文件管理用户及组管理用户及权限管理
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了文件管理用户及组管理用户及权限管理相关的知识,希望对你有一定的参考价值。
文件管理:cp、mv、rm复制命令:cp
cp [option] ... [-T] source dest
cp [option] ... source... directory
cp [option] ... -t directory source...
cp src dest
如果目标文件不存在,则新建目标,并将源文件中的内容填充到目标文件中;
[[email protected] ~]# ls /tmp
gconfd-root mapping-root
[[email protected] ~]# cp /etc/fstab /tmp
[[email protected] ~]# ls /tmp
fstab gconfd-root mapping-root
如果目标文件不存在,且目标是文件,则直接创建目标文件,然后将源文件的内容填充到目标文件中
[[email protected] ~]# ls /tmp
fstab gconfd-root mapping-root
[[email protected] ~]# cp /etc/issue /tmp/hello.txt
[[email protected] ~]# ls /tmp
fstab gconfd-root hello.txt mapping-root
[[email protected] ~]# cat /tmp/hello.txt
Red Hat Enterprise Linux Server release 5.7 (Tikanga)
Kernel \r on an \m
如果目标存在:
如果目标是文件,将源文件中的内容覆盖到目标文件中;
[[email protected] ~]# cat /tmp/issue
hello world
[[email protected] ~]# cp /etc/issue /tmp/issue
cp: overwrite `/tmp/issue‘? y
[[email protected] ~]# cat /tmp/issue
Red Hat Enterprise Linux Server release 5.7 (Tikanga)
Kernel \r on an \m
如果目标是目标,在目标目录下新建与源文件同名的文件,并将源文件中的内容填充到新文件中;
[[email protected] ~]# ls -dl /tmp/abc
drwxr-xr-- 2 root root 4096 Mar 29 15:11 /tmp/abc
[[email protected] ~]# cp /etc/issue /tmp/abc
[[email protected] ~]# ls -l /tmp/abc
total 4
-rw-r--r-- 1 root root 74 Mar 29 15:12 issue
cp src.. dest
源文件是多个文件
目标必须存在,且为目录,其他情形均为出错;
[[email protected] ~]# ls -dl /tmp/abc
drwxr-xr-- 2 root root 4096 Mar 29 15:17 /tmp/abc
[[email protected] ~]# cp /etc/{fstab,issue,passwd} /tmp/abc
[[email protected] ~]# ls /tmp/abc
fstab issue passwd
cp src dest
如果源文件是目录,此时使用选项:-r
如果目标文件不存在,则创建指定目录,复制源目录中所有文件到目标中
[[email protected] ~]# ls /tmp
abc fstab gconfd-root hello.txt issue mapping-root
[[email protected] ~]# cp -r /etc/pam.d /tmp/pam123
[[email protected] ~]# ls /tmp/pam123
atd run_init
authconfig runuser
如果目标存在
如果目标是文件,则报错
[[email protected] ~]# ls /tmp
abc gconfd-root issue pam123
fstab hello.txt mapping-root
[[email protected] ~]# cp -r /etc/pam.d /tmp/issue
cp: cannot overwrite non-directory /tmp/issue‘ with directory
/etc/pam.d‘
如果目标是目录,复制源目录到目标目录中;
[[email protected] ~]# ls -dl /tmp/pam456
drwxr-xr-- 2 root root 4096 Mar 29 16:26 /tmp/pam456
[[email protected] ~]# cp -r /etc/pam.d /tmp/pam456
[[email protected] ~]# ls /tmp/pam456
pam.d
常用选项:
-i:交互式;询问用户命令是否继续进行;
[[email protected] ~]# cp -i /etc/issue /tmp/issue
cp: overwrite `/tmp/issue‘? y
-r、-R:递归复制目录及内部的所有内容
[[email protected] ~]# cp -r /etc/pam.d /tmp
[[email protected] ~]# ls -dl /tmp/pam.d
drwxr-xr-- 2 root root 4096 Mar 29 16:30 /tmp/pam.d
[[email protected] ~]# ls /tmp/pam.d
atd run_init
authconfig runuser
[[email protected] ~]# cp -R /etc/pam.d /tmp
[[email protected] ~]# ls -dl /tmp/pam.d
drwxr-xr-- 2 root root 4096 Mar 29 16:33 /tmp/pam.d
[[email protected] ~]# ls /tmp/pam.d
atd run_init
authconfig runuser
-d --no-dereference,--preserver=links,复制符号链接指向的源文件,但是不复制文件内容,不跟踪符号链接,保留链接文件类型
[[email protected] ~]# cp -d /etc/system-release /tmp
[[email protected] ~]# ls -l /tmp/system-release
lrwxrwxrwx. 1 root root 14 Mar 29 16:46 /tmp/system-release -> centos-release
[[email protected] ~]# cat /etc/system-release
CentOS release 6.5 (Final)
[[email protected] ~]# cat /tmp/system-release
cat: /tmp/system-release: No such file or directory
-a 归档 相当于-dR --preserver=all 保留文件原属性
[[email protected] ~]# cp -a /etc/system-release /tmp
[[email protected] ~]# ls -l /tmp/system-release
lrwxrwxrwx. 1 root root 14 Mar 14 15:39 /tmp/system-release -> centos-release
--preserver[=ATTR_LIST] 保留文件属性,默认保留mode ownership timestamp三个属性
mode:权限
ownership:属主属组
timestamp:时间戳
links:链接属性
xattr:扩展属性
context:安全上下文
all:以上所有
-p 保留权限 属主 属组 时间戳三个属性 --preserver=mode,ownership,timestamp
[[email protected] ~]# cp -p /etc/fstab /tmp
[[email protected] ~]# ls -l /etc/fstab /tmp/fstab
-rw-r--r--. 1 root root 779 Mar 14 15:38 /etc/fstab
-rw-r--r--. 1 root root 779 Mar 14 15:38 /tmp/fstab
-v --verbos 显示详细信息
[[email protected] ~]# cp -v /etc/fstab /tmp/etc/fstab‘ ->
/tmp/fstab‘
-f --force 强制
[[email protected] ~]# cp -f /tmp/issue /tmp
mv move 移动文件
mv [option]... [-T] source dest
mv [option]... source ... directory
mv [option]... -t directory source...
