CS计算机代考程序代写 database file system gui flex cache Introduction to Linux, Users, and Permissions

Introduction to Linux, Users, and Permissions
IFN507 Lecture 9
This Photo by Unknown Author is licensed under CC BY-NC-ND

Lecture Overview
Introduction to Linux
Linux Basics
Shells
File system structure and basic navigation
Useful commands
Managing software
Getting help
User and Group Administration
File, Directory, and Special Permissions
2

Introduction to Linux
3

Operating system (OS)
Hardware
Software
Application programs for a specific use and user interfacing
OS: software used to control the hardware of the computer
Device drivers
User interface:
GUI or CLI
4

Figure 1-1: The role of operating system software.

Source from: Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition.

Linux Operating System
Linux: OS used to run a variety of applications on a variety of different hardware components
Linux is published under the GNU Public License. It is referred to as Open-Source Software (OSS)
Multiuser and multitasking OS
Ability to manage thousands of tasks at the same time
Allows multiple users to access the system simultaneously
Linux is an OS whose kernel and additional software are freely developed and improved upon by a large community of software developers
5
Linux:用于在不同的硬件组件上运行各种应用程序的操作系统

Linux是在GNU公共许可证下发布的。它被称为开源软件(OSS)

多用户多任务操作系统

能够同时处理数千项任务

允许多个用户同时访问系统

Linux是一种操作系统，它的内核和附加软件是由大型软件开发人员社区自由开发和改进的

Versions of the Linux Operating System
Linux kernel:
Core component of Linux OS
Written in C
Important to understand Linux kernel version numbers to decide which version is
Kernel version, e.g. 4.17.6.1
Major number => 4
Minor number => 17
Revision number => 6
Bug patch => 1
Kernel type
Production kernel
Developmental kernel

Linux Advantages
Security
Meeting business needs with available common software
Stability
Flexibility for different hardware platforms
Ease of customisation
Ease of obtaining support
Cost reduction

7
安全

用可用的通用软件满足业务需求

稳定

不同硬件平台的灵活性

易于定制

易于获得支持

降低成本

History of Linux
Linux first developed Linux in 1991 by Linus Torvalds to create a new free OS kernel. The resulting Linux kernel has been marked by constant growth throughout its history.

Figure 1-4: Timeline of UNIX and Linux development.

Source from: Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition.

Distributions of Linux (Distros)
Distros contain the commonly developed Linux OS kernel and libraries along with other software
Well-known distributions:
Red Hat, openSUSE, Debian, Ubuntu, Gentoo, Linux Mint, Arch and countless others
The core component of the GUI in Linux is referred to as X Windows.
Numerous GUI environments
GNOME3
KDE Plasma 5
Cinnamon
Pantheon
Xfce
The list goes on…

Source: https://distrowatch.com/images/other/periodic-table-of-distro.png
10

Common Uses of Linux
Linux may be customized for a variety of companies in a variety of situations
Workstation services: services used on a local computer
Server services: services made available for other computers across a network
Some common users of Linux
Internet servers
File & print servers
Cloud systems
Supercomputers
Mobile devices, etc.

11
Linux可以根据不同的情况为不同的公司定制

工作站服务:在本地计算机上使用的服务

服务器服务:网络上其他计算机可用的服务

一些Linux的普通用户

网络服务器

文件和打印服务器

云系统

超级计算机

移动设备等等。

Linux Basics
12
This Photo by Unknown Author is licensed under CC BY-NC

Basic Linux Usage
Different types of user interface
CLI (Shell)/GUI
Basic tasks
Command execution
Navigating the file system
The root user
Managing software
Useful commands
Where to get help?
We will reference Ubuntu 18.04 LTS in this unit

13
不同类型的用户界面

CLI(壳)/ GUI

基本任务

命令执行

浏览文件系统

根用户

管理软件

有用的命令

去哪里寻求帮助?
我们将在本单元中引用Ubuntu 18.04 LTS

Interaction with Linux
Kernel:
The core component of the OS is called the kernel
The kernel is an executable file called vmlinuz located in /boot directory on the hard disk and loaded when turning on the computer.
Terminal:
The channel allowing users to log on to the kernel locally or across a network
Linux can have many terminals that allow you to log in to the computer locally or across a network
BASH Shell (Bourne Again Shell): default Linux shell

14
内核:

