Meaning of Linux directory permissions

Introduction

Linux files and directories have permission information such as "who is allowed to perform what kind of operation", and this is called permission.

I knew that the file had permissions, but I didn't know that it was also set in the directory, so I'll put it together.

File permissions

First, use ls -l / bin / cat to display the information of the cat command.

$ ls -l /bin/cat
-rwxr-xr-x 1 root root 35064 Jan 18  2018 /bin/cat

File type

The - at the beginning of the line indicates the file type.

File mode

The last nine characters of the file type (rwxr-xr-x) are called file modes, which indicate file permissions.

The 9 characters are one block for every 3 characters, and are divided into" owner "," group ", and" other groups ", respectively.

Meaning of "rwx"

rwx means "read", "write", and "execute", respectively.

/ bin / cat reconfirm

$ ls -l /bin/cat
-rwxr-xr-x 1 root root 35064 Jan 18  2018 /bin/cat

The above / bin / cat, but writing by anyone other than the root user is prohibited. When I tried to write, I was angry that I shouldn't overwrite the 'readonly' option is set (add! To override).

Directory permissions

Check the permissions of the main directory.

To check directory permissions with the ls command, you need to use the -d option, which displays information about the directory itself, in addition to the -l option.

$ ls -ld Code/
drwxrwxr-x 4 vagrant vagrant 4096 Apr  8 14:54 Code/

Meaning of directory permissions

Directory permissions use the symbols "r", "w", and "x" as well as files, but ** the meaning of each symbol may differ from that of files (especially "x"). ~~ It has a completely different meaning. ~~ **

• Corrected by @ angel_p_57's point. Please check the comment section.

Confirmation of "r" reading (getting a list of files contained in the directory)

Here, create a file once and test it.

$ mkdir permissionTest            //Create a directory called permissionTest
$ touch permissionTest/file1.txt  //file1 under permissionTest.Create a file called txt
$ ls -ld permissionTest/          //Check the permissionTest directory

drwxrwxr-x 2 vagrant vagrant 4096 Apr 23 11:50 permissionTest/

$ ls -l permissionTest/　　　　　　　　//Check the files under permissionTest

-rw-rw-r--  1 vagrant vagrant    0 Apr 23 11:50 file1.txt     //success

Make the permissions of the permissionTest directory unreadable and try to access it.

$ chmod a-r permissionTest/  //Read-protected for all users
$ ls -ld permissionTest/     

d-wx-wx--x 2 vagrant vagrant 4096 Apr 23 11:50 permissionTest/    //Read-protected.

$ ls  permissionTest/
ls: cannot open directory 'permissionTest/': Permission denied

** Cannot access without permission. ** **

Confirmation of "w" write (create / delete files / directories under the directory)

If write (w) is set in the directory, it can be created / deleted even if the files under it have write restrictions.

** This means that whether a file can be deleted depends on the permissions of the directory, not the permissions of the file. ** **

Restrict the writing of the file and check if the file can be deleted.

$ chmod a-w file1.txt  //Remove write permission for files
$ ll file.txt          //Check file permissions

-r--r--r--  1 vagrant vagrant    0 Apr 23 11:50 file1.txt  //Confirmation of write permission deletion

$ rm  file1.txt　　//File deletion
rm: remove write-protected regular empty file 'file1.txt'?yes Do you want to delete it?

Of course you can delete it.

Confirmation of "x" execution (make the directory the current directory)

Make sure that you cannot access directories that are not set to run "x".

$ chmod a-x permissionTest/  //Restrict execute permission of permissionTest
$ ls -ld permissionTest/     //Check the permissions of permissionTest

drw-rw-r-- 2 vagrant vagrant 4096 Apr 23 11:50 permissionTest/　//Verification

v$ cd permissionTest/                           //permissionTest/Access
-bash: cd: permissionTest/: Permission denied   //Can not.

Summary

reference

New Linux textbook