because the directory it belongs does not have such permissions. This file is readable for any user, but because the directory there is not given the execution permission to the user of the Admin Group, the user will not be able to access the directory, they will get "access restriction" error messages .