操作系统的核心组件称为内核

内核是一个名为vmlinuz的可执行文件，位于硬盘的/boot目录下，在打开计算机时加载。
终端:

允许用户在本地或通过网络登录到内核的通道

Linux可以有许多终端，允许您在本地或通过网络登录到计算机

BASH Shell (Bourne Again Shell):默认的Linux Shell

Shells and Terminals and Kernels
15

Terminal
Shell

Kernel

Basic Shell Commands
Commands: indicate the name of program to execute
Case sensitive
Options: specific letters starting with a dash “-” and appear after command name
Alter the way the command works
Some options start with 2 dashes (–); these options are referred to as POSIX (Portable Operating System Interface) options and are usually composed of a whole word, not just a letter.
Arguments: specify a command’s specific working parameters
Do not start with a dash

16
Commands:要执行的程序的名称

区分大小写的

选项:以破折号“-”开头的特定字母，出现在命令名称之后

改变命令的工作方式

有些选项以2破折号(——)开头;这些选项被称为POSIX (Portable Operating System Interface)选项，通常由整个单词组成，而不仅仅是一个字母。

参数:指定命令的具体工作参数

不要以破折号开头

Commands, Options, and Arguments
Command:
ls
Options:
-lah
Long listing format
Show all files
Human readable sizes
Argument
/etc
Execute the ls command and show the /etc folder listing
17

长清单格式

显示所有文件

人类可读的大小

Some common Linux commands
18
Command Description
pwd Displays the full pathname of the current working directory
clear Clears the terminal screen
who Displays currently logged-in users
w Displays current logged-in users and their tasks
whoami Displays your login name
date Displays the current date and time
cal Displays the calendar for the current month
ls Lists files
exit Exits out of the current shell
reboot Reboots the system immediately
poweroff Shuts down the system immediately
cd Change directory/folder
rmdir Remove directory/folder
mkdir Make directory/folder
mv Moves/renames files and directories
cp Copies files and directories full of files (with the -r or –R option)
rm Removes files and directories full of files (with the -r or –R option)

Linux File System Hierarchy
19

File system root represented by the / character

Linux by filesystem hierarchy standard (FHS) directories defined
20
Directory Description
/bin Contains binary commands for use by all users
/boot Contains the Linux kernel and files used by the boot loader
/dev Contains device file
/etc Contains system-specific configuration files
/home Is the default location for user home directories
/lib Contains shared program libraries and kernel modules
/media A directory that contains subdirectories used for accessing (mounting) filesystems on removable media devices such as DVDs, and USB flash drives
/mnt An empty directory used for temporarily accessing filesystems on removable media devices
/opt Stores additional software programs
/proc Contains process and kernel information
/root Is the root user’s home directory

Linux directories define by filesystem hierarchy standard (FHS) – cont.
21
Directory Description
/sbin Contains system binary commands (used for administrator)
/sys Contains configuration information for hardware devices on the system
/tmp Holds temporary files created by programs
/usr Contains most system commands and utilities
/usr/local Is the location for most additional programs
/var Contains log files and spool

Change Directory
22
Home directory
Unique to each user account
The ~ metacharacter can be used to refer to home directory
Print working directory (pwd) command
Displays current directory in the directory tree

主目录

每个用户帐户都是唯一的

~元字符可用于引用主目录

打印工作目录(pwd)命令

Change Directory continued…
23
Change directory (cd) command
Change the current directory
specify no destination directory, the cd command returns you to your home directory
Parent directory
Directory one step closer to the root of the tree
Referred to by two dots (..)

更改目录(cd)命令

更改当前目录指定没有目标目录，cd命令将返回您的主目录

父目录

目录更接近树的根

由两个点指代(..)

Change Directory continued…
24
Absolute paths
/home/cab440
Relative paths
Pathname of target file or directory relative to current directory
../home/cab440
./home/cab440
Tab-completion
Pressing the Tab key fills in remaining characters
BASH shell feature
Alerts user if there is more than one possible match

Parent directory
Relative pathname

绝对路径

/home/cab440

相对路径

. . / home / cab440

/ home / cab440

tab补齐

按Tab键填充剩余字符

BASH shell功能

如果有多个可能的匹配，提醒用户

File Types
A directory: organizes files into an easy-to-use format
Text file: contains configuration information
Binary data file: stores information such as common functions and graphics
Linked files: file that has an association with one another
目录:将文件组织成易于使用的格式