如果源文件是单个文件;
如果目标不存在,将文件移动到目标目录,并将文件名重命名为目标文件,相当于剪切
[[email protected] ~]# mv /tmp/issue /var/tmp/issue.txt
[[email protected] ~]# ls -l /var/tmp/issue.txt
-rw-r--r--. 1 root root 47 Mar 30 08:32 /var/tmp/issue.txt
[[email protected] ~]# ls -l /tmp/issue
ls: cannot access /tmp/issue: No such file or directory
如果目标是文件,将源文件内容覆盖到目标文件中,然后删除源文件;
[[email protected] ~]# mv /tmp/issue /tmp/fstab
mv: overwrite `/tmp/fstab‘? y
[[email protected] ~]# cat /tmp/fstab
CentOS release 6.5 (Final)
Kernel \r on an \m
[[email protected] ~]# cat /tmp/issue
cat: /tmp/issue: No such file or directory
如果目标是目录,则将源文件移动到目标目录中,相当于剪切
[[email protected] ~]# mv /tmp/fstab /tmp/123
[[email protected] ~]# ls -l /tmp/123
total 4
-rw-r--r--. 1 root root 47 Mar 30 08:40 fstab
如果源是多个文件,
如果目标是目录,则将源文件移动到目标目录中;
[[email protected] ~]# mv /tmp/123/{fstab,issue,passwd} /tmp
[[email protected] ~]# ls -l /tmp/{fstab,issue,passwd}
-rw-r--r--. 1 root root 779 Mar 30 09:49 /tmp/fstab
-rw-r--r--. 1 root root 47 Mar 30 09:49 /tmp/issue
-rw-r--r--. 1 root root 1578 Mar 30 09:49 /tmp/passwd
如果目标是文件,则报错;
[[email protected] ~]# mv /tmp/123/{fstab,issue,passwd} /tmp/abc
mv: target `/tmp/abc‘ is not a directory
如果目标不存在,则报错;
[[email protected]st ~]# mv /tmp/{fstab,issue,passwd} /tmp/123
mv: target `/tmp/123‘ is not a directory
常用选项:
-i 交互式,覆盖现有文件之间先询问用户
[[email protected] ~]# mv -i /tmp/issue /tmp/123
mv: overwrite `/tmp/123/issue‘? y
-f 强制移动,强行覆盖现有文件
[[email protected] ~]# mv -f /tmp/issue /tmp/123
rm remove 删除文件
rm [option]... file...
常用选项:
-i 交互式,删除文件先询问用户是否确认删除
[[email protected] ~]# rm -i /tmp/fstab
rm: remove regular file `/tmp/fstab‘? y
-f 强制删除
[[email protected] ~]# rm -f /tmp/passwd
-r 递归删除,用于删除目录内的文件及目录本身
[[email protected] ~]# ls -l /tmp/123
total 4
-rw-r--r--. 1 root root 47 Mar 30 10:00 issue
[[email protected] ~]# rm -r /tmp/123
rm: descend into directory /tmp/123‘? y<br/>rm: remove regular file
/tmp/123/issue‘? y
rm: remove directory `/tmp/123‘? y
-rf 强制递归删除,用于删除目录内的文件及目录本身
[[email protected] ~]# ls -l /tmp/123
total 12
-rw-r--r--. 1 root root 779 Mar 30 10:07 fstab
-rw-r--r--. 1 root root 47 Mar 30 10:07 issue
-rw-r--r--. 1 root root 1578 Mar 30 10:07 passwd
[[email protected] ~]# rm -rf /tmp/123
文本编辑器 nano 全屏编辑器
nano的快捷键 ctrl+g 获取帮助;ctrl+x 退出编辑器;ctrl+o 保存;ctrl+r 从其他文件读入数据;ctrl+w 搜索字符串;ctrl+y 上一页;ctrl+v 下一页;ctrl+k 剪切文本;ctrl+u 粘贴文本;ctrl+c 定位光标所在位置
bash的基础特性(2)
1、命令别名(alias)
通过alias命令实现
(1)alias显示当前shell进程中所有可用的命令别名
[[email protected] ~]# alias
alias cp=‘cp -i‘
alias l.=‘ls -d .* --color=tty‘
alias ll=‘ls -l --color=tty‘
alias ls=‘ls --color=tty‘
alias mv=‘mv -i‘
alias rm=‘rm -i‘
alias which=‘alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde‘
(2)alias NAME=‘value‘
定义别名NAME,相当于指令命令value
[[email protected] ~]# alias cdnet=‘cd /etc/sysconfig/network-scripts‘
[[email protected] ~]# alias
alias cdnet=‘cd /etc/sysconfig/network-scripts‘
注意:在命令行中定义的别名,仅对当前shell进程有效,如果想永久有效,要定义在配制文件中;
仅对当前用户有效:~/.bashrc
对所有用户都有效:/etc/bashrc
注意:编辑配置给出的新配置不会立即生效
bash进程重新读取配置文件,示例如下:
source /path/to/config_file
. /path/to/config_file
撤销别名:unalias
unalias [-a] name [name...]
unalias -a 撤销所有别名
[[email protected] ~]# unalias -a
[[email protected] ~]# alias
[[email protected] ~]#
unalias name 撤销某个别名
[[email protected] ~]# unalias cdnet
注意:如果别名元命令的名称,则如果要执行原命令,可以使用"\command"
[[email protected] ~]# \rm /tmp/passwd
2、glob(globbing)
bash中用于实现文件名"通配"
(1) 匹配任意长度的任意字符
ab:aab、ab、a123b
[[email protected] tmp]# ls ab
a123b aab ab
注意:可以表示0个字符
(2)? 任意单个字符
a?b:aab
[[email protected] tmp]# ls a?b
aab
(3)匹配指定范围内的任意单个字符
[0-9] 匹配单个数字
[[email protected] tmp]# ls [0-9]
1
[a-z] 匹配单个字母,不区分大小写
[[email protected] tmp]# ls [a-z]
a A
[A-Z] 匹配单个大写字母
[[email protected] tmp]# ls [A-Z]
A
(4)[^] 匹配指定范围外的任意单个字符
[^0-9] 匹配0-9之外的任意单个字符
[[email protected] tmp]# ls [^0-9]
a A
专用字符集合:
[:digit:] 任意数字,相当于数字0-9
[root[email protected] tmp]# ls [[:digit:]]
1
[:lower:] 任意小写字母
[[email protected] tmp]# ls [[:lower:]]
a
[:upper:] 任意大写字母
[[email protected] tmp]# ls [[:upper:]]
A
[:alpha:] 任意大小写字母
[[email protected] tmp]# ls [[:alpha:]]
a A
[:alnum:] 任意数字或字母
[[email protected] tmp]# ls [[:alnum:]]
1 a A
[:space:] 表示空格
[:punct:] 表示标点符号
练习:
1、显示/var目录下所有以l开头,以一个小写字母结尾,且中间出现至少一位数字的文件或目录;
ls -d /var/l[[:digit:]][[:lower:]]
ls -d /var/l[0-9][[:lower:]]
ls l[[:digit:]][[:lower:]] /var 错误做法
2、显示/etc目录下,以任意一位数字开头,且以非数字结尾的文件或目录;
ls -d /etc/[[:digit:]][^[:digit:]]
ls -d /etc/[0-9][^0-9]
ls [[:digit:]][^[:digit:]] /etc 错误做法
3、显示/etc目录下,以非字母开头,后面跟了一个字母及其他任意长度任意字符的文件或目录;
ls -d /etc/[^[:alpha:]][[:alpha:]]
ls [^[:alpha:]][[:alpha:]] /etc 错误做法
