Linux云计算学习笔记day20

2019-04-23  本文已影响0人  我要笑

自己搭建网站流程:

1.购买云服务器
2.在服务器上面 搭建网站环境 lnmp
3.购买域名
https://wanwang.aliyun.com/

修改权限

通过数字
chmod  755   /oldboy/oldboy.txt 

通过字母
-rw-r--r--  1 root root  321 Apr 16 12:19 oldboy.txt.bak
 u  g  o 

user group other
所有者 所属用户组 其他人

chmod u/g/o +|-|= 权限 oldboy.txt
给文件加上执行权限(/etc/rc.d/rc.local )
[root@oldboyedu59 ~]# chmod +x /etc/rc.d/rc.local
[root@oldboyedu59 ~]# ll /etc/rc.d/rc.local
-rwxr-xr-x. 1 root root 473 Oct 31 07:31 /etc/rc.d/rc.local

搭建测试权限环境
mkdir -p /oldboy/
echo pwd >/oldboy/lidao.sh
chown oldboy.oldboy /oldboy/lidao.sh

useradd oldboy 如果oldboy有问题则删除 再添加

需要2个窗口
root oldboy

root 下面测试 rwx

[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-rw-r--r-- 1 root root 4 Apr 23 09:58 /oldboy/lidao.sh
[root@oldboyedu59 ~]# chmod +x /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-rwxr-xr-x 1 root root 4 Apr 23 09:58 /oldboy/lidao.sh
[root@oldboyedu59 ~]# cat /oldboy/lidao.sh
pwd
[root@oldboyedu59 ~]# echo 'hostname' >>/oldboy/lidao.sh 
[root@oldboyedu59 ~]# /oldboy/lidao.sh
/root
oldboyedu59

测试 文件的rwx权限开始###

root修改权限

oldboy下测试

root 修改权限

[root@oldboyedu59 ~]# chmod u=r /oldboy/lidao.sh 
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-r--r-xr-x 1 root root 13 Apr 23 10:00 /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-r--r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh

oldboy下 测试文件的r权限

[oldboy@oldboyedu59 ~]$ ll /oldboy/lidao.sh 
-r--r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ cat /oldboy/lidao.sh
pwd
hostname
[oldboy@oldboyedu59 ~]$ echo pwd >>/oldboy/lidao.sh
-bash: /oldboy/lidao.sh: Permission denied
[oldboy@oldboyedu59 ~]$ /oldboy/lidao.sh
-bash: /oldboy/lidao.sh: Permission denied

文件的r小结:
是否能查看文件的内容

[root@oldboyedu59 ~]# #root 修改权限 w
[root@oldboyedu59 ~]# 
[root@oldboyedu59 ~]# 
[root@oldboyedu59 ~]# chmod u=w /oldboy/lidao.sh 
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
--w-r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh

W10: Warning: Changing a readonly file

oldboy进行测试

  ldboy@oldboyedu59 ~]$ ll /oldboy/lidao.sh
▽-w-r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ cat /oldboy/lidao.sh
cat: /oldboy/lidao.sh: Permission denied
[oldboy@oldboyedu59 ~]$ echo pwd >>/oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ echo pwd >>/oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ cat /oldboy/lidao.sh
cat: /oldboy/lidao.sh: Permission denied
[oldboy@oldboyedu59 ~]$ /oldboy/lidao.sh
-bash: /oldboy/lidao.sh: Permission denied

文件的rw小结:
1.r 是否能查看文件的内容
2.w 是否能修改文件内容 需要r配合
3.只有w的时候vim强制修改文件 会导致源文件内容被覆盖

[root@oldboyedu59 ~]# #root 修改权限 x
[root@oldboyedu59 ~]# chmod u=x /oldboy/lidao.sh 
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
---xr-xr-x 1 oldboy oldboy 19 Apr 23 10:14 /oldboy/lidao.sh

文件的rwx小结:
1.r 是否能查看文件的内容
2.w 是否能修改文件内容 需要r配合
3.只有w的时候vim强制修改文件 会导致源文件内容被覆盖
4.x 是否能执行(命令或脚本) 需要r配合

root 环境准备

mkdir -p /oldboy/lidao
chown oldboy.oldboy /oldboy/lidao
touch /oldboy/lidao{01..5}.txt
[root@oldboyedu59 ~]# ll -d /oldboy/lidao
drwxr-xr-x 2 oldboy oldboy 214 Apr 19 09:25 /oldboy/lidao

root 测试目录r权限

[root@oldboyedu59 ~]# chmod u=r /oldboy/lidao
[root@oldboyedu59 ~]# ll -d /oldboy/lidao
dr--r-xr-x 2 oldboy oldboy 214 Apr 19 09:25 /oldboy/lidao

