An in-depth interpretation of the plus sign and dot in the permission column in Linux-LINUX-php.cn

Home

System Tutorial

LINUX

An in-depth interpretation of the plus sign and dot in the permission column in Linux

王林

Jul 02, 2024 pm 04:51 PM

linuxlinux tutorialRed Hatlinux systemlinux commandlinux certificationred hat linuxlinux video

An in-depth interpretation of the plus sign and dot in the permission column in Linux

1. Summary

In Linux, the ls -l command is the most commonly used. The first column in the command display result is also where we are more concerned. Generally speaking, the characters indicating permissions occupy 10 positions. However, we often see content displayed at the eleventh position in this column. The most common one is the dot (.), and the plus sign (+) will also appear in this position. What is this? What's going on? Let's try it out with our own hands, shall we?

2. Regarding the dot (.) in the permission column

2.1 Let’s take a look at the root directory.

[root@DCGH ~]# ls -lZ /
lrwxrwxrwx. root root system_u:object_r:bin_t:s0 bin -> usr/bin
dr-xr-xr-x. root root system_u:object_r:boot_t:s0 boot
drwxr-xr-x. root root system_u:object_r:device_t:s0 dev
drwxr-xr-x. root root system_u:object_r:etc_t:s0 etc
drwxr-xr-x. root root system_u:object_r:home_root_t:s0 home
lrwxrwxrwx. root root system_u:object_r:lib_t:s0 lib -> usr/lib
lrwxrwxrwx. root root system_u:object_r:lib_t:s0 lib64 -> usr/lib64
drwxr-xr-x. root root system_u:object_r:mnt_t:s0 media
drwxr-xr-x. root root system_u:object_r:mnt_t:s0 mnt
drwxr-xr-x. root root system_u:object_r:usr_t:s0 opt
dr-xr-xr-x. root root system_u:object_r:proc_t:s0 proc
dr-xr-x---. root root system_u:object_r:admin_home_t:s0 root
drwxr-xr-x. root root system_u:object_r:var_run_t:s0 run
lrwxrwxrwx. root root system_u:object_r:bin_t:s0 sbin -> usr/sbin
drwxr-xr-x. root root system_u:object_r:var_t:s0 srv
dr-xr-xr-x. root root system_u:object_r:sysfs_t:s0 sys
drwxrwxrwt. root root system_u:object_r:tmp_t:s0 tmp
drwxr-xr-x. root root system_u:object_r:usr_t:s0 usr
drwxr-xr-x. root root system_u:object_r:var_t:s0 var

2.2 Create a file and a directory in the HOME directory respectively, and observe the details of the eleventh position of the permissions.

[root@DCGH ~]# touch DCGH
[root@DCGH ~]# mkdir DCGH-DIR
[root@DCGH ~]# ls -l
总用量 0
-rw-r--r--. 1 root root 0 3月 28 10:23 DCGH
drwxr-xr-x. 2 root root 6 3月 28 10:24 DCGH-DIR

2.3 Check the SELinux status of this machine and list the basic information about SELinux in the files and directories in this directory.

[root@DCGH ~]# getenforce
Enforcing
[root@DCGH ~]# ls -lZ
-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 DCGH
drwxr-xr-x. root root unconfined_u:object_r:admin_home_t:s0 DCGH-DIR

2.4 Close SELinux, create experimental files and directories again, and list the basic information about SELinux in this directory and the files and directories under the root again.

[root@DCGH ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@DCGH ~]# reboot
[root@DCGH ~]# getenforce
Disabled
[root@DCGH ~]# ls -lZ
-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 DCGH
drwxr-xr-x. root root unconfined_u:object_r:admin_home_t:s0 DCGH-DIR
[root@DCGH ~]# touch DCGH-later
[root@DCGH ~]# mkdir DCGH-later-dir
[root@DCGH ~]# ls -lZ
-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 DCGH
drwxr-xr-x. root root unconfined_u:object_r:admin_home_t:s0 DCGH-DIR
-rw-r--r-- root root ? DCGH-later
drwxr-xr-x root root ? DCGH-later-dir
[root@DCGH ~]# ls -lZ /
lrwxrwxrwx. root root system_u:object_r:bin_t:s0 bin -> usr/bin
dr-xr-xr-x. root root system_u:object_r:boot_t:s0 boot
drwxr-xr-x root root ? dev
drwxr-xr-x. root root system_u:object_r:etc_t:s0 etc
drwxr-xr-x. root root system_u:object_r:home_root_t:s0 home
lrwxrwxrwx. root root system_u:object_r:lib_t:s0 lib -> usr/lib
lrwxrwxrwx. root root system_u:object_r:lib_t:s0 lib64 -> usr/lib64
drwxr-xr-x. root root system_u:object_r:mnt_t:s0 media
drwxr-xr-x. root root system_u:object_r:mnt_t:s0 mnt
drwxr-xr-x. root root system_u:object_r:usr_t:s0 opt
dr-xr-xr-x root root ? proc
dr-xr-x---. root root system_u:object_r:admin_home_t:s0 root
drwxr-xr-x root root ? run
lrwxrwxrwx. root root system_u:object_r:bin_t:s0 sbin -> usr/sbin
drwxr-xr-x. root root system_u:object_r:var_t:s0 srv
dr-xr-xr-x root root ? sys
drwxrwxrwt. root root system_u:object_r:tmp_t:s0 tmp
drwxr-xr-x. root root system_u:object_r:usr_t:s0 usr
drwxr-xr-x. root root system_u:object_r:var_t:s0 var

Through the above example, we can see that this point (.) is not useless, but it has a huge effect, and we usually don’t pay much attention to it. Files and directories created after SELinux is turned on will show this dot in the permission column. Files and directories created after SELinux is turned off will not show this dot in the permission column. Files or directories created before will remain unchanged.

