linux under the site directory to assign permissions of experience and skills summary
- 2020-06-07 05:58:40
- OfStack
preface
Search the web site folder permissions configuration 1 is generally: folder permissions minimum permissions 755 files minimum permissions 644
It's easy to understand how to read, write, and execute files, but folder permissions need to be sorted out. Here are some of my experiences to share with you.
The early stage of the work
Start by creating a folder test
mkdir test
Create 1.txt file in this directory and write 111
cat > 1.txt
111
Now exit the directory to parse the directory permissions one by one
Do not create folders with root users because the file permissions configuration is not valid for root users
Executable permissions for directories
chmod 111 test
After testing, only at this time
cd test
Enter the directory, but neither the ls column directory nor the
touch 2.txt
1 new file, however
cat 1.txt
You can still read the content
So we conclude
The executable permission of the directory is that the user can enter or switch to the directory, but cannot list the directory and create a new file. The permission that can read the original file belongs to the file is set as readable
Writable permissions for directories
chmod 222 test
The most obvious change is that the directory is darker (ps, which is also darker when the file is given executible weight)
Try 1 of our common commands
ls test
cd test
cat test/1.txt
touch test/2.txt
The result is nothing
ubuntu@VM-8-81-ubuntu:~$ ls test
ls: cannot open directory test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cd test
bash: cd: test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt
cat: test/1.txt: Permission denied
ubuntu@VM-8-81-ubuntu:~$ touch test/2.txt
touch: cannot touch ' test/2.txt': Permission denied
Now we are adding executable permissions to the directory
chmod 333 test
It was found that the ls column directory was not working
cd touch cat
Can be executed, so draw a conclusion
linux folder to create files, you must have writeable permissions, which is 333. If you just give write permissions, nothing will be done
Readable permissions for directories
chmod 444 test
ubuntu@VM-8-81-ubuntu:~$ ls test
ls: cannot access test/1.txt: Permission denied
ls: cannot access test/2.txt: Permission denied
1.txt 2.txt
ubuntu@VM-8-81-ubuntu:~$ cd test
bash: cd: test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt
cat: test/1.txt: Permission denied
Summary: The readable permission of the directory can be column directory
The site only has readable permissions and can only list directories. Other cd cat cannot be implemented. So what is the site setting 555 permissions
ubuntu@VM-8-81-ubuntu:~$ chmod 555 test
ubuntu@VM-8-81-ubuntu:~$ cd test/
ubuntu@VM-8-81-ubuntu:~/test$ ls
1.txt 2.txt
ubuntu@VM-8-81-ubuntu:~/test$ touch 3,txt
touch: cannot touch ' 3,txt': Permission denied
As you can see, the touch command is not able to create a new file
At this point, it's easy to figure out that the 666 permissions folder is readable and writable but has no execute permissions, so you can't access the directory, but once you have readable and writable, you have all the basic permissions, so 777 permissions is the maximum permissions for the folder
After reviewing the first sentence of the article, the minimum permission of folder and file is 755 and 644 respectively
There is a user permission assignment problem
When chmod modifies the permissions, there are 3 groups of access permissions for each 1 file or directory. Each group is represented by 3 bits, namely the read, write and execute permissions of the file's owner. Read, write, and execute permissions for users in the same group as the owner; Read, write, and execute permissions for other users in the system
Folder permissions 7 and file permissions are 6 to linux management user distribution, apache www ordinary users to visit the web site the user by default, so the file permissions 755 namely, ordinary users can only has the authority to view and browse the site, but without creating file or upload file permissions, such as 1, if you need a special folder upload or tmp 1 folder to store some temporary files, you need to set up the folder permissions to 777, 644 namely can only view the file permissions but cannot be modified
conclusion