文本文件:包含配置信息

二进制数据文件:用于存储常用功能、图形等信息

链接文件:彼此有关联的文件
25

File Types continued…
Special device file: file that represents different devices on the system
Named pipe file: identifies channels that pass information from one process in memory to another
Socket file: allows a process on another computer to write to a file on the local computer while another process reads from that file
特殊设备文件:表示系统中不同设备的文件

命名管道文件:标识将信息从内存中的一个进程传递到另一个进程的通道

Socket文件:允许另一台计算机上的进程写入本地计算机上的文件，同时另一个进程读取该文件
26

Filenames

Filename
Identifier given to a file
Up to 255 characters (rarely longer than 20 characters)
Alphanumeric characters, underscore (_), dash (-), and period (.)
Spaces are allowed, you must escape them with the backslash (\) when referencing them
Filename extensions
Identifiers following a period (.) at end of filename
Indicate file type
Most files on Linux do not have filename extensions

27
文件名

给文件的标识符

最多255个字符(很少超过20个字符)

字母数字字符、下划线(_)、破折号(-)和句号(.)

允许使用空格，在引用它们时必须使用反斜杠(\)进行转义

文件扩展名

在文件名末尾的句点(.)后面的标识符

显示文件类型

Linux上的大多数文件没有文件名扩展名

Listing files

ls command: displays files in a directory
ls –F command appends a special character at the end of each filename displayed to indicate the type of file, e.g.
@ symbol indicates a linked file
/ indicates a subdirectory
ls –l command can be used to provide a long listing for each file in a certain directory

Directory
Symbolic link
File type
ls -F命令在显示的文件名后面附加一个特殊字符，表示文件的类型。

符号表示一个链接的文件

/表示子目录ls -l命令可用于为特定目录中的每个文件提供一个长列表

Listing files continued…

File components
File type character
List of permissions on the file
Hard link count
Owner of the file
Group owner of the file
File size
Most recent modification time
Filename

Directory
Symbolic link
File type
文件组件

文件类型的角色

文件上的权限列表

硬链接数

文件的所有者

文件的组所有者

文件大小

最近修改时间

文件名

Listing Files continued…
The file command File command: displays file type of any file
Argument indicates what file or files to analyze
Identifies between different types of executable files
Identifies empty files

file命令file命令显示任意文件的文件类型

参数指示要分析的文件

标识不同类型的可执行文件

识别空文件

Listing Files continued…
Hidden files: files not normally displayed to user
Configuration files often hidden
Filenames start with a dot (.)
ls –a command: displays hidden files

隐藏文件:通常不显示给用户的文件

配置文件经常被隐藏

ls -a命令:显示隐藏文件

Wildcard Metacharacters
Simplify commands specifying more than one filename on the command line
Can match the entire filename or portions of filenames
Can be used with most Linux filesystem commands

32
Meta-character Description
* Matches 0 or more characters in a filename
? Matches 1 character in a filename
[aegh] Matches 1 character in a filename—provided this character is either an a, e, g, or h
[a-e] Matches 1 character in a filename—provided this character is either an a, b, c, d, or e
[!a-e] Matches 1 character in a filename—provided this character is NOT an a, b, c, d, or e

简化命令行上指定多个文件名的命令

可以匹配整个文件名或文件名的一部分

可以与大多数Linux文件系统命令一起使用

Wildcard Metacharacters

Links
Files can be linked to one another
Symbolic link (symlink):
one file is a pointer or shortcut to another
Hard link:
two files share the same data
To better understand how files are linked, you must understand how files are stored on a filesystem
Superblock
Inode table
Data blocks

34
文件可以相互链接

符号链接:一个文件是指向另一个文件的指针或快捷方式

硬链接:两个文件共享相同的数据

为了更好地理解文件是如何链接的，您必须理解文件是如何存储在文件系统上的

超级块

Inode表

数据块

Structure of a filesystem
Superblock: contains information about the filesystem
Number of inodes and data blocks
Size of each data block
inode table: consists of several inodes
Each describes a file or directory and contains a unique inode number for identification
The inode stores file size, data block locations, last date modified, permissions, and ownership
Each file and directory must have an inode
Data blocks: data making up contents of a file
Referenced by the inode

