Lecture
In the last lecture, we reviewed the basic rights of objects and the teams that allow you to manage these rights. Before we go further, I want to show one use of the chmod command , for distributing permissions for directories and files. For example, we have a directory with a large number of music files. It is necessary that for all directories the x property is set (as it is necessary to go to these directories), and not set on the files (as music files should not be interpreted as executable). This problem is solved with just two *** chmod :
igor @ adm-ubuntu: ~ $ sudo chmod -R 644 ./Music/
igor @ adm-ubuntu: ~ $ sudo chmod -R a + X ./Music/
Commands must be performed on behalf of the administrator, since taking the right x from the directory com *** but will not be able to enter it to change the properties for the subdirectory and files. The first comma *** and takes the right x for all objects within the directory (the key R is used for this), an analogue of the command in the mnemonic version sudo chmod -R ax ./Music/ . In the second command, the expression a + X ("X large") will set permissions only for objects of the type directory. As you can see everything is simple. And one more example, if you need to copy file permissions and assign them to another file, then for this there is a reference key:
igor @ adm-ubuntu: ~ / linux $ chmod –reference = file.txt file1.txt
As a result, file1.txt will have the same rights as file.txt .
Let's now talk about the rights of newly created objects. If you create an object, then it will be assigned certain default rights. They are set using a numeric template. The default pattern is 0022 . You can change the template by *** th umask . Type this com *** u without parameters to see the current template:
igor @ adm-ubuntu: ~ / linux $ umask
0022
As you can see now the pattern is 0022 . The numbers correspond to the three triads of rights. By executing *** at umask 0127 you will change the template to the specified one. But how is this pattern applied? Here you need to remember two rules:
If you create a file, then the mask value is subtracted from the value 0666 , and if you create a directory, then the mask value is subtracted from the value 0777 . To be precise, the operation is not subtraction, and XOR . Technical specialists should understand me, for the rest I recommend sticking to the subtraction scheme: 0666 subtract 0022 will be 0644 ( rw-r – r– ). Such rights will be assigned to the newly created file. Or 0777 subtract 0022 will be 0755 ( rwxr-xr-x ) for the directory. I also recommend to remember the rule that the number 7 in the template prohibits all rights for its triad of object rights. That is, if you set the umask to 0777, then no rights will be set:
igor @ adm-ubuntu: ~ / linux $ umask 0777
igor @ adm-ubuntu: ~ / linux $ touch file3.txt
igor @ adm-ubuntu: ~ / linux $ ls -l
total 20
———- 1 igor igor 0 2009-10-23 12:48 file3.txt
The easiest way to master this mechanism is to practice installing different template values using the umask command and see what rights will be granted to newly created files or directories. Moreover, each user can set his own template. That is, the template is stored for each user separately. By default, it is 0022 , but if one user changes it to another value, then the second user will not change the template. This, too, must be understood and taken into account. About the umask command, let's move on to the next question.
Let's talk about the additional rights of objects in the native Linux file system - ext2 / ext3 . The rights rwxrwxrwx , which we talked about earlier, are assigned to all objects of all supported file systems on Linux . If the file system does not support such rights (for example, the same FAT ), then they are set artificially. Additional attributes (bits) for objects are defined for the native Linux file system - ext2 / ext3 . I want to immediately note that in the overwhelming majority of cases you will not have to work with them, but be aware that they are needed. We briefly describe some of them.
A - do not update object access time. Theoretically, the installation of this attribute should improve the performance of the file system and, accordingly, the system as a whole.
a indicates that information can be added to the file, but cannot be deleted.
d - indicates that you do not need to make backup copies of the file. The file will be ignored by the *** d dump .
i - indicates that the file can not be deleted and modified.
s - indicates that when deleting a file, the place where the file was placed will be overwritten with zeros.
u indicates that when you delete a file, you need to save it somewhere.
There are other attributes. You can read about them in the certificate. There you can see that the attributes s and u are not yet implemented in ext2 / ext3 . Perhaps they are supported in ext4 .
To view additional attributes, there is a com *** and lsattr . If you execute com at lsattr / , you will see additional rights for ext2 / ext3 file systems and you will see an error message for other file systems. To change additional attributes you can com *** th chattr . The principle of operation is similar to the *** *** chmod . For example, chattr + A file.txt will add attribute A to file.txt .
You can read about additional attributes with the command man chattr .
For homework, try to find where the umask value is set.
Comments
To leave a comment
LINUX operating system
Terms: LINUX operating system