4、复制/etc目录下,所有以m开头,以非数字结尾的文件或目录到/tmp/magedu目录中;
cp -ra /etc/m*[^[:digit:]] /tmp/magedu
5、复制/etc目录下,所有/etc目录下,所有以.d结尾的文件或目录到/tmp/magedu.com目录中;
cp -ra /etc/*.d /tmp/magedu.com
6、复制/etc目录下,所有以.conf结尾,且以m、n、r、p开头的文件或目录/tmp/magedu.com目录中;
cp -ra /etc/[mnrp]*.conf /tmp/magedu.com
3、bash快捷键
ctrl+l 清屏,相当于clear命令
ctrl+a 光标跳转到命令开始处
ctrl+e 光标跳转到命令结尾处
ctrl+c 取消命令的执行
ctrl+u 删除命令行首到光标所在处的所有内容
ctrl+k 删除光标所在处到命令行结尾处的所有内容
4、bash的I/O重定向及管道
程序:指令+数据
读入数据:input
输出数据:output
打开的文件都有一个fd:file descriptor 文件描述符
标准输入:keyboard,0
标准输出:monitor,1
标准错误输出:monitor,2
I/O 重定向:改变标准位置
输出重定向:command > new_pos,command >> new_pos 若目标不存在,则新建目标文件,后输出重定向;
[[email protected] ~]# cat /etc/issue > /tmp/123
[[email protected] ~]# cat /tmp/123
CentOS release 6.5 (Final)
Kernel \r on an \m
覆盖重定向,目标文件的原有内容会被消除,覆盖
[[email protected] ~]# cat /etc/passwd > /tmp/123
[[email protected] ~]# cat /tmp/123
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin> 追加重定向,新内容会追加到目标文件尾部
[[email protected] ~]# cat /etc/issue >> /tmp/123
[[email protected] ~]# cat /tmp/123
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
CentOS release 6.5 (Final)
Kernel \r on an \m
set -C 禁止将内容覆盖输出到已有文件中;
[[email protected] ~]# set -C
[[email protected] ~]# cat /etc/issue > /tmp/123
-bash: /tmp/123: cannot overwrite existing file
强制覆盖:>|
[[email protected] ~]# set -C
[[email protected] ~]# cat /etc/issue >| /tmp/123
[[email protected] ~]# cat /tmp/123
CentOS release 6.5 (Final)
Kernel \r on an \m
set +C 允许覆盖重定向
[[email protected] ~]# set +C
[[email protected] ~]# cat /etc/passwd > /tmp/123
[[email protected] ~]# cat /tmp/123
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
2> 覆盖重定向错误输出数据流
[[email protected] ~]# catt /etc/issue 2> /tmp/123
[[email protected] ~]# cat /tmp/123
-bash: catt: command not found
[[email protected] ~]# cat /etc/issuee 2> /tmp/123
[[email protected] ~]# cat /tmp/123
cat: /etc/issuee: No such file or directory
2>> 追加重定向错误输出数据流
[[email protected] ~]# catt /etc/issue 2>> /tmp/123
[[email protected] ~]# cat /tmp/123
cat: /etc/issuee: No such file or directory
-bash: catt: command not found
标准输出和错误输出各自重定向到不同的位置;
command > /path/to/file.out 2> /path/to/error.out
[[email protected] ~]# cat /etc/issue > /tmp/true 2> /tmp/false
[[email protected] ~]# cat /tmp/true
CentOS release 6.5 (Final)
Kernel \r on an \m
[[email protected] ~]# cat /tmp/false
[[email protected] ~]# catt /etc/issue > /tmp/true 2> /tmp/false
[[email protected] ~]# cat /tmp/true
[[email protected] ~]# cat /tmp/false
-bash: catt: command not found
&> 覆盖重定向
&>> 追加重定向
合并标准输出和错误输出为同一个数据流进行重定向;
command &> /path/to/file.out
[[email protected] ~]# cat /etc/issue &> /tmp/123
[[email protected] ~]# cat /tmp/123
CentOS release 6.5 (Final)
Kernel \r on an \m
[[email protected] ~]# catt /etc/issue &> /tmp/123
[[email protected] ~]# cat /tmp/123
-bash: catt: command not found
[[email protected] ~]# cat /etc/issue &>> /tmp/123
[[email protected] ~]# cat /tmp/123
-bash: catt: command not found
CentOS release 6.5 (Final)
Kernel \r on an \m
使用1代表标准输出,2代表错误输出,进行覆盖重定向
command > /path/to/file.out 2>&1
[[email protected] ~]# cat /etc/issue > /tmp/123 2>&1
[[email protected] ~]# cat /tmp/123
CentOS release 6.5 (Final)
Kernel \r on an \m
[[email protected] ~]# catt /etc/issue > /tmp/123 2>&1
[[email protected] ~]# cat /tmp/123
-bash: catt: command not found
使用1代表标准输出,2代表错误输出,进行追加重定向
command >> /path/to/file.out 2>&1
[[email protected] ~]# cat /etc/issue >> /tmp/123 2>&1
[[email protected] ~]# cat /tmp/123
-bash: catt: command not found
CentOS release 6.5 (Final)
Kernel \r on an \m
[[email protected] ~]# catt /etc/issue >> /tmp/123 2>&1
[[email protected] ~]# cat /tmp/123
-bash: catt: command not found
CentOS release 6.5 (Final)
Kernel \r on an \m
-bash: catt: command not found
输入重定向 >
tr命令 转换或删除字符
tr [option]... set1 [set2]
[[email protected] ~]# tr abc ABC
apple
Apple
boy
Boy
cat
CAt
[[email protected] ~]# tr ‘a-z‘ ‘A-Z‘ < /etc/issue
CENTOS RELEASE 6.5 (FINAL)
KERNEL \R ON AN \M
[[email protected] ~]# cat < /etc/issue
CentOS release 6.5 (Final)
Kernel \r on an \m
删除字符
[[email protected] ~]# tr -d abc
abcdefg
defg
HERE Doucumentation << 此处生成文档
[[email protected] ~]# cat << EOF 此处EOF为结束符,结束语
abc
how are you?
how old are you?
EOF
abc
how are you?
how old are you?
cat << EOF
cat > /path/to/somefile << EOF
[[email protected] ~]# cat > /tmp/123 << EOF 此处生成文档 /tmp/123
abc
how are you?
how old are you?
EOF
[[email protected] ~]# cat /tmp/123
abc
how are you?
how old are you?
管道:
command1 | command2 | command3 | ...