3. Regarding the plus sign (+) in the permission column

3.1 Friends who have learned about ACL permission settings in Linux must be familiar with this plus sign. But let us verify it through experiments.

[root@DCGH ~]# setfacl -m u:dcgh:rwx *

[root@DCGH ~]# ls -lZ

-rw-rwxr--+ root root unconfined_u:object_r:admin_home_t:s0 DCGH

drwxrwxr-x+ root root unconfined_u:object_r:admin_home_t:s0 DCGH-DIR

drwxrwxr-x+ root root ? DCGH-DIR-later -rw-rwxr--+ root root ? DCGH-later

[root@DCGH ~]# setfacl -b *

[root@DCGH ~]# ls -lZ

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 DCGH

drwxr-xr-x. root root unconfined_u:object_r:admin_home_t:s0 DCGH-DIR

drwxr-xr-x root root ? DCGH-DIR-later -rw-r--r-- root root ? DCGH-later

We can see that after adding ACL permission control, the last position of the permission column of files and directories that previously had SELinux attributes has changed to a plus sign (+). After removing the original ACL permissions, restore them to their original state.

4. Summary

4.1 The dots in the Linux permission column are not meaningless characters. Directories and files created when SELinux is turned on have this point. This point in the permissions column indicates that the directory or file has SELinux-related permissions set. After disabling SELinux permissions, it is inconvenient for files or directories created when SELinux permissions were previously enabled to retain their original permissions, and the dots in the permissions column are still displayed. Newly created directories or files do not have this dot displayed in the permissions column.

4.2 If the last position in the permission column is a plus sign, it means that this directory or file has already set ACL permission related content. If the plus sign exists, the display of dots for directories or files that already have dots will be overwritten, but the original SELinux attributes remain unchanged.

The above is the detailed content of An in-depth interpretation of the plus sign and dot in the permission column in Linux. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How does hardware compatibility differ between Linux and Windows?Apr 23, 2025 am 12:15 AM

Linux and Windows differ in hardware compatibility: Windows has extensive driver support, and Linux depends on the community and vendors. To solve Linux compatibility problems, you can manually compile drivers, such as cloning RTL8188EU driver repository, compiling and installing; Windows users need to manage drivers to optimize performance.

What are the differences in virtualization support between Linux and Windows?Apr 22, 2025 pm 06:09 PM

The main differences between Linux and Windows in virtualization support are: 1) Linux provides KVM and Xen, with outstanding performance and flexibility, suitable for high customization environments; 2) Windows supports virtualization through Hyper-V, with a friendly interface, and is closely integrated with the Microsoft ecosystem, suitable for enterprises that rely on Microsoft software.

What are the main tasks of a Linux system administrator?Apr 19, 2025 am 12:23 AM

The main tasks of Linux system administrators include system monitoring and performance tuning, user management, software package management, security management and backup, troubleshooting and resolution, performance optimization and best practices. 1. Use top, htop and other tools to monitor system performance and tune it. 2. Manage user accounts and permissions through useradd commands and other commands. 3. Use apt and yum to manage software packages to ensure system updates and security. 4. Configure a firewall, monitor logs, and perform data backup to ensure system security. 5. Troubleshoot and resolve through log analysis and tool use. 6. Optimize kernel parameters and application configuration, and follow best practices to improve system performance and stability.

Is it hard to learn Linux?Apr 18, 2025 am 12:23 AM

Learning Linux is not difficult. 1.Linux is an open source operating system based on Unix and is widely used in servers, embedded systems and personal computers. 2. Understanding file system and permission management is the key. The file system is hierarchical, and permissions include reading, writing and execution. 3. Package management systems such as apt and dnf make software management convenient. 4. Process management is implemented through ps and top commands. 5. Start learning from basic commands such as mkdir, cd, touch and nano, and then try advanced usage such as shell scripts and text processing. 6. Common errors such as permission problems can be solved through sudo and chmod. 7. Performance optimization suggestions include using htop to monitor resources, cleaning unnecessary files, and using sy

What is the salary of Linux administrator?Apr 17, 2025 am 12:24 AM

The average annual salary of Linux administrators is $75,000 to $95,000 in the United States and €40,000 to €60,000 in Europe. To increase salary, you can: 1. Continuously learn new technologies, such as cloud computing and container technology; 2. Accumulate project experience and establish Portfolio; 3. Establish a professional network and expand your network.

What is the main purpose of Linux?Apr 16, 2025 am 12:19 AM

The main uses of Linux include: 1. Server operating system, 2. Embedded system, 3. Desktop operating system, 4. Development and testing environment. Linux excels in these areas, providing stability, security and efficient development tools.

Does the internet run on Linux?Apr 14, 2025 am 12:03 AM

The Internet does not rely on a single operating system, but Linux plays an important role in it. Linux is widely used in servers and network devices and is popular for its stability, security and scalability.

What are Linux operations?Apr 13, 2025 am 12:20 AM

The core of the Linux operating system is its command line interface, which can perform various operations through the command line. 1. File and directory operations use ls, cd, mkdir, rm and other commands to manage files and directories. 2. User and permission management ensures system security and resource allocation through useradd, passwd, chmod and other commands. 3. Process management uses ps, kill and other commands to monitor and control system processes. 4. Network operations include ping, ifconfig, ssh and other commands to configure and manage network connections. 5. System monitoring and maintenance use commands such as top, df, du to understand the system's operating status and resource usage.

See all articles