oldboy 测试目录r权限

[oldboy@oldboyedu59 /oldboy]$ ll -d  lidao
dr--r-xr-x 2 oldboy oldboy 214 Apr 19 09:25 lidao
[oldboy@oldboyedu59 /oldboy]$ ls -l  lidao
ls: cannot access lidao/oldboy01.txt: Permission denied
ls: cannot access lidao/oldboy02.txt: Permission denied
ls: cannot access lidao/oldboy03.txt: Permission denied
ls: cannot access lidao/oldboy04.txt: Permission denied
ls: cannot access lidao/oldboy05.txt: Permission denied
ls: cannot access lidao/alex01.txt: Permission denied
ls: cannot access lidao/alex02.txt: Permission denied
ls: cannot access lidao/alex03.txt: Permission denied
ls: cannot access lidao/alex04.txt: Permission denied
ls: cannot access lidao/alex05.txt: Permission denied
ls: cannot access lidao/oldboy.txt: Permission denied
total 0
-????????? ? ? ? ?            ? alex01.txt
-????????? ? ? ? ?            ? alex02.txt
-????????? ? ? ? ?            ? alex03.txt
-????????? ? ? ? ?            ? alex04.txt
-????????? ? ? ? ?            ? alex05.txt
-????????? ? ? ? ?            ? oldboy01.txt
-????????? ? ? ? ?            ? oldboy02.txt
-????????? ? ? ? ?            ? oldboy03.txt
-????????? ? ? ? ?            ? oldboy04.txt
-????????? ? ? ? ?            ? oldboy05.txt
-????????? ? ? ? ?            ? oldboy.txt
[root@oldboyedu59 ~]# #测试目录的w 
[root@oldboyedu59 ~]# chmod u=w /oldboy/lidao
[root@oldboyedu59 ~]# ll -d /oldboy/lidao
d-w-r-xr-x 2 oldboy oldboy 214 Apr 19 09:25 /oldboy/lidao
[oldboy@oldboyedu59 /oldboy]$ ls -l /root/
ls: cannot open directory /root/: Permission denied

[oldboy@oldboyedu59 /oldboy]$ touch  /etc/passwd.txt
touch: cannot touch ‘/etc/passwd.txt’: Permission denied

[oldboy@oldboyedu59 /oldboy]$ rm -f /etc/hosts 
rm: cannot remove ‘/etc/hosts’: Permission denied

[oldboy@oldboyedu59 /oldboy]$ cat /etc/shadow
cat: /etc/shadow: Permission denied 

[oldboy@oldboyedu59 /oldboy]$ echo '#' >>/etc/passwd
-bash: /etc/passwd: Permission denied   

Permission denied

查看umask

[root@oldboyedu59 ~]# umask
0022

文件默认权限的由来

666
-022
=644

目录默认的权限由来

777
-022
=755

umask 032

文件默认权限的由来

666
-032
=634
+010
644

目录默认的权限由来

777
-032
=745

1.umask 035 file dir默认的权限
file 666
-035
631

  642 

dir 777
035
742

2.创建文件的时候权限是000,创建目录的时候权限是111 umask?

模拟环境:
useradd www
mkdir -p /app/blog/uploads
touch /app/blog/guoav{01..5}-blue-ray-4k.mkv.torrent

root 窗口 www窗口

[oldboy@oldboyedu59 /app/blog]$ touch /app/blog/uploads/ycw-5k-100tb.torrent 
touch: cannot touch ‘/app/blog/uploads/ycw-5k-100tb.torrent’: Permission denied
[oldboy@oldboyedu59 /app/blog]$ ll -d /app/blog/uploads/ycw-5k-100tb.torrent
ls: cannot access /app/blog/uploads/ycw-5k-100tb.torrent: No such file or directory
[oldboy@oldboyedu59 /app/blog]$ ll -d /app/blog/uploads/
drwxr-xr-x 2 root root 6 Apr 23 11:55 /app/blog/uploads/

方法1 给uploads 目录o+w

方法2 把uploads 修改为www.www

网站程序代码 /app/blog 目录 站点目录(单机权限控制)

1.谁运行网站程序
虚拟用户 www

2.控制权限
站点目录下文件 644 root root
站点目录下目录 755 root root

3.对于上传目录uploads
站点目录下文件 644 www www
站点目录下目录 755 www www

4.通过程序控制 只能上传图片或压缩包

5.取消上传上来的文件的执行权限(讲解到nfs的时候)

上一篇下一篇

猜你喜欢

热点阅读