注意:最后一个命令会在当前shell进程的子shell进程中执行
[[email protected] ~]# echo $PATH | tr ‘a-z‘ ‘A-Z‘
/USR/LIB64/QT-3.3/BIN:/USR/LOCAL/SBIN:/USR/LOCAL/BIN:/SBIN:/BIN:/USR/SBIN:/USR/BIN:/ROOT/BIN
[[email protected] ~]# echo $PATH | tr ‘a-z‘ ‘A-Z‘ | tr -d U
/SR/LIB64/QT-3.3/BIN:/SR/LOCAL/SBIN:/SR/LOCAL/BIN:/SBIN:/BIN:/SR/SBIN:/SR/BIN:/ROOT/BIN
tee命令 两路输出,标准输出、文件
tee [option]... [file]...[[email protected] ~]# tee /tmp/123
first line.
first line.
second line.
second line.
[[email protected] ~]# cat /tmp/123
first line.
second line.
[[email protected] ~]# echo $PATH | tr ‘a-z‘ ‘A-Z‘ | tee /tmp/path.out
/USR/LIB64/QT-3.3/BIN:/USR/LOCAL/SBIN:/USR/LOCAL/BIN:/SBIN:/BIN:/USR/SBIN:/USR/BIN:/ROOT/BIN
[[email protected] ~]# cat /tmp/path.out
/USR/LIB64/QT-3.3/BIN:/USR/LOCAL/SBIN:/USR/LOCAL/BIN:/SBIN:/BIN:/USR/SBIN:/USR/BIN:/ROOT/BIN
[[email protected] ~]# echo $PATH | tee /tmp/tee.out | tr ‘a-z‘ ‘A-Z‘
/USR/LIB64/QT-3.3/BIN:/USR/LOCAL/SBIN:/USR/LOCAL/BIN:/SBIN:/BIN:/USR/SBIN:/USR/BIN:/ROOT/BIN
[[email protected] ~]# cat /tmp/tee.out
/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
练习:
1、将/etc/passwd文件中的前5行内容转换为大写保存到/tmp/passwd.out文件中;
head -5 /etc/passwd | tr ‘a-z‘ ‘A-Z‘ | tee /tmp/passwd.out
head -5 /etc/passwd | tr ‘a-z‘ ‘A-Z‘ > /tmp/passwd.out
head -5 /etc/passwd | tr [[:lower:]] [[:upper:]] > /tmp/passwd.out
2、将登陆到当前系统上用户信息中的后3位的信息转换为大写保存到/etc/who.out文件中;
who | tail -3 | tr ‘a-z‘ ‘A-Z‘ | tee /tmp/who.out
who | tail -3 | tr ‘a-z‘ ‘A-Z‘ > /tmp/who.out
who | tail -3 | tr [[:lower:]] [[:upper:]] > /tmp/who.out
文本处理工具:wc、cut、sort、uniq
wc命令
wc [option]... [file]...
-l:lines行数
-w:words单词数
-c:characters字节数
[[email protected] ~]# wc /etc/fstab
15 78 779 /etc/fstab
[[email protected] ~]# wc -l /etc/fstab
15 /etc/fstab
[[email protected] ~]# wc -w /etc/fstab
78 /etc/fstab
[[email protected] ~]# wc -c /etc/fstab
779 /etc/fstab
cut命令
cut [option]... [file]...
-d:delimiter 指明字段分隔符
-f:fileds 字段
#:第#个字段
#,#[,#] 离散的多个字段,例如 1,3,6
#-# 连续的多个字段,例如1-6
混合使用:1-3,7
--output-delimiter=string 指定输出时的分隔符
[[email protected] ~]# head -3 /etc/passwd | cut -d: -f1
root
bin
daemon
[[email protected] ~]# head -3 /etc/passwd | cut -d: -f1-3
root:x:0
bin:x:1
daemon:x:2
[[email protected] ~]# head -3 /etc/passwd | cut -d: -f1-3,7
root:x:0:/bin/bash
bin:x:1:/sbin/nologin
daemon:x:2:/sbin/nologin
[[email protected] ~]# head -3 /etc/passwd | cut -d: -f1-3,7 --output-delimiter=‘=‘
root=x=0=/bin/bash
bin=x=1=/sbin/nologin
daemon=x=2=/sbin/nologin
sort 排序命令
sort [option]... [file]...
[[email protected] ~]# cat /tmp/test.txt
abc
apple
big
bcd
cat
cde
[[email protected] ~]# sort /tmp/test.txt
abc
apple
bcd
big
cat
cde
-f:忽略字符大小写
[[email protected] ~]# sort -f /tmp/test.txt
Abc
apple
bcd
Big
Cat
cde
-r 逆序排序
[[email protected] ~]# sort -r /tmp/test.txt
cde
cat
big
bcd
apple
abc
-t delimiter 字段分隔符
-k # 以指定的字段为标准排序
[[email protected] ~]# sort -t: -k2 /tmp/test.txt
bcd:0
cde:-1
apple:123
big:13
abc:3
cat:666
-n 以数值大小进行排序
[[email protected] ~]# sort -t: -k2 -n /tmp/test.txt
cde:-1
bcd:0
abc:3
big:13
apple:123
cat:666
-u uniq 排序后去重
[[email protected] ~]# sort -t: -k2 -u /tmp/test.txt
bcd:0
cde:-1
apple:123
big:13
abc:3
cat:666
uniq命令
uniq [option]... [file]...
