linux-默认权限umask和特殊权限
2019-07-03 本文已影响3人
依然慢节奏
一、默认权限
image.png
1.1、umask
[root@localhost /home]#mkdir data
[root@localhost /home]#cd data/
[root@localhost /home/data]#ll
total 0
[root@localhost /home/data]#touch a.txt
[root@localhost /home/data]#cd ..
[root@localhost /home]#chmod 777 data
[root@localhost /home]#ll
total 8
drwxrwxrwx 2 root root 19 Jul 3 17:22 data
-rw-r--r-- 1 root root 952 Apr 11 10:22 Dockerfile20190411102257.txt
-rw-r--r-- 1 root root 952 Apr 11 10:23 Dockerfile.txt
drwxr--r-- 2 unnet unnet 96 Jul 3 17:21 unnet
[root@localhost /home]#cd data/
[root@localhost /home/data]#ll
total 0
-rw-r--r-- 1 root root 0 Jul 3 17:22 a.txt
[root@localhost /home/data]#su unnet
[unnet@localhost /home/data]$touch b.txt
[unnet@localhost /home/data]$ll
total 0
-rw-r--r-- 1 root root 0 Jul 3 17:22 a.txt
-rw-rw-r-- 1 unnet unnet 0 Jul 3 17:23 b.txt
[unnet@localhost /home/data]$umask
0002
[unnet@localhost /home/data]$umask 022
[unnet@localhost /home/data]$touch c.txt
[unnet@localhost /home/data]$ll
total 0
-rw-r--r-- 1 root root 0 Jul 3 17:22 a.txt
-rw-rw-r-- 1 unnet unnet 0 Jul 3 17:23 b.txt
-rw-r--r-- 1 unnet unnet 0 Jul 3 17:29 c.txt
umask和默认权限的和为666->【umask + default = 666】
可以修改家目录下的.bashrc文件设置umask的值
二、特殊权限
image.png
[root@localhost /home/data]#ll
total 4
-rw-r----- 1 root root 465 Jul 3 17:54 a.txt
-rw-rw-r-- 1 unnet unnet 0 Jul 3 17:23 b.txt
-rw-r--r-- 1 unnet unnet 0 Jul 3 17:29 c.txt
[root@localhost /home/data]#
[root@localhost /home/data]#su unnet
[unnet@localhost /home/data]$cat a.txt
cat: a.txt: Permission denied
[unnet@localhost /home/data]$exit
exit
[root@localhost /home/data]#chmod g+s /bin/cat
[root@localhost /home/data]#su unnet
[unnet@localhost /home/data]$cat a.txt
#
# /etc/fstab
# Created by anaconda on Wed Dec 26 10:17:51 2018
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=34077afd-de96-437f-8cdf-3590f3fac51f /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
[unnet@localhost /home/data]$exit
exit
[root@localhost /home/data]#chmod 755 /bin/cat
[root@localhost /home/data]#ll /bin/cat
-rwxr-xr-x. 1 root root 54160 Oct 31 2018 /bin/cat
s(SUID)权限,在执行的时候权限变换为所有者拥有的权限;
[root@localhost /home/data]#ll /usr/bin/passwd
-rwsr-xr-x. 1 root root 27832 Jun 10 2014 /usr/bin/passwd
SGID权限,在执行的时候权限变换为所属组拥有的权限
t(Sticky)权限,作用在目录上,只能删除目录下自己的文件,不能删除别的用户的文件;
[missbe@localhost /home/data]$ll
total 4
-rw-r----- 1 root root 465 Jul 3 17:54 a.txt
-rw-rw-r-- 1 missbe missbe 0 Jul 3 18:04 b.txt
-rw-r--r-- 1 unnet unnet 0 Jul 3 17:29 c.txt
[missbe@localhost /home/data]$ll -d .
drwxrwxrwt 2 root root 45 Jul 3 18:04 .
[missbe@localhost /home/data]$rm c.txt
rm: remove write-protected regular empty file ‘c.txt’? y
rm: cannot remove ‘c.txt’: Operation not permitted
[missbe@localhost /home/data]$exit
exit
[root@localhost /home/data]#su unnet
[unnet@localhost /home/data]$rm b.txt
rm: remove write-protected regular empty file ‘b.txt’? y
rm: cannot remove ‘b.txt’: Operation not permitted
image.png
image.png
[root@localhost /home/data]#chattr +i a.txt
[root@localhost /home/data]#ll
total 4
-rw-r----- 1 root root 465 Jul 3 17:54 a.txt
-rw-rw-r-- 1 missbe missbe 0 Jul 3 18:04 b.txt
-rw-r--r-- 1 unnet unnet 0 Jul 3 17:29 c.txt
[root@localhost /home/data]#lsattr
----i----------- ./a.txt
---------------- ./c.txt
---------------- ./b.txt
[root@localhost /home/data]#rm a.txt
rm: remove regular file ‘a.txt’? y
rm: cannot remove ‘a.txt’: Operation not permitted
suid:4 作用于二进制可执行文件上,功能:当用户执行些文件,会继承此文件的所有者权限;
sgid:2
[1]作用于二进制可执行文件上,功能:当用户执行文件,会继承些文件的所属组的权限;
[2]作用于目录上,功能:目录下新建文件,文件属组自动设置为目录的属组权限;
sticky:1 作用于目录上,功能:对目录下的文件只能删除自己的文件;
