linux命令 chmod
Control who can access files, search directories, and run scripts using the Linux’s chmod command. This command modifies Linux file permissions, which look complicated at first glance but are actually pretty simple once you know how they work.
使用Linux的chmod命令控制谁可以访问文件,搜索目录以及运行脚本。 此命令修改了Linux文件权限,乍一看看上去很复杂,但是一旦知道它们是如何工作的,实际上就非常简单。
chmod修改文件权限 (chmod Modifies File Permissions)
In Linux, who can do what to a file or directory is controlled through sets of permissions. There are three sets of permissions. One set for the owner of the file, another set for the members of the file’s group, and a final set for everyone else.
在Linux中,谁可以对文件或目录执行操作是由权限集控制的。 有三组权限。 一组用于文件所有者,另一组用于文件组的成员,最后一组用于其他所有人。
The permissions control the actions that can be performed on the file or directory. They either permit, or prevent, a file from being read, modified or, if it is a script or program, executed. For a directory, the permissions govern who can cd into the directory and who can create, or modify files within the directory.
权限控制可以在文件或目录上执行的操作。 它们允许或阻止读取,修改文件,或者如果它是脚本或程序,则禁止执行。 对于目录的权限决定谁可以cd到该目录中,谁可以创建,或在目录中修改文件。
You use the chmod command to set each of these permissions. To see what permissions have been set on a file or directory, we can use ls.
您可以使用chmod命令来设置每个权限 。 要查看对文件或目录设置了哪些权限 ,我们可以使用ls 。
查看和了解文件权限 (Viewing and Understanding File Permissions)
We can use the -l (long format) option to have ls list the file permissions for files and directories.
我们可以使用-l (长格式)选项使ls列出文件和目录的文件许可权。
ls -l
On each line, the first character identifies the type of entry that is being listed. If it is a dash (-) it is a file. If it is the letter d it is a directory.
在每行上,第一个字符标识所列出的条目的类型。 如果是破折号( - ),则为文件。 如果是字母d ,则为目录。
The next nine characters represent the settings for the three sets of permissions.
接下来的9个字符代表三组权限的设置。
The first three characters show the permissions for the user who owns the file (user permissions).
前三个字符显示拥有该文件的用户的权限 ( 用户权限 )。
The middle three characters show the permissions for members of the file’s group (group permissions).
中间的三个字符显示文件组 成员的权限 ( 组权限 )。
The last three characters show the permissions for anyone not in the first two categories (other permissions).
最后三个字符显示不在前两个类别中的任何人的权限( 其他权限 )。
There are three characters in each set of permissions. The characters are indicators for the presence or absence of one of the permissions. They are either a dash (-) or a letter. If the character is a dash, it means that permission is not granted. If the character is an r, w, or an x, that permission has been granted.
每组权限中都有三个字符。 字符是存在权限或不存在权限的指示符。 它们可以是破折号( - )或字母。 如果字符是破折号,则表示未授予许可。 如果字符是r , w或x ,则已授予该权限。
The letters represent:
这些字母代表:
r: Read permissions. The file can be opened, and its content viewed.
r :读取权限。 可以打开文件,并查看其内容。
w: Write permissions. The file can be edited, modified, and deleted.
w :写权限。 可以编辑,修改和删除文件。
x: Execute permissions. If the file is a script or a program, it can be run (executed).
x :执行权限。 如果文件是脚本或程序,则可以运行(执行)文件。
For example:
例如:
---means no permissions have been granted at all.---表示根本没有授予任何权限。rwxmeans full permissions have been granted. The read, write, and execute indicators are all present.rwx表示已授予完全权限。 读,写和执行指示符全部存在。
In our screenshot, the first line starts with a d. This line refers to a directory called “archive.” The owner of the directory is “dave,” and the name of the group that the directory belongs to is also called “dave.”
在我们的屏幕截图中,第一行以d开头。 该行引用的目录称为“存档”。 目录的所有者为“ dave”,目录所属的组的名称也称为“ dave”。
The next three characters are the user permissions for this directory. These show that the owner has full permissions. The r, w, and x characters are all present. This means the user dave has read, write and execute permissions for that directory.