注意:连续且完全相同方为重复
-c 显示每行重复出现的次数
[[email protected] ~]# uniq -c /tmp/test
1 tom
1 mary
2 tom
1 mary
3 hill
-d 仅显示重复过的行
[[email protected] ~]# uniq -d /tmp/test
tom
hill
-u 仅显示不曾重复的行
[[email protected] ~]# uniq -u /tmp/test
tom
mary
mary
练习:
1、以冒号分隔,取出/etc/passwd文件的第6行至第10行,并将这些信息按第三个字段的数值大小进行排序,最后仅显示的各自的第一个字段
head -10 /etc/passwd | tail -5 | sort -t: -k3 -n | cut -d: -f1
[[email protected] ~]# head -10 /etc/passwd | tail -5 | sort -t: -k3 -n | cut -d: -f1
sync
shutdown
halt
mail
uucp
用户和组管理
资源分派
Authentication 认证
Authorization 授权
Accoutiog 审计
token,identity (user/password)
Linux用户:username/uid
管理员:root,0
普通用户:1-65535
系统用户:1-499(centos 6),1-999(centos 7)不同的发行版会不同
登录用户(交互式登录):500+(centos 6),1000+(centos 7)
Linux用户组:groupname/gid
管理员组:root,0
普通组:
系统组:1-499(centos 6),1-999(centos 7)
普通组:500+(centos 6),1000+(centos 7)
Linux安全上下文
运行中的程序:进程(process)
以进程发起者的身份运行
进程所能够访问的所有资源的权限取决于进程的发起者的身份
Linux组的类别
用户的基本组(主组):组名同用户名,且仅包含一个用户,即私有组
用户的附加组(额外组)
Linux用户和组相关的配置文件:
/etc/passwd 用户及其属性信息(名称、uid、基本组id等)
/etc/group 组及其属性信息
/etc/shadow 用户密码及其相关属性
/etc/gshadow 组密码及其相关属性
/etc/passwd
name:password:uid:gid:GECOS:directory:shell
用户名:密码:uid:gid:GECOS(用户的备注信息):主目录:默认shell
/etc/group
group_name:password:gid:user_list
组名:组密码:GID:以当前组为附加组的用户列表(分隔符为逗号)
/etc/shadow
用户名:加密了的密码:最近一次更改密码的日期(相对时间,上次修改密码到unix元年经过的天数):密码的最小使用期限:密码的最大使用期限:密码警告时间段:密码禁用期(非活动期限):账号过期日期(从unix元年到该日期经过的天数):保留字段
加密机制:
加密:明文-->密文
解密:密文-->明文
单向加密:提取数据指纹
md5 message digest 消息摘要 128bits
sha1 secure hash algorithm 安全的哈希算法 160bits
sha224:224bits
sha256:256bits
sha384:384bits
sha512:512bits
雪崩效应:初始条件的微小改变,将会引起结果的巨大改变;蝴蝶效应;定长输出
密码的复杂性策略
1、使用数字、大写字母、小写字母及特殊字符中至少3种
2、足够的长度;
3、不要使用易猜测密码,使用随机密码
4、定期更换;不要使用最近曾经使用过的密码
用户和组相关的管理命令
用户创建:useradd
useradd [option] login
-u uid [uid_min,uid_max] 定义在/etc/login.defs
[[email protected] ~]# useradd -u 501 tom
[[email protected] ~]# tail -1 /etc/passwd
tom:x:501:501::/home/tom:/bin/bash
-g gid 指明用户所属的基本组,可以为组名,也可以为gid,注意:组名或gid必须已经存在
[[email protected] ~]# groupadd -g 1501 mygrp
[[email protected] ~]# tail -1 /etc/group
mygrp:x:1501:
[[email protected] ~]# useradd -g 1501 tom
[[email protected] ~]# tail -1 /etc/passwd
tom:x:500:1501::/home/tom:/bin/bash
[[email protected] ~]# groupadd testgrp
[[email protected] ~]# tail -1 /etc/group
testgrp:x:1502:
[[email protected] ~]# useradd -g testgrp tim
[[email protected] ~]# tail -1 /etc/passwd
tim:x:501:1502::/home/tim:/bin/bash
-c "comment" “用户的注释信息”
[[email protected] ~]# useradd -c "I am ben." ben
[[email protected] ~]# tail -1 /etc/passwd
ben:x:502:502:I am ben.:/home/ben:/bin/bash
-d /path/to/home_dir 以指定的路径为家目录,注意:提前条件,该目录事先不存在,如果存在,则报错
[[email protected] ~]# useradd -d /tmp/centos cento
[[email protected] ~]# tail -1 /etc/passwd
cento:x:503:503::/tmp/centos:/bin/bash
[[email protected] ~]# mkdir /tmp/test
[[email protected] ~]# useradd -d /tmp/test test
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
-s SHELL 指明用户的默认shell程序,可用列表在/etc/shells 文件中
[[email protected] ~]# useradd -s /bin/tcsh docker
[[email protected] ~]# tail -1 /etc/passwd
docker:x:505:505::/home/docker:/bin/tcsh
-G group1,group2,...,group# 为用户指明附加组,组必须事先存在,多个附加组之间用逗号分隔
[[email protected] ~]# useradd -G test,docker centos
[[email protected] ~]# id centos
uid=506(centos) gid=506(centos) groups=506(centos),504(test),505(docker)
-r 创建系统用户
centos 6 id < 500
centos 7 id < 1000
[[email protected] ~]# useradd -r zabbix
[[email protected] ~]# cat /etc/passwd | grep "zabbix"
zabbix:x:496:493::/home/zabbix:/bin/bash
默认值设定:/etc/default/useradd文件中
useradd -D -s shell
[[email protected] ~]# useradd -D -s /etc/tcsh
[[email protected] ~]# useradd ending
[[email protected] ~]# tail -1 /etc/passwd
ending:x:507:507::/home/ending:/etc/tcsh
练习:创建用户gentoo,附加组为distro和linux,默认shell为/bin/csh,注释信息为"gentoo distribution"
useradd -G distro,linux -s /bin/csh -c "gentoo distribution" gentoo
[[email protected] ~]# useradd -G distro,linux -s /bin/csh -c "gentoo distribution" gentoo
[[email protected] ~]# tail -1 /etc/passwd
gentoo:x:508:508:gentoo distribution:/home/gentoo:/bin/csh
[[email protected] ~]# id gentoo
uid=508(gentoo) gid=508(gentoo) groups=508(gentoo),1503(distro),1504(linux)
组创建:groupadd
groupadd [option].. group_name
-g GID 指明GID号,[GID_MIN,GID_MAX] 定义在/etc/login.defs
[[email protected] ~]# groupadd -g 2001 cook
[[email protected] ~]# tail -1 /etc/group
cook:x:2001:
-r:创建系统组
centos 6 id < 500
centos 7 id < 1000
[[email protected] ~]# groupadd -r jobs
[[email protected] ~]# cat /etc/group | grep "jobs"
jobs:x:492:
查看用户相关的ID信息:id
id [option]... [user]
[[email protected] ~]# id tom
uid=500(tom) gid=1501(mygrp) groups=1501(mygrp)
-u uid 显示uid
[[email protected] ~]# id -u tom
500
-g gid 显示gid 基本组id
[[email protected] ~]# id -g tom
1501
-G group 显示所有gid
[[email protected] ~]# id -G gentoo
508 1503 1504
-n name 显示用户名或用户组名
[[email protected] ~]# id -u -n tom
tom
[[email protected] ~]# id -g -n tom
mygrp
[[email protected] ~]# id -G -n gentoo
gentoo distro linux
切换用户或以其他用户身份执行命令:su
su [option] [-] [user [args...]]