35
Superblock:包含文件系统信息

inode和数据块的数量

每个数据块索引节点表的大小:由多个索引节点组成

每个索引节点描述一个文件或目录，并包含一个惟一的inode号用于标识

inode存储文件大小、数据块位置、最后修改日期、权限和所有权

每个文件和目录必须有一个inode

数据块:构成文件内容的数据

由inode引用

Hard Links
Hard linked files share the same inode and inode number
Must reside on the same filesystem
To create a hard link, use the ln command and specify two arguments
The existing file to hard-link and the target file that will be created as a hard link to the existing file
To remove hard linked files, delete one of the linked files

硬链接文件共享相同的inode和inode号

必须驻留在相同的文件系统上

要创建硬链接，请使用ln命令并指定两个参数

将现有文件创建为硬链接，并将目标文件创建为指向现有文件的硬链接

若要删除硬链接文件，请删除其中一个链接文件

Symbolic (soft) link

Symbolic linked (symlink) files do not share the same inode and data blocks with their target file
Symbolic linked file is a pointer to the target file
Data blocks in the linked file contain only a pathname to the target file
Editing a symbolic linked file actually edits the target file
If the target file is deleted, symbolic link serves no function
To create a symbolkic link use the –s option to the ln command.

37
符号链接文件与目标文件不共享相同的索引节点和数据块

符号链接文件是指向目标文件的指针

链接文件中的数据块只包含到目标文件的路径名

编辑符号链接文件实际上是在编辑目标文件

如果目标文件被删除，符号链接将不起作用

要创建符号链接，请使用ln命令的-s选项。

Becoming Root
The root user in Linux is like ‘Administrator’ in Windows
To install anything or modify any files not owned by the current user, you must act as ‘root’
Best practice is to use the ‘sudo’ command to prefix the command or operation
You can switch to the root user using ‘sudo –i’ or ‘sudo su root’. This is dangerous – Avoid!
38
Linux中的root用户就像Windows中的Administrator

要安装或修改不属于当前用户的任何文件，您必须以“root”身份操作。

最佳实践是使用’ sudo ‘命令作为命令或操作的前缀

你可以使用’ sudo -i ‘或’ sudo su root ‘切换到root用户。这是危险的-避免!

rm –r /*

Who am I?
40

Managing Software
Distros include some form of package manager to manage the installation, removal and upgrade of software packages
Debian based distros use the apt (advanced package tool) package manager
Use the ‘apt-get’ command to install, remove and upgrade software
Can shorten the ‘apt-get’ command to ‘apt’ in recent versions
41
发行版包括某种形式的包管理器，用于管理软件包的安装、删除和升级

基于Debian的发行版使用apt(高级包工具)包管理器

使用“apt-get”命令安装、删除和升级软件

在最近的版本中，能把“apt-get”命令缩短为“apt”吗

apt-get
You must update the local information about the repository before installing anything, otherwise you will encounter problems
To update the local cache: $ sudo apt-get update
To install a package: $ sudo apt-get install To remove a package: $ sudo apt-get remove To upgrade all packages to latest version: $ sudo apt-get upgrade
You may get a locking error. If you encounter this, some process is using apt in the background, such as automatic updates. You need to wait until the other process releases the lock.
42
在安装任何东西之前，必须更新有关存储库的本地信息，否则将遇到问题

更新本地缓存:$ sudo apt-get update

安装一个包:$ sudo apt-get install <包名>

删除一个包:$ sudo apt-get remove <包名>

要将所有包升级到最新版本:$ sudo apt-get upgrade

你可能会得到一个锁定错误。如果遇到这种情况，说明某些进程正在后台使用apt，比如自动更新。您需要等待，直到其他进程释放锁。

apt-get update
43

apt-get install
44

Getting Help
Manual (man) pages: most common form of documentation for Linux commands
At command prompt, type the man command followed by command name
The manual page is displayed page-by-page on the terminal screen.
Use arrow keys on the keyboard to scroll through the info or press q to quit.

45
手册页:Linux命令最常见的文档形式

在命令提示符处，输入man命令，后面跟着命令名

手动界面在终端屏幕上逐页显示。

使用键盘上的方向键滚动信息或按q退出。

The man command
Manual pages contain different sections
Section numbers describe the category of the command in the manual page database
section (1) means that whoami is a command that can be executed by any user.

