Detailed explanation of shell operating principle and Linux permissions
Linux, strictly speaking, is the core of an operating system. In other words, ordinary users cannot call the core directly. In order to communicate with the core, we need to go through the core's "shell" program, also known as the shell. Shell is a command line interpreter that receives commands entered by the user and converts them into operation codes executed by the system. Shell can call different system functions to complete different operations depending on the type of command. Therefore, we can use Shell to execute a variety of commands and operations to control and manage the system. In short, the Shell acts as a bridge between the user and the underlying kernel.
How to understand? Why can't we use kernel directly?
“
From a technical perspective, the simplest definition of Shell: command interpreter (command Interpreter) mainly includes:
”
将使用者的命令翻译给核心(kernel)处理。 同时,将核心的处理结果翻译给使用者。
“
Note: shell is the collective name for all shell programs, and bash is a specific shell. For example: centos 7 shell: bash
”
- Compared with the Windows GUI, when we operate Windows, we do not directly operate the Windows kernel, but click through the graphical interface to complete our operations (for example, to enter the D drive, we usually double-click the D drive letter. Or run an application) .
- The shell has the same function for Linux, mainly parsing our instructions and parsing the instructions to the Linux kernel. The feedback results are run through the kernel and parsed to the user through the shell.
- Shell operating principle
shell是做命令行解释的 对系统有危害性的命令会被阻止从而保护操作系统 其好处为子进程出现任何问题都不会影响父进程shell
- Help understanding:
- If you are a boring and shy programmer, then shell is like a matchmaker
- The operating system kernel is the pretty flower in your village that makes your heart beat.
- You have fallen in love with Xiaohua, but are embarrassed to confess directly, then let your family find a matchmaker to help you propose marriage
- You communicate directly with the matchmaker about everything, and the matchmaker conveys your thoughts to Xiaohua
- And we found that the matchmaker’s surname was Wang, so we called her Wang Po, which corresponds to the bash we often use.
- Linux permissions
2.1 The concept of permissions
- There are two types of users under Linux: super user (root) and ordinary user.
- Super user: can do anything under the linux system without restrictions
- Ordinary users: Do limited things under linux.
- The command prompt of the super user is "#", and the command prompt of the ordinary user is "$".
- User switching command
Command: su [username]
Function: Switch users.
“
For example, to switch from the root user to the ordinary user, use su user. To switch from the ordinary user user to the root user, use suroot (root can be omitted). At this time, the system will prompt you to enter the password of the root user.
”
- Switch to root: Use su -, we can switch to the root user (enter the root account password at this time, the password will not be echoed on the screen)
- Switch back to a normal user: Use su – username to switch back to a normal user (you do not need to enter a password at this time, but we do not recommend switching back like this, because when using the su – command, more bash processes will be created)
- It is recommended to switch back to the normal user: enter exit or hit Ctrl d to return to the normal user
2.2 Permission Management
- What are permissions
“
Permissions essentially determine whether someone can do something.
”
- For people: For example, I am the owner of this house, so I can enter and exit the house freely
- Targeting things: I want to eat a computer, I want to play League of Legends on bread, and watch a movie. You can eat bread, but computers cannot. You can eat bread, but you cannot eat computers; this includes two attributes.
“
Files are affected by people and files are affected by their own characteristics (thing attributes), so file permissions = people and things attributes
”
File permission attributes: r (read), w (write), x (execution permission)
Person (not a specific person, but a role): owner, group, other (other)
- Classification of file visitors (person)
- The owner of the file and file directory: u—User (Chinese civilian legal issues)
- The user of the group to which the owner of the file and file directory belongs: g—Group (not much to say)
- Other users: o—Others (foreigners)
- File Types and Access Permissions (Thing Properties)
“
Use the character corresponding to the first column of the multi-column attribute displayed by the command ls -l (ll) to distinguish its file type.
”
“
There is no need to list other, because the one who is not the owner or the group to which it belongs is other
”
Help understand – owner and group
“
Let’s take a simple example. Within a company, two project teams have to complete the same code task. They compete with each other, but the company only provides them with one server. They complete the The code needs to be submitted. This is the code you wrote. It must be only for you and your team leader to see it, and not for your competitor group to see it. This gives rise to the concept of belonging groups.
”
file type
- d: Folder
- -: Ordinary file
- l: Soft link (similar to Windows shortcut)
- b: Block device files (such as hard disk, optical drive, etc.)