切换用户的方式:
su username 非登录式切换,即不会读取目标用户的配置文件
[[email protected] ~]# su tom
[[email protected] root]$ echo $PATH
/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
su - username 登录式切换,会读取目标用户的配置文件,完全切换
[[email protected] ~]# su - tom
[[email protected] ~]$ echo $PATH
/usr/lib64/qt-3.3/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/tom/bin
注意:root用户su到其他用户无须密码;非root用户切换时需要密码;
[[email protected] ~]# su - tom
[[email protected] ~]$ su - gentoo
Password:
换个身份执行命令
su [-] username -c ‘command‘
[[email protected] ~]# su - tom -c ‘echo $PATH‘
/usr/lib64/qt-3.3/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/tom/bin
选项:
-l "su -l username"相当于"su - username" 相当于登录式切换
[[email protected] ~]# su -l tom
[[email protected] ~]$ echo $PATH
/usr/lib64/qt-3.3/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/tom/bin
用户属性修改:usermod
usermod [option] login
-u UID 新的uid
[[email protected] ~]# usermod -u 2002 tom
[[email protected] ~]# id -u tom
2002
-g GID 新的基本组id 可以是组名或者gid 注意:前提条件,新的基本组必须事先存在
[[email protected] ~]# usermod -g cook tom
[[email protected] ~]# id -g tom
2001
[[email protected] ~]# usermod -g 508 tom
[[email protected] ~]# id -g tom
508
-G GROUP1,GROUP2...GROUP# 新的附加组,原来的附加组将会覆盖,若保留原有,则要同时使用-a选项,表示append -a选项必须作为首选项
[[email protected] ~]# usermod -G gentoo,linux tom
[[email protected] ~]# id tom
uid=2002(tom) gid=508(gentoo) groups=508(gentoo),1504(linux)
[[email protected] ~]# usermod -a -G cook tom
[[email protected] ~]# id tom
uid=2002(tom) gid=508(gentoo) groups=508(gentoo),1504(linux),2001(cook)
-s SHELL 新的默认shell
[[email protected] ~]# usermod -s /bin/tcsh tom
[[email protected] ~]# cat /etc/passwd | grep "tom"
tom:x:2002:508::/home/tom:/bin/tcsh
-c "comment" 新的注释信息[[email protected] ~]# usermod -c "I am tom." tom
[[email protected] ~]# usermod -c "I am tom." tom
[[email protected] ~]# cat /etc/passwd | grep "tom"
tom:x:2002:508:I am tom.:/home/tom:/bin/tcsh
-d home_dir 新的家目录,原有家目录中的文件不会同时移动至新的家目录,若要移动,则同时使用-m选项
[[email protected] ~]# usermod -d /home/tom2 -m tom
[[email protected] ~]# cat /etc/passwd | grep "tom"
tom:x:2002:508:I am tom.:/home/tom2:/bin/tcsh
-l login_name 新的名字
[[email protected] ~]# usermod -l tom123 tom
[[email protected] ~]# cat /etc/passwd | grep "tom123"
tom123:x:2002:508:I am tom.:/home/tom2:/bin/tcsh
-L lock指定用户,锁定用户的密码,这会在用户加密的密码之前放置一个“!”
[[email protected] ~]# usermod -L tom
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:!$6$Xab6yTDv$GEqYjEyz/4yBqcsVLLbLrgGQu4McQCq3DXwGzeCAW4jOobf7Jb3fJovrtCb70R1JZYLYZYYau.oCR5iKTVBCC.:17622:0:99999:7:::
-U unlock指定用户,解锁用户的密码,这样移除加密的密码之前的“!”
[[email protected] ~]# usermod -U tom
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$Xab6yTDv$GEqYjEyz/4yBqcsVLLbLrgGQu4McQCq3DXwGzeCAW4jOobf7Jb3fJovrtCb70R1JZYLYZYYau.oCR5iKTVBCC.:17622:0:99999:7:::
-e YYYY-MM-DD 指定用户账号的过期日期 禁用日期 (从unix元年到该日期经过的天数)
[[email protected] ~]# usermod -e 2018-12-12 tom
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$Xab6yTDv$GEqYjEyz/4yBqcsVLLbLrgGQu4McQCq3DXwGzeCAW4jOobf7Jb3fJovrtCb70R1JZYLYZYYau.oCR5iKTVBCC.:17622:0:99999:7::17877:
-f INACTIVE设定非活动期限
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$Xab6yTDv$GEqYjEyz/4yBqcsVLLbLrgGQu4McQCq3DXwGzeCAW4jOobf7Jb3fJovrtCb70R1JZYLYZYYau.oCR5iKTVBCC.:17622:0:99999:7:10:17877:
给用户修改密码 passwd
passwd [option] username 修改指定用户的密码,仅root用户有权限
[[email protected] ~]# passwd tom
Changing password for user tom.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
passwd 修改自己的密码
[[email protected] ~]# passwd
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
常用选项:
-l 锁定指定用户 在/etc/shadow 密码加密字段的前面加入"!!"
[[email protected] ~]# passwd -l tom
Locking password for user tom.
passwd: Success
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:!!$6$/M5PH/Al$mBtJBCMMbJhmrVTnXyjRO59KcSeLvsKQ8kOB0I3bTpyEMp0hpNLD0hVC4WEizh/vAcdx6Y8OWsqKimngwEHIE.:17622:0:99999:7:10:17877:
-u 解锁指定用户 在/etc/shadow 密码加密字段的前面移除"!!"
[[email protected] ~]# passwd -u tom
Unlocking password for user tom.
passwd: Success
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$/M5PH/Al$mBtJBCMMbJhmrVTnXyjRO59KcSeLvsKQ8kOB0I3bTpyEMp0hpNLD0hVC4WEizh/vAcdx6Y8OWsqKimngwEHIE.:17622:0:99999:7:10:17877:
-n mindays 指定最短使用期限
[[email protected] ~]# passwd -n 7 tom
Adjusting aging data for user tom.
passwd: Success
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$/M5PH/Al$mBtJBCMMbJhmrVTnXyjRO59KcSeLvsKQ8kOB0I3bTpyEMp0hpNLD0hVC4WEizh/vAcdx6Y8OWsqKimngwEHIE.:17622:7:99999:7:10:17877:
-x maxdays 指定最大使用期限
[[email protected] ~]# passwd -x 30 tom
Adjusting aging data for user tom.
passwd: Success
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$/M5PH/Al$mBtJBCMMbJhmrVTnXyjRO59KcSeLvsKQ8kOB0I3bTpyEMp0hpNLD0hVC4WEizh/vAcdx6Y8OWsqKimngwEHIE.:17622:7:30:7:10:17877:
-w warndays 提前多少天开始警告
[[email protected] ~]# passwd -w 5 tom
Adjusting aging data for user tom.
passwd: Success
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$/M5PH/Al$mBtJBCMMbJhmrVTnXyjRO59KcSeLvsKQ8kOB0I3bTpyEMp0hpNLD0hVC4WEizh/vAcdx6Y8OWsqKimngwEHIE.:17622:7:30:5:10:17877:
-i inactivedays 非活动期限
[[email protected] ~]# passwd -i 3 tom
Adjusting aging data for user tom.
passwd: Success
[[email protected] ~]# cat /etc/shadow | grep "tom"
tom:$6$/M5PH/Al$mBtJBCMMbJhmrVTnXyjRO59KcSeLvsKQ8kOB0I3bTpyEMp0hpNLD0hVC4WEizh/vAcdx6Y8OWsqKimngwEHIE.:17622:7:30:5:3:17877:
--stdin 从标准输入接收用户的密码
echo "passwd" | passwd --stdin username
[[email protected] ~]# echo "o0p-[=" | passwd --stdin tom
Changing password for user tom.
passwd: all authentication tokens updated successfully.