Page section Description
1 Commands that any user can execute
2 Linux system calls
3 Library routines
4 Special device files
5 File formats
6 Games
7 Miscellaneous
8 Commands that only the root user can execute
9 Linux kernel routines
n New commands not categorized yet

手册页面包含不同的部分

节号描述了手册页数据库节(1)中命令的类别，这意味着whoami是一个可以由任何用户执行的命令

Getting Help continued…
Search manual pages by keyword
The apropos command = man –k
The whatis command provides a short description of a command
The info command
Provides an easy-to-read description of each command with hyperlinks to other information.
Some commands do not have manual or info pages. To find help on these commands, you must use the help command.

通过关键字搜索手册页

恰当的命令= man -k

whatis命令提供了一个命令的简短描述

info命令

提供了一个易于阅读的每个命令的描述与其他信息的超链接。

有些命令没有手册或信息页。要获得这些命令的帮助，必须使用help命令。

User and Group Administration
48
This Photo by Unknown Author is licensed under CC BY-SA

Authentication
Authentication: verify user’s identity
Compare username and password to system database
Database containing user account information typically consists of two files
/etc/passwd: user account information
/etc/shadow: encrypted password and expiration information
The pwconv command: convert system to use an /etc/shadow file for encrypted password storage
The pwunconv command: revert back to using an /etc/passwd file only

49
认证:验证用户的身份

将用户名和密码与系统数据库进行比较

包含用户帐户信息的数据库通常由两个文件组成

/etc/passwd:用户帐号信息

/etc/shadow:加密的密码和过期信息

pwconv命令:将系统转换为使用/etc/shadow文件进行密码加密存储

pwunconf命令:恢复到只使用/etc/passwd文件

UID, GID and GECOS
Each line of the /etc/passwd file has colon-delimited format.
User Identifier (UID): unique user ID for each user
Group Identifier (GID): primary group ID for each user
Primary group: group owner for all files created by a user
General Comprehensive Operating System (GECOS): text description of user

50
name
:
password
:
UID
:
GID
:
GECOS
:
homedirectory
:
shell
Name of user
etc/passwd文件每行都以冒号分隔。

UID (User Identifier):每个用户的唯一用户ID

GID (Group Identifier):用户的主组ID

主组:用户创建的所有文件属于主组

通用综合操作系统(GECOS):用户的文本描述

Root user

Root user is usually listed at top of /etc/passwd file

Followed by user accounts used by daemons, followed by regular user accounts

Password field differs in the two files:

/etc/shadow: contains encrypted password

/etc/passwd: contains an x character

/etc/group file: lists all groups and their members

Creating user accounts
The useradd command: add new user accounts
Most new user information comes from two files
/etc/login.defs
E-mail location, password expiration, minimum password length, range of UIDs and GIDs
/etc/default/useradd
Default primary group, home directory location, password expiration info, shell, skeleton directory

52
useradd命令用于添加新用户

大多数新用户信息来自两个文件

/etc/login.defs

电子邮件位置、密码有效期、最小密码长度、uid和gid范围

/etc/default/useradd

默认主组，主目录位置，密码过期信息，shell，骨架目录

Common options to the useradd command
53
option Description
-c “description” Adds a description for the user to the GECOS field of /etc/passwd
-d homedirectory Specifies the absolute pathname to the user’s home directory
-e expirydate Specifies a date to disable the account from logging in
-f days Specifies the number of days until a user account with an expired password is disabled
-g group Specifies the primary group for a user account
-G group1, group2, etc. Specifies all other group memberships for the user account
-m Specifies that a home directory should be created for the user account
-k Specifies the skeleton directory used when copying files to a new home directory
-s shell Specifies the absolute pathname to the shell used for the user account
-u UID Specifies the UID of the user account

Creating User Accounts – cont.
Skeleton directory: contains environment files to copy to new users’ home directories
Usually /etc/skel
Override default parameters by specifying options to useradd command
The passwd command: set a user’s password

54
骨架目录:包含要复制到新用户主目录的环境文件

通常/etc/skel

通过为useradd命令指定选项来覆盖默认参数

passwd命令用于设置用户密码

Modifying User Accounts
The usermod command: modify user account information
The chage command: modify password expiration information
Lock an account: temporarily prevent a user from logging in
The usermod -L command
The passwd –u username
The chsh command

55
usermod命令用于修改用户帐号信息

chage命令用于修改密码过期信息

锁定帐户:暂时禁止用户登录

执行usermod -L命令

passwd -u用户名

chsh命令

Common options to the usermod command
56
option Description
-c “description” Specifies a new description for the user in the GECOS field of /etc/password
-d homedirectory Specifies the absolute pathname to a new home directory
-e expirydate Specifies a date to disable the account from logging in
-f days Specifies the number of days until a user account with an expired password is disabled
-g group Specifies a new primary group for the user account
-G group1, group2, etc. Specifies all other group memberships for the user account
-l name Specifies a new login name
-s shell Specifies the absolute pathname to a new shell used for the user account
-u UID Specifies a new UID for the user account

