chmod

修改文件或目录的访问权限。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
chmod --help

Usage: chmod [OPTION]... MODE[,MODE]... FILE...
or: chmod [OPTION]... OCTAL-MODE FILE...
or: chmod [OPTION]... --reference=RFILE FILE...
Change the mode of each FILE to MODE.
With --reference, change the mode of each FILE to that of RFILE.

-c, --changes like verbose but report only when a change is made
-f, --silent, --quiet suppress most error messages
-v, --verbose output a diagnostic for every file processed
--no-preserve-root do not treat '/' specially (the default)
--preserve-root fail to operate recursively on '/'
--reference=RFILE use RFILE's mode instead of MODE values
-R, --recursive change files and directories recursively
--help display this help and exit
--version output version information and exit

Each MODE is of the form '[ugoa]*([-+=]([rwxXst]*|[ugo]))+|[-+=][0-7]+'.

文件系统权限文件系统 用来管理用户和用户组对文件或目录的访问权限的规则。

###用户

文件和目录归属于用户(owner),
分配给用户组(group),owner 是 group 的成员;
非 owner 和非 group 成员的用户属于其他用户(others);
还有所有用户(all)。

###访问权限

  • read 读取文件(当作用与目录时,仅能获取目录下所有文件的文件名);
  • write 修改文件(当作用与目录时,可以对文件执行创建、删除和重命名操作);
  • execute 执行文件(shell 脚本或可执行文件。当作用与目录时,可以获得文件内容和元信息,但不能获得文件列表)

###符号模式

r read;
w write;
x execute.

1
2
3
ls -l

-rw-r--r-- 1 hu hu 0 3月 31 15:19 test.txt

-rw-r--r-- 代表了文件类型和文件权限:

第一位 - 代表了文件为普通文件(参考 文件类型):

1
2
3
4
5
6
7
8
- Regular file
d Directory
l Symbolic link
p Named pipe
s Socket
c Device file(character device)
b Device file(block device)
D Door

后面九位分成三段,分别代表了 owner/group/others 三类用户的访问权限,- 代表没有对应权限:
owner 拥有 read/write 权限;group 和 others 只拥有 read 权限。

###数字模式

| 符号 | 代码 | 权限 |
| | | |
| r | 4/100 | read |
| w | 2/10 | write |
| x | 1/1 | execute |
| - | 0/0 | - |

-rw-r--r-- 可以用数字表示为 0644

###MODE 规则

[ugoa]*([-+=]([rwxXst]*|[ugo]))+|[-+=][0-7]+ 被用来校验 chmod 命令中的 MODE 参数。

1
2
3
4
5
6
7
8
u user 所有者
g group 所有者所在分组
o others 所有其他用户
a all 所有用户(等同于 ugo)

+ 添加权限
- 删除权限
= 设置权限

可能的 MODE 参数:

  • chmod a+w test.txt 给所有用户添加 test.txt 的写权限;
  • chmod u=rwx app.js app.js 的所有者拥有对该文件的读写和执行权限;
  • chmod 624 app.js 分别给三组用户不同的权限(u: rw, g: w, o: r);
  • chmod 755 ~/works 分别给三组用户不同的权限(u: rwx, g: rx, o: rx)。

###参考

wiki: Chmod

link

用于创建 符号链接硬链接

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
ln --help

用法:ln [选项]... [-T] 目标 链接名 (第一种格式)
 或:ln [选项]... 目标 (第二种格式)
 或:ln [选项]... 目标... 目录 (第三种格式)
 或:ln [选项]... -t 目录 目标... (第四种格式)
In the 1st form, create a link to TARGET with the name LINK_NAME.
In the 2nd form, create a link to TARGET in the current directory.
In the 3rd and 4th forms, create links to each TARGET in DIRECTORY.
Create hard links by default, symbolic links with --symbolic.
By default, each destination (name of new link) should not already exist.
When creating hard links, each TARGET must exist. Symbolic links
can hold arbitrary text; if later resolved, a relative link is
interpreted in relation to its parent directory.

