05用户组和权限.ppt

-rwxr-x---?1?andersen?trusted?2948?Oct?11?14:07?myscript Read, Write and Execute for the owner, andersen Read and Execute for members of the trusted group No access for all others Only root can change a files owner Only root or the owner can change a files group Ownership is changed with chown: chown [-R] user_name file|directory ... Group-Ownership is changed with chgrp: chgrp [-R] group_name file|directory ... Changing Permissions - Symbolic Method To change access modes: chmod [-R] mode file Where mode is: u,g or o for user, group and other + or - for grant or deny r, w or x for read, write and execute Examples: ugo+r: Grant read access to all o-wx: Deny write and execute to others Changing Permissions - Numeric Method Uses a three-digit mode number first digit specifies owners permissions second digit specifies group permissions third digit represents others permissions Permissions are calculated by adding: 4 (for read) 2 (for write) 1 (for execute) Example: chmod 640 myfile Changing Permissions - Nautilus Nautilus can be used to set the permissions and group membership of files and directories. In a Nautilus window, right-click on a file Select Properties from the context menu Select the Permissions tab Default Permissions Default permission for directories is 777 minus umask Default permission for files is the directory default without execute permission. umask is set with the umask command. Non-privileged users umask is 002 Files will have permissions of 664 Directories will have permissions of 775 roots umask is 022 User Management Tools Graphical tools system-config-users Command-line useradd usermod userdel [-r] Monitoring Logins Connected users: w Recent Logins: last, lastb, lastlog Special Permissions for Executables Special permissions for executables: suid: command run with permissions of the owner of the command, not executor of the command sgid: command runs with group affiliation of the group of the command Special