Deleting User Accounts
The userdel command: delete user accounts
Specify user name as argument
the –r option to the userdel command remove the home directory for the user and all of its contents.
When an account is deleted, files previously owned by the user become owned by a number representing UID of deleted user
Next user with that UID will own the files
57
userdel命令:删除用户帐号

将用户名指定为参数，userdel命令的-r选项删除用户的主目录及其所有内容。

当一个帐户被删除时，以前属于该用户的文件将由一个表示已删除用户UID的数字所拥有

下一个具有该UID的用户将拥有这些文件

Managing Groups
Add groups to a system
Edit the /etc/group file using a text editor
Use the groupadd command
Use the -G option to the usermod command to add members to the group
The groupmod command: modify GID name of a group on the system
The groupdel command: remove a group from the system
The groups command: list groups that a user belongs to
The id command: list GIDs of groups
58

向系统中添加组

使用文本编辑器编辑/etc/group文件

使用groupadd命令

在usermod命令中使用-G选项为组添加成员

groupmod命令用于修改系统中组的GID名称

groupdel命令用于从系统中删除一个组

groups命令用来列出用户所属的组

id命令用于列出组的gid

Permissions
File, Directory and Special Permissions
59
This Photo by Unknown Author is licensed under CC BY-SA-NC

File and Directory Ownership
All users must login with a username and password (Authenticate)
Users identified by username and group memberships
Access to resources depends on username and group membership
Must have required permissions
所有用户必须使用用户名和密码登录(认证)

由用户名和组成员身份识别的用户

对资源的访问取决于用户名和组成员身份

必须具有所需的权限
60

File and Directory Ownership
During file creation, that user’s name and primary group becomes the owner and group owner of the file
Same for directory creation
在创建文件期间，该用户的名称和主组将成为文件的所有者和组所有者

目录创建也是如此
61

File and Directory Ownership continued…
The chown (change owner) command: change ownership of a file or directory
Two arguments
New owner
File or directory to change
Can use –R option to change permissions recursively throughout the directory tree
The chgrp (change group) command: change group owner of a file or directory
Same arguments and options as for chown command

62
chown (change owner)命令用于更改文件或目录的所有权

两个参数

新主人

要更改的文件或目录

可以使用-R选项在整个目录树中递归地更改权限吗

chgrp (change group)命令用于更改文件或目录的组属主

与chown命令相同的参数和选项

Managing File and Directory Permissions
Mode: inode section that stores permissions
User permissions: owner
Group permissions: group owner
Other permissions: everyone on system
Three regular permissions may be assigned to each user
Read
Write
Execute
63
r
w
x
r
w
x
r
w
x
read
write
Execute
User
Group
Other
Mode

Mode:存储权限的inode部分

用户权限:老板

组权限:组属主

其他权限:系统上的所有人

每个用户可以被分配三个常规权限

读

写

执行

Interpreting the Mode
64
User or owner: refers to users with read, write, and execute permission
Other: refers to all users on system
Permissions are not additive
The system assigns the first set of permissions that are matched in the mode order: user, group, other
Linux permission should not be assigned to other only

用户或所有者:具有读、写、执行权限的用户

其他:系统上的所有用户

权限不是附加的

系统按照“用户”、“组”、“其他”的顺序分配第一组匹配的权限

Linux权限不应该只分配给其他人

Read, Write, and Execute
65
Permission Definition for files Definition for directories
Read Allows a user to open and read the contents of a file Allows a user to list the contents of the directory (if the user has also been given execute permission)
Write Allows a user to open, read, and edit the contents of a file Allows a user to add or remove files to and from the directory (if the user has also been given execute permission)
Execute Allows a user to execute the file in memory (if it is a program file or script) Allows a user to enter the directory and work with directory contents

Source from: Table 4-4.
Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition.
允许用户列出目录的内容(如果用户也被授予执行权限)
允许用户向目录添加或删除文件(如果用户也被授予执行权限)
允许用户进入目录并处理目录内容
允许用户在内存中执行文件(如果是程序文件或脚本)
允许用户打开、读取和编辑文件的内容
允许用户打开和读取文件的内容