注意:/dev/null bit buckets 位桶 数据黑洞 空设备,丢弃一切写入其中的数据
/dev/zero 当你读它的时候,它会提供无限的空字符
[[email protected] ~]# echo "o0p-[=" | passwd --stdin tom &> /dev/null
[[email protected] ~]# echo $?
0
删除用户:userdel
userdel [option]... login
-r 删除用户家目录
[[email protected] ~]# userdel docker
[[email protected] ~]# ll -d /home/docker
drwx------. 4 505 docker 4096 Apr 1 16:50 /home/docker
[[email protected] ~]# userdel -r centos
[[email protected] ~]# ll -d /home/centos
ls: cannot access /home/centos: No such file or directory
组属性修改:groupmod
groupmod [option]... group
-n group_name
[[email protected] ~]# groupmod -n cook123 cook
[[email protected] ~]# cat /etc/group | grep "cook123"
cook123:x:2001:
-g gid 新的GID
[[email protected] ~]# groupmod -g 3001 cook123
[[email protected] ~]# cat /etc/group | grep "cook123"
cook123:x:3001:
组删除:groupdel
groupdel group
[[email protected] ~]# groupdel cook123
修改组密码:gpasswd
gpasswd [option] group
[[email protected] ~]# gpasswd gentoo
Changing the password for group gentoo
New Password:
Re-enter new password:
[[email protected] ~]# cat /etc/gshadow | grep "gentoo"
gentoo:$6$CUkW//JZ/Gm/R$6XS3FPfEa07nTZUSDkMVey3u7j6713AVAFwW1vMUBR31Ve0KVRLL6ZFIQGh.cONoZXLcL/IAH56i633z6zdu1/::
-a user 将user添加至指定组中
[[email protected] ~]# gpasswd -a tim gentoo
Adding user tim to group gentoo
[[email protected] ~]# id tim
uid=501(tim) gid=1502(testgrp) groups=1502(testgrp),508(gentoo)
-d user 删除用户user的以当期为组名的附加组
[[email protected] ~]# gpasswd -d tim gentoo
Removing user tim from group gentoo
[[email protected] ~]# id tim
uid=501(tim) gid=1502(testgrp) groups=1502(testgrp)
-A user1,user2,... 设置有管理权限的用户列表,用户之间用逗号隔开
[[email protected] ~]# gpasswd -A tim,ben root
newgrp命令:临时切换基本组,切换后创建文件,该文件属组是切换后的组
如果用户不属于此组,切换需要密码
如果用户属于此组,切换不需要密码
[[email protected] ~]$ newgrp ending
Password:
[[email protected] ~]$ touch a.txt
[[email protected] ~]$ ll a.txt
-rw-r--r--. 1 ben ending 0 Apr 2 08:49 a.txt
[[email protected] ~]# usermod -G ending ben
[[email protected] ~]# id ben
uid=502(ben) gid=502(ben) groups=502(ben),507(ending)
[[email protected] ~]# su - ben
[[email protected] ~]$ newgrp ending
[[email protected] ~]$ touch b.txt
[[email protected] ~]$ ll b.txt
-rw-r--r--. 1 ben ending 0 Apr 2 08:52 b.txt
pwck 检查密码文件的完整性,命令检查用户及其认证信息的完整性
[[email protected] ~]# pwck
user ‘adm‘: directory ‘/var/adm‘ does not exist
user ‘uucp‘: directory ‘/var/spool/uucp‘ does not exist
修改用户属性:chage
chage [option].. login
-d LAST_DAY 格式 YYYY-MM-DD 上一次修改密码的日期 (相对时间,unix元年到该日期经过的天数)
[[email protected] ~]# chage -d 1971-10-11 tim
[[email protected] ~]# cat /etc/shadow | grep "tim"
tim:!!:648:0:99999:7:::
-E --expiredate EXPIRE_DATE 过期日期 格式 YYYY-MM--DD (相对时间,unix元年到该日期经过的天数)
[[email protected] ~]# chage -E 2018-12-31 tim
[[email protected] ~]# cat /etc/shadow | grep "tim"
tim:!!:648:0:99999:7::17896:
-I --inactive INACTIVE 设定非活动期限
[[email protected] ~]# cat /etc/shadow | grep "tim"
tim:!!:648:0:99999:7:10:17896:
-m --mindays MIN_DAYS 设定密码最短使用期限
[[email protected] ~]# chage -m 3 tim
[[email protected] ~]# cat /etc/shadow | grep "tim"
tim:!!:648:3:99999:7:10:17896:
-M --maxdays MAX_DAYS 设定密码最长使用期限
[[email protected] ~]# chage -M 10 tim
[[email protected] ~]# cat /etc/shadow | grep "tim"
tim:!!:648:3:10:7:10:17896:
-W --warndyas WARN_DAYS 设定提前多少天警告
[[email protected] ~]# chage -W 3 tim
[[email protected] ~]# cat /etc/shadow | grep "tim"
tim:!!:648:3:10:3:10:17896:
其他命令:chfn、chsh、finger
chfn 修改用户的注释信息
[[email protected] ~]# cat /etc/passwd | grep "tim"
tim:x:501:1502:tim ben,beijing,123,123:/home/tim:/bin/bash
finger 查看用户的详细信息
Finger information changed.
[[email protected] ~]# finger tim
Login: tim Name: tim ben
Directory: /home/tim Shell: /bin/bash
Office: beijing, 123 Home Phone: 123
Never logged in.
No mail.
No Plan.
chsh 修改用户的默认shell
[[email protected] ~]# chsh tim
Changing shell for tim.
New shell [/bin/bash]: /bin/csh
Shell changed.
[[email protected] ~]# cat /etc/passwd | grep "tim"
tim:x:1001:1001:tim ben,beijing,123,123:/home/tim:/bin/csh
权限管理:
文件的权限主要针对三类对象进行定义
owner:属主,u
group:属组,g
other:其他,o
每个文件针对每类访问者都定义了三种权限
r:readable 可读
w:writable 可写
x:execuable 可执行
文件:
r:可使用文件查看类工具获取其内容 cat tac more less head tail
w:可修改其内容 nano vim vi
x:可以把此文件提前内核启动为一个进程 bash
目录:
r:可以使用ls查看此目录中文件列表 ls
w:可以在此目录中创建文件,也可删除此目录中的文件 touch rm
x:可以使用ls -l查看此目录中文件列表,可以cd进入此目录 ll cd
权限转换二进制数、八进制数
--- 000 0
--x 001 1
-w- 010 2
-wx 011 3
r-- 100 4
r-x 101 5
rw- 110 6
rwx 111 7
修改文件权限:chmod
chmod [option]... octal-mode file...