Mandatory arguments to long options are mandatory for short options too.
--backup[=CONTROL] 为每个已存在的目标文件创建备份文件
-b 类似--backup,但不接受任何参数
-d, -F, --directory 创建指向目录的硬链接(只适用于超级用户)
-f, --force 强行删除任何已存在的目标文件
-i, --interactive prompt whether to remove destinations
-L, --logical dereference TARGETs that are symbolic links
-n, --no-dereference treat LINK_NAME as a normal file if
it is a symbolic link to a directory
-P, --physical make hard links directly to symbolic links
-r, --relative create symbolic links relative to link location
-s, --symbolic make symbolic links instead of hard links
-S, --suffix=SUFFIX override the usual backup suffix
-t, --target-directory=DIRECTORY specify the DIRECTORY in which to create
the links
-T, --no-target-directory treat LINK_NAME as a normal file always
-v, --verbose print name of each linked file
--help 显示此帮助信息并退出
--version 显示版本信息并退出

The backup suffix is '~', unless set with --suffix or SIMPLE_BACKUP_SUFFIX.
The version control method may be selected via the --backup option or through
the VERSION_CONTROL environment variable. Here are the values:

none, off 不进行备份(即使使用了--backup 选项)
numbered, t 备份文件加上数字进行排序
existing, nil 若有数字的备份文件已经存在则使用数字,否则使用普通方式备份
simple, never 永远使用普通方式备份

Using -s ignores -L and -P. Otherwise, the last option specified controls
behavior when a TARGET is a symbolic link, defaulting to -P.

###查看

ls -l 可以查看文件是否为链接文件:

1
2
3
ls -l /bin

lrwxrwxrwx 1 root root 24 3月 18 14:25 netcat -> /etc/alternatives/netcat

l 代表文件是链接文件;
netcat 是指向 /etc/alternatives/netcat 的一个文件链接。

###创建

  • ln -s target link 创建一个名为 link 的文件,链接到 target 文件;
  • ln -s target 在当前目录创建一个链接到 target 的文件,与 target 同名;
  • ln -s targets link_dir 在 link_dir 目录创建所有 targets 的链接。

###参考

wiki: 符号链接
理解 Linux 的硬链接与软链接

chown

修改文件或目录的所有者或(和)用户组。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
chown --help

Usage: chown [OPTION]... [OWNER][:[GROUP]] FILE...
or: chown [OPTION]... --reference=RFILE FILE...
Change the owner and/or group of each FILE to OWNER and/or GROUP.
With --reference, change the owner and group of each FILE to those of RFILE.

-c, --changes like verbose but report only when a change is made
-f, --silent, --quiet suppress most error messages
-v, --verbose output a diagnostic for every file processed
--dereference affect the referent of each symbolic link (this is
the default), rather than the symbolic link itself
-h, --no-dereference affect symbolic links instead of any referenced file
(useful only on systems that can change the
ownership of a symlink)
--from=CURRENT_OWNER:CURRENT_GROUP
change the owner and/or group of each file only if
its current owner and/or group match those specified
here. Either may be omitted, in which case a match
is not required for the omitted attribute
--no-preserve-root do not treat '/' specially (the default)
--preserve-root fail to operate recursively on '/'
--reference=RFILE use RFILE's owner and group rather than
specifying OWNER:GROUP values
-R, --recursive operate on files and directories recursively

The following options modify how a hierarchy is traversed when the -R
option is also specified. If more than one is specified, only the final
one takes effect.

-H if a command line argument is a symbolic link
to a directory, traverse it
-L traverse every symbolic link to a directory
encountered
-P do not traverse any symbolic links (default)

--help display this help and exit
--version output version information and exit

Owner is unchanged if missing. Group is unchanged if missing, but changed
to login group if implied by a ':' following a symbolic OWNER.
OWNER and GROUP may be numeric as well as symbolic.

Examples:
chown root /u Change the owner of /u to "root".
chown root:staff /u Likewise, but also change its group to "staff".
chown -hR root /u Change the owner of /u and subfiles to "root".

###查看归属信息

ls -l 命令可以看到文件的拥有者和用户组:

1
2
3
ls -l

-rw-rw-r-- 1 root hu 27 3月 18 16:50 hello.js

root owner;
hu group.

###修改归属

  • sudo chown hu hello.js 将 hello.js 的 owner 改为 hu;
  • sudo chown root:root hello.js 将 hello.js 的 owner 改为 root,group 改为 root。

注意:chown 命令只能被 root 用户执行。

  • © 2016-2020 th2zz

请我喝杯咖啡吧~

支付宝
微信