Changing Permissions Using Symbolic Notation
The chmod (change mode) command: change mode (permissions) of files or directories
Takes two arguments at minimum
Criteria used to change permissions
Filenames to change
If the permissions to be changed are identical for the user, group, and other categories, you can use the “a” character to refer to all categories

66
chmod (change mode)命令用于修改文件或目录的权限模式

至少需要两个参数

用于更改权限的条件

文件名更改

如果用户、组和其他类别需要更改的权限相同，则可以使用“a”字符引用所有类别

Changing Permissions Using Symbolic Notation
67

Criteria used within the chmod command
Category Operation Permission
u (user) + (adds a permission) r (read)
g (group) – (removes a permission) w (write)
o (other) = (makes a permission equal to) x (execute)
a (all categories)

Source from: Table 4-5.
Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition.
To change the mode of test6.txt to rw-r—-x, you can:
chmod u+rw,g+r,o-rw test6.txt,
or
chmod u=rw,g=r,o=x test6.txt,

Changing Permissions Using Octal Notation
To represent the mode rw-r—-x, you can use numbers 641 as user has read and write (4+2 = 6), group has read (4) and other has execute (1).

Source from: Figure 4-4.
Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition.
68

Default Permissions
New files are given rw-rw-rw- permissions by default
The umask variable: a special variable that takes away permissions on new files and directories
The umask command: displays the umask
Changing the umask: se a new umask as an argument to the umask command
New files are given rw-rw-rw- by the system
New directories are given rwxrwxrwx by the system

69
New files new directory
Permission assigned by system rw-rw-rw- rwxrwxrwx
Umask 0 2 2 0 2 2
= resulting permission rw-r–r– rwxr-xr-x

默认情况下，新文件被授予rw-rw-rw- permissions

umask变量:一个特殊的变量，它拿走了对新文件和目录的权限

umask命令用来显示umask信息

更改umask:将一个新的umask作为umask命令的参数

新文件是由系统提供的rw-rw-rw- rw-rw-rw

系统给出了新的目录rwxrwxrwx

Changing the umask
Change the umask to 007

70
New files new directory
Permission assigned by system rw-rw-rw- rwxrwxrwx
Umask 0 0 7 0 0 7
= resulting permission rw-rw—- rwxrwx—

Special permissions
71

Three more optional special permissions for files and directories

SUID (Set User ID)

SGID (Set Group ID)

Sticky bit

All special permissions required execute permission to work properly

The SUID and SGID work on executable files

The SGID and sticky bit work on directories

Defining SUID (Set User ID)
If SUID is set on a file, user who executes the file becomes owner of the file during execution (e.g., passwd command)
No special functionality when set on a directory
Only applicable to binary compiled programs
Cannot be used on shell scripts

Defining SGID (Set Group ID)
SGID: applicable to files and directories
If set on a file, user who executes the file becomes member of the file’s group during execution
If a user creates a file in a directory with SGID set, the file’s group owner is set to be the directory’s group owner and not the user’s primary group
73

Defining Sticky Bit
Sticky bit: previously used to lock files in memory
Currently only applicable to directories
Ensures that a user can only delete his/her own files when given write permissions in a directory

Setting Special Permissions
Special permissions require execute
They mask the execute permission when displayed by the ls –l command
May be set even if file or directory does not have execute permission
Indicating letter in the mode will be capitalized
Add special permissions via chmod command

75
Source from Figures 4-7, 4-8 Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition, Cengage

Octal Representation of Regular and Special Permissions
To set the special permissions, you can visualise them to the left of the mode
To set all of the special permissions on a certain file or directory, you can use the command chmod 7777 name
76

Source from Figure 4-9 Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition, Cengage

References
Jason W. Eckert, Linux+ and LPIC-1 Guide to Linux Certification, 5th Edition, Cengage
Chapter 1: Introduction to Linux
Chapter 2: Installation and Usage
Basic Linux Usage
Chapter 4: Linux Filesystem Administration
Linking files
File and directory permissions
Chapter 10: common Administrative Tasks
Administering Users and Groups

End of Lecture
78

.MsftOfcThm_Accent1_Fill_v2 {
fill:#4472C4;
}
.MsftOfcThm_Accent1_Stroke_v2 {
stroke:#4472C4;
}

/docProps/thumbnail.jpeg

Related Posts