一、三个特殊权限
set_uid
含义:特殊权限SetUID 是指:当一个具有执行权限的文件设置SetUID权限后,用户执行这个文件时将以文件所有者的身份执行。该权限仅设置给二进制文件时才有具体作用,其余文件或文件目录设置此权限无意义。如passwd命令
示例:
(一)设置set_uid权限的方法:
同样使用chmod命令
这时普通用户就可以使用ls命令查看/root 文件目录里的内容了。
2、命令缺乏X权限时设置通过“chmod u=rws”设置set_uid权限时会变成rwS权限,但不影响效果。
(二)set_gid
含义:该权限对目录有效. 目录被设置该位后, 任何用户在此目录下创建的文件都具有和该目录所属的组相同的组.
示例:
1)先查看/tmp/linux/文件夹的用户所属组,都是root。
我把他的所属组改为test1
2)这时我新建一个文件,他所属组仍然是root:
3)现在我给这个目录赋予set_gid权限,再新建一个文件
他的所属组就变成test1了。
这里对比3.txt和4.txt看的很明显。
(三)stick_bit
含义:除非目录的属主和root用户有权限删除它,除此之外其它用户不能删除和修改这个目录。
** wiki中的英文释义:** In computing, the sticky bit is a user ownership access right flag that can be assigned to files and directories on Unix-like systems.When a directory's sticky bit is set, the filesystem treats the files in such directories in a special way so only the file's owner, the directory's owner, or root user can rename or delete the file. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of the file's owner. Typically this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files.The modern function of the sticky bit was introduced in 4.3BSD[discuss] in 1986, and is found in most modern Unix-like systems.
系统中“/tmp/”目录自带该权限
给目录加上stick_bit
(四)查看文件或目录特殊权限位命令
ls -l命令
stat -c %a%A
最前面这个数字表示uid、gid、stickybit情况,4=uid、2=gid、1=stickybit。所以也可以使用chmod+4700这种方式来设置文件的特殊权限。
二、软链接与硬链接
(一)含义
软链接:又叫符号链接,简单理解就是windows中的快捷方式,你删除原始文件会使软链接文件失效。软链接可以跨分区链接目录与文件,做软链接时尽量使用绝对路径。注意:软件链接文件不是一个独立的文件,它的许多属性依赖于源文件,所以给符号链接文件设置存取权限是没有意义的。
比如下面这个文件,文件头标识为l:
wiki中的英文解释:Symbolic links are special files which when encountered during pathname resolution modify the pathname resolution to be taken to the location which the symbolic link contains. The content of the symbolic link is therefore the destination path string, which can also be examined using the readlink command line utility.[8] The symbolic link may contain an arbitrary string which does not refer to the location of an existing file, such a symbolic link will fail until a file is created at the location which is contained by the symbolic link. By contrast a symbolic link to an existing file will fail if the existing file is moved to a different location (or renamed).[5]
硬链接:与普通文件没什么不同,inode 都指向同一个文件在硬盘中的区块。注意,系统不支持对目录做硬链接。文件硬链接不能跨分区
wiki中的英文解释:Hard links also known simply as links are objects that associate the filename with the inode and therefore the file contents itself.[1] A given file on disk could have multiple links scattered through the directory hierarchy with all of the links being equivalent since they all associate with the same inode.[5] Creating a link therefore does not copy the contents of the file but merely causes another name to be associated with the same contents. Each time a hard link is created a link counter that is a part of the inode structure gets incremented; a file is not deleted until its reference count reaches zero.[1][6] Hard links can however only be created on the same file system; this can prove to be a particular disadvantage.
@一篇IBM网站上的文章”理解 Linux 的硬链接与软链接“能更好理解linux的文件系统。
(二)ln命令
ln命令用来为文件创件连接,连接类型分为硬连接和软连接两种,默认的连接类型是硬连接。如果要创建软连接必须使用"-s"选项。
语法:ln(选项)(参数)
选项:-s —symbolic:对源文件建立符号连接,而非硬连接;
示例:
1、给文件制作软链接文件
ln -s +原始文件 +软链接文件
结果
2、给目录制作软链接
3、创建文件的硬链接
本文转自 whytl 51CTO博客,原文链接:http://blog.51cto.com/11934539/2053098