接下来的三个字符是该目录的用户权限。 这些表明所有者拥有完全权限。 r , w和x字符都存在。 这意味着用户dave具有该目录的读取,写入和执行权限。
The second set of three characters are the group permissions, these are r-x. These show that the members of the dave group have read and execute permissions for this directory. That means they can list the files and their contents in the directory, and they can cd (execute) into that directory. They do not have write permissions, so they cannot create, edit, or delete files.
第二组三个字符是组权限,它们是rx 。 这些表明dave组的成员对该目录具有读取和执行权限。 这意味着他们可以列出目录中的文件及其内容,并且可以cd (执行)到该目录中。 它们没有写权限,因此无法创建,编辑或删除文件。
The final set of three characters are also r-x. These permissions apply to people who are not governed by the first two sets of permissions. These people (called”others”) have read and execute permissions on this directory.
最后三个字符集也是rx 。 这些权限适用于不受前两组权限控制的人员。 这些人(称为“其他”)具有对该目录的读取和执行权限。
So, to summarise, group members and others have read and execute permissions. The owner, a user called dave, also has write permissions.
因此,总而言之,组成员和其他成员具有读取和执行权限。 所有者(名为dave的用户)也具有写权限。
For all of the other files (apart from the mh.sh script file) dave and members of the dave group have read and write properties on the files, and the others have read permissions only.
对于所有其他文件(除了mh.sh脚本文件),dave和dave组的成员对该文件具有读写属性,而其他文件仅具有读取权限。
For the special case of the mh.sh script file, the owner dave and the group members have read, write, and execute permissions, and the others have read and execute permissions only.
对于mh.sh脚本文件的特殊情况,所有者dave和组成员具有读取,写入和执行权限,而其他成员仅具有读取和执行权限。
了解权限语法 (Understanding The Permission Syntax)
To use chmod to set permissions, we need to tell it:
要使用chmod设置权限,我们需要告诉它:
Who: Who we are setting permissions for.
谁:我们正在为其设置权限的人。
What: What change are we making? Are we adding or removing the permission?
什么 :我们正在做出什么改变? 我们要添加还是删除权限?
Which: Which of the permissions are we setting?
哪个 :我们要设置哪个权限?
We use indicators to represent these values, and form short “permissions statements” such as u+x, where “u” means ” user” (who), “+” means add (what), and “x” means the execute permission (which).
我们使用指标来表示这些值,并形成简短的“权限声明”,例如u+x ,其中“ u”表示“用户”(谁),“ +”表示添加(什么),“ x”表示执行权限(哪一个)。
The “who” values we can use are:
我们可以使用的“谁”值是:
u: User, meaning the owner of the file.
u :用户,表示文件的所有者。
g: Group, meaning members of the group the file belongs to.
g :组,表示文件所属组的成员。
o: Others, meaning people not governed by the
uandgpermissions.o :其他,表示不受
u和g权限控制的人。a: All, meaning all of the above.
a :全部,表示以上所有内容。
If none of these are used, chmod behaves as if “a” had been used.
如果未使用这些参数,则chmod行为就像使用了“ a ”一样。
The “what” values we can use are:
我们可以使用的“ what”值是:
–: Minus sign. Removes the permission.
– :减号。 删除权限。
+: Plus sign. Grants the permission. The permission is added to the existing permissions. If you want to have this permission and only this permission set, use the
=option, described below.+ :加号。 授予权限。 该权限将添加到现有权限中。 如果要拥有此权限并且仅设置此权限,请使用
=选项,如下所述。=: Equals sign. Set a permission and remove others.
= :等号。 设置权限并删除其他权限。
The “which ” values we can use are:
我们可以使用的“哪些”值是:
r: The read permission.
r :读取权限。
w: The write permission.
w :写入权限。
x: The execute permission.
x :执行权限。
设置和修改权限 (Setting And Modifying Permissions)
Let’s say we have a file where everyone has full permissions on it.