-R 递归修改权限
[[email protected] ~]# chmod -R 700 /tmp/test
[[email protected] ~]# ls -ld /tmp/test
drwx------ 2 root root 4096 Apr 2 09:41 /tmp/test
[[email protected] ~]# ll /tmp/test
total 0
-rwx------ 1 root root 0 Apr 2 09:41 abc
使用八进制数修改文件或目录权限
[[email protected] ~]# chmod 640 /tmp/fstab
[[email protected] ~]# ll /tmp/fstab
-rw-r----- 1 root root 621 Mar 29 19:56 /tmp/fstab
chmod [option]... mode[,mode]... file...
mode:
修改一类或多类用户的所有权限,若没有任何权限,则留空,a表示所有三类用户
u= 属主
g= 属组
o= 其他
ug= 属主、属组
a= 所有用户
u= ,g= 多个用户指定权限 使用逗号隔开
[[email protected] ~]# chmod u=rwx /etc/fstab
[[email protected] ~]# ll /etc/fstab
-rwxr--r-- 1 root root 621 Mar 23 15:04 /etc/fstab
[[email protected] ~]# chmod g=r /etc/fstab
[[email protected] ~]# ll /etc/fstab
-rwxr--r-- 1 root root 621 Mar 23 15:04 /etc/fstab
[[email protected] ~]# chmod o= /etc/fstab
[[email protected] ~]# ll /etc/fstab
-rwxr----- 1 root root 621 Mar 23 15:04 /etc/fstab
[[email protected] ~]# chmod ug=rwx /etc/fstab
[[email protected] ~]# ll /etc/fstab
-rwxrwx--- 1 root root 621 Mar 23 15:04 /etc/fstab
[[email protected] ~]# chmod u=rwx,g=r /etc/fstab
[[email protected] ~]# ll /etc/fstab
-rwxr----- 1 root root 621 Mar 23 15:04 /etc/fstab
[[email protected] ~]# chmod a=rwx /etc/fstab
[[email protected] ~]# ll /etc/fstab
-rwxrwxrwx 1 root root 621 Mar 23 15:04 /etc/fstab
修改一类用户某位或某些权限
u+ +表示增加权限
u- -表示移除权限
[[email protected] ~]# chmod u+r /tmp/fstab
[[email protected] ~]# ll /tmp/fstab
-rw-r--r-- 1 root root 621 Mar 29 19:56 /tmp/fstab
[[email protected] ~]# chmod u-r /tmp/fstab
[[email protected] ~]# ll /tmp/fstab
--w-r--r-- 1 root root 621 Mar 29 19:56 /tmp/fstab
chmod [option].. --reference=rfile file...
参考rfile文件的权限,修改file的权限
[[email protected] ~]# chmod --reference=/tmp/issue /tmp/fstab
[[email protected] ~]# ll /tmp/{fstab,issue}
-rw-r--r-- 1 root root 621 Mar 29 19:56 /tmp/fstab
-rw-r--r-- 1 root root 74 Mar 29 22:38 /tmp/issue
修改文件的属主,属组 仅root有使用权限
修改文件的属主:chown
chown [option]...[owner][:[group]] file...
用法:
owner 修改文件属主
[[email protected] ~]# chown tom /tmp/issue
[[email protected] ~]# ll /tmp/issue
-rw-r--r-- 1 tom root 74 Mar 29 22:38 /tmp/issue
owner:group 修改文件属主、属组
[[email protected] ~]# chown tom:tim /tmp/issue
[[email protected] ~]# ll /tmp/issue
-rw-r--r-- 1 tom tim 74 Mar 29 22:38 /tmp/issue
:group 修改文件属组
[[email protected] ~]# chown :root /tmp/issue
[[email protected] ~]# ll /tmp/issue
-rw-r--r-- 1 tom root 74 Mar 29 22:38 /tmp/issue
注意:命令中的:可用.替换
[[email protected] ~]# chown .root /tmp/issue
[[email protected] ~]# ll /tmp/issue
-rw-r--r-- 1 tom root 74 Mar 29 22:38 /tmp/issue
-R 递归修改文件属主、属组
[[email protected] ~]# chown -R tim:tim /tmp/test
[[email protected] ~]# ll -d /tmp/test
drwx------ 2 tim tim 4096 Apr 2 09:41 /tmp/test
[[email protected] ~]# ll /tmp/test
total 0
-rwx------ 1 tim tim 0 Apr 2 09:41 abc
chown [option]... --reference=rfile file... 参考rfile的属主属组,修改file的属主属组
[[email protected] ~]# chown --reference=/tmp/issue /tmp/fstab
[[email protected] ~]# ll /tmp/{issue,fstab}
--w-r--r-- 1 tom root 621 Mar 29 19:56 /tmp/fstab
-rw-r--r-- 1 tom root 74 Mar 29 22:38 /tmp/issue
修改文件的属组:chgrp
chgrp [option]... group file...
[[email protected] ~]# chgrp tim /tmp/fstab
[[email protected] ~]# ll /tmp/fstab
--w-r--r-- 1 tom tim 621 Mar 29 19:56 /tmp/fstab
chgrp [option]... --reference=rfile file... 参考rfile的属组,修改file的属组
[[email protected] ~]# chgrp --reference=/tmp/fstab /tmp/issue
[[email protected] ~]# ll /tmp/{fstab,issue}
--w-r--r-- 1 tom tim 621 Mar 29 19:56 /tmp/fstab
-rw-r--r-- 1 tom tim 74 Mar 29 22:38 /tmp/issue
-R 递归修改目录文件的属组
[[email protected] ~]# chgrp -R centos /tmp/test
[[email protected] ~]# ll -d /tmp/test
drwx------ 2 tom centos 4096 Apr 2 09:41 /tmp/test
[[email protected] ~]# ll /tmp/test
total 0
-rwx------ 1 tom centos 0 Apr 2 09:41 abc
文件或目录创建的遮罩码:umask
创建文件 666-umask 创建文件的默认权限
[[email protected] ~]# umask
0022
[[email protected] ~]# touch /tmp/test.txt
[[email protected] ~]# ll /tmp/test.txt
-rw-r--r-- 1 root root 0 Apr 2 10:21 /tmp/test.txt
注意:如果某类的用户的权限减得的结果中存在x权限,则将期限+1
[[email protected] ~]# umask 023
[[email protected] ~]# touch /tmp/test1.txt
[[email protected] ~]# ll /tmp/test1.txt
-rw-r--r-- 1 root root 0 Apr 2 10:23 /tmp/test1.txt
创建目录 777-umask 创建目录的默认权限
[[email protected] ~]# umask
0022
[[email protected] ~]# mkdir /tmp/test
[[email protected] ~]# ll -d /tmp/test
drwxr-xr-x 2 root root 4096 Apr 2 10:27 /tmp/test
umask 查看umask
[[email protected] ~]# umask
0022
umask # 设定umask
[[email protected] ~]# umask 023
[[email protected] ~]# umask
0023
以上是关于文件管理用户及组管理用户及权限管理的主要内容,如果未能解决你的问题,请参考以下文章