- p: pipe file
- c: character device file (such as screen and other serial devices)
- s: socket file
- Basic permissions
i. Read (r/4): For files, Read has the permission to read the file content; for directories, it has the permission to browse the directory information
ii. Write (w/2): For files, Write has the permission to modify the file content; for directories, it has the permission to delete files in the moved directory
iii. Execution (x/1): execute For files, it has the permission to execute the file; for directories, it has the permission to enter the directory
iv. “—” means that you do not have the permission
2.3 Representation method of file permission value
Character representation method
| Linux means | illustrate | Linux | illustrate |
|---|---|---|---|
| r – – | Read only | – w – | Writable only |
| – – x | Executable only | r w – | Readable and writable |
| – w x | Writable and executable | r – x | Readable and executable |
| r w x | Readable, writable and executable | – – – | No permission |
How to represent octal values
| Permission symbol (read, write and execute) | Octal | binary |
|---|---|---|
| #r | 4 | 1 0 0 |
| w | 2 | 0 1 0 |
| x | 1 | 0 0 1 |
| r w | 6 | 1 1 0 |
| r x | 5 | 1 0 1 |
| w x | 3 | 0 1 1 |
| r w x | 7 | 1 1 1 |
| – – – | 0 | 0 0 0 |
权限更改
$ chmod 777 text.c $ chmod 000 text.c $ chmod 640 text.c
2.4 文件访问权限的相关设置方法
chmod
- 功能:设置文件的访问权限
- 格式:chmod [参数] 权限 文件名
- 常用选项:
R -> 递归修改目录文件的权限
说明:只有文件的拥有者和 root 才可以改变文件的权限
- chmod 命令权限值得格式
① 用户表示符 +/-= 权限字符
- +: 向权限范围增加权限代号所表示的权限
- -: 向权限范围取消权限代号所表示的权限
-
=: 向权限范围赋予权限代号所表示的权限
用户符号: - u:拥有者
- g:拥有者同组用
- o:其它用户
- a:所有用户
示例:
“
注意:chmod 可以给拥有者,所属组,其他用户同时修改权限,中间用逗号隔开
”
“
如果要修改不是自己的文件的时候需要 sudo 临时权限提升或者直接切成 root 身份
”
- sudo chmod 用户表示符 +/-= 权限字符 文件名
chown
功能:修改文件的拥有者
格式:chown [参数] 用户名 文件名
实例:
$ sudo chown root test.c// 修改拥有者 $ sudo chown lighthouse test.c// 修改拥有者 $ sudo chown :lighthouse test.c// 修改所属组 $ sudo chown lighthouse:lighthouse test.c// 可以将拥有者、所属组同时修改 $ sudo chown root:root test.c// 可以将拥有者、所属组同时修改
chgrp
功能:修改文件或目录的所属组
格式:chgrp [参数] 用户组名 文件名
常用选项:-R 递归修改文件或目录的所属组
实例:
$ sudo chgrp root text.c $ sudo chgrp lighthouse text.c
2.4 修改文件的掩码
umask
功能:查看或修改文件掩码
语法:umask 权限值
新建文件夹默认权限 = 0666
新建目录默认权限 = 0777
“
但是我们观察到,新建的文件和目录并不是默认的起始权限,这里是什么原因呢?
”
“
原因就是创建文件或目录的时候还要受到 umask 的影响。假设默认权限是 mask,则实际创建的出来的文件权限是:umask & ~umask
”
- 我们也可以通过修改文件的 umask 码值来修改文件的权限:
说明:将现有的存取权限减去权限掩码后,即可产生建立文件时预设权限。超级用户默认掩码值为 0022,普通用户默认为 0002。
2.5 file 指令
file
功能说明:辨识文件类型。
语法:file [选项] 文件或目录…
常用选项:
-c 详细显示指令执行过程,便于排错或分析程序执行的情形。
-z 尝试去解读压缩文件的内容。
- 目录权限
面试题:进入一个目录要什么权限?
- 可读权限: 如果目录没有可读权限,则无法用 ls 等命令查看目录中的文件内容.
- 可写权限: 如果目录没有可写权限,则无法在目录中创建文件, 也无法在目录中删除文件.
- 可执行权限:如果没有目录可执行权限,则无法 cd 到目录中
x r w
- 粘滞位
新发现:
“
就是只要用户具有目录的写权限, 用户就可以删除目录中的文件, 而不论这个用户是否有这个文件的写权限.我创建的一个文件, 凭什么被你一个外人可以删掉
”
结论
如果目录本身对 other 具有 w 权限,other 可以删掉任何目录下的东西
如果目录本身对 other 没有 w 权限,other 则不可以删除
“
我们的需求:other 可以在特定的目录下创建文件并写入,但是不想让任何人删除掉自己的文件
”
这里为了解决这个不科学的问题,Linux 引入了粘滞位的概念
粘滞位
语法:chmod +t 目录名
功能:给目录加上粘滞位
注意
“
Can only be set for directories, generally restricting other permissions. For directories with the sticky bit set, only the owner of the file and the root user can delete it, and others cannot delete it
”
Example:
“
There will be a lot of temporary data when there are multiple people or the system, and all temporary files are placed in the
/tmpdirectory of the system. All permissions need to be released, but you only want the owner of the file to delete his or her own file. This requires setting the sticky bit”
- Summarize
- The executable permissions of a directory indicate whether you can execute commands in the directory.
- If the directory does not have – )
- And if the directory has -x permissions but not -r permissions, the user can execute commands and can cd into the directory. But because there is no read permission to the directory
- Therefore, even if you can execute the ls command in the directory, you still do not have permission to read the documents in the directory.
The above is the detailed content of Detailed explanation of shell operating principle and Linux permissions. For more information, please follow other related articles on the PHP Chinese website!
What are the main tasks of a Linux system administrator?Apr 19, 2025 am 12:23 AMThe main tasks of Linux system administrators include system monitoring and performance tuning, user management, software package management, security management and backup, troubleshooting and resolution, performance optimization and best practices. 1. Use top, htop and other tools to monitor system performance and tune it. 2. Manage user accounts and permissions through useradd commands and other commands. 3. Use apt and yum to manage software packages to ensure system updates and security. 4. Configure a firewall, monitor logs, and perform data backup to ensure system security. 5. Troubleshoot and resolve through log analysis and tool use. 6. Optimize kernel parameters and application configuration, and follow best practices to improve system performance and stability.
Is it hard to learn Linux?Apr 18, 2025 am 12:23 AMLearning Linux is not difficult. 1.Linux is an open source operating system based on Unix and is widely used in servers, embedded systems and personal computers. 2. Understanding file system and permission management is the key. The file system is hierarchical, and permissions include reading, writing and execution. 3. Package management systems such as apt and dnf make software management convenient. 4. Process management is implemented through ps and top commands. 5. Start learning from basic commands such as mkdir, cd, touch and nano, and then try advanced usage such as shell scripts and text processing. 6. Common errors such as permission problems can be solved through sudo and chmod. 7. Performance optimization suggestions include using htop to monitor resources, cleaning unnecessary files, and using sy
What is the salary of Linux administrator?Apr 17, 2025 am 12:24 AMThe average annual salary of Linux administrators is $75,000 to $95,000 in the United States and €40,000 to €60,000 in Europe. To increase salary, you can: 1. Continuously learn new technologies, such as cloud computing and container technology; 2. Accumulate project experience and establish Portfolio; 3. Establish a professional network and expand your network.
What is the main purpose of Linux?Apr 16, 2025 am 12:19 AMThe main uses of Linux include: 1. Server operating system, 2. Embedded system, 3. Desktop operating system, 4. Development and testing environment. Linux excels in these areas, providing stability, security and efficient development tools.
Does the internet run on Linux?Apr 14, 2025 am 12:03 AMThe Internet does not rely on a single operating system, but Linux plays an important role in it. Linux is widely used in servers and network devices and is popular for its stability, security and scalability.
What are Linux operations?Apr 13, 2025 am 12:20 AMThe core of the Linux operating system is its command line interface, which can perform various operations through the command line. 1. File and directory operations use ls, cd, mkdir, rm and other commands to manage files and directories. 2. User and permission management ensures system security and resource allocation through useradd, passwd, chmod and other commands. 3. Process management uses ps, kill and other commands to monitor and control system processes. 4. Network operations include ping, ifconfig, ssh and other commands to configure and manage network connections. 5. System monitoring and maintenance use commands such as top, df, du to understand the system's operating status and resource usage.
Boost Productivity with Custom Command Shortcuts Using Linux AliasesApr 12, 2025 am 11:43 AMIntroduction Linux is a powerful operating system favored by developers, system administrators, and power users due to its flexibility and efficiency. However, frequently using long and complex commands can be tedious and er
What is Linux actually good for?Apr 12, 2025 am 12:20 AMLinux is suitable for servers, development environments, and embedded systems. 1. As a server operating system, Linux is stable and efficient, and is often used to deploy high-concurrency applications. 2. As a development environment, Linux provides efficient command line tools and package management systems to improve development efficiency. 3. In embedded systems, Linux is lightweight and customizable, suitable for environments with limited resources.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
WebStorm Mac version
Useful JavaScript development tools
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