假设我们有一个文件,每个人都对此文件拥有完全权限。
ls -l new_ file.txt
We want the user dave to have read and write permissions and the group and other users to have read permissions only. We can do using the following command:
我们希望用户dave具有读取和写入权限,而组和其他用户仅具有读取权限。 我们可以使用以下命令:
chmod u=rw,og=r new_file.txt
Using the “=” operator means we wipe out any existing permissions and then set the ones specified.
使用“ =”运算符意味着我们清除所有现有权限,然后设置指定的权限。
let’s check the new permission on this file:
让我们检查一下该文件的新权限:
ls -l new_file.txt
The existing permissions have been removed, and the new permissions have been set, as we expected.
正如我们期望的那样,现有权限已被删除,新的权限已被设置。
How about adding a permission without removing the existing permissions settings? We can do that easily too.
如何在不删除现有权限设置的情况下添加权限? 我们也可以轻松做到这一点。
Let’s say we have a script file that we have finished editing. We need to make it executable for all users. Its current permissions look like this:
假设我们有一个完成编辑的脚本文件。 我们需要使其对所有用户可执行。 其当前权限如下所示:
ls -l new_script.sh
We can add the execute permission for everyone with the following command:
我们可以使用以下命令为每个人添加执行权限:
chmod a+x new_script.sh
If we take a look at the permissions, we’ll see that the execute permission is now granted to everyone, and the existing permissions are still in place.
如果我们查看权限,我们将看到执行权限现在已授予所有人,并且现有权限仍然存在。
ls -l new_script.sh
We could have achieved the same thing without the “a” in the “a+x” statement. The following command would have worked just as well.
如果没有“ a + x”语句中的“ a”,我们本可以实现相同的目标。 以下命令也可以正常工作。
chmod +x new_script.sh
设置多个文件的权限 (Setting Permissions for Multiple Files)
We can apply permissions to multiple files all at once.
我们可以一次将权限应用于多个文件。
These are the files in the current directory:
这些是当前目录中的文件:
ls -l
Let’s say we want to remove the write permissions for the “other” users from files that have a “.page” extension. We can do this with the following command:
假设我们要从扩展名为“ .page”的文件中删除“其他”用户的写权限。 我们可以使用以下命令执行此操作:
chmod o-r *.page
Let’s check what effect that has had:
让我们检查一下产生了什么影响:
ls -l
As we can see, the read permission has been removed from the “.page” files for the “other” category of users. No other files have been affected.
如我们所见,针对“其他”类别的用户,已从“ .page”文件中删除了读取权限。 没有其他文件受到影响。
If we had wanted to include files in subdirectories, we could have used the -R (recursive) option.
如果我们想在子目录中包含文件,则可以使用-R (递归)选项。
chmod -R o-r *.page
数字速记 (Numerical Shorthand)
Another way to use chmod is to provide the permissions you wish to give to the owner, group, and others as a three-digit number. The leftmost digit represents the permissions for the owner. The middle digit represents the permissions for the group members. The rightmost digit represents the permissions for the others.
使用chmod另一种方法是将您希望给予所有者,组和其他人的权限提供为三位数的数字。 最左边的数字代表所有者的权限。 中间数字代表组成员的权限。 最右边的数字代表其他权限。
The digits you can use and what they represent are listed here:
此处列出了您可以使用的数字及其代表的含义:
- 0: (000) No permission. 0:(000)无权限。
- 1: (001) Execute permission. 1:(001)执行权限。
- 2: (010) Write permission. 2:(010)写入权限。
- 3: (011) Write and execute permissions. 3:(011)写入和执行权限。
- 4: (100) Read permission. 4:(100)读取权限。
- 5: (101) Read and execute permissions. 5:(101)读取和执行权限。
- 6: (110) Read and write permissions. 6:(110)读写权限。
- 7: (111) Read, write, and execute permissions. 7:(111)读,写和执行权限。
Each of the three permissions is represented by one of the bits in the binary equivalent of the decimal number. So 5, which is 101 in binary, means read and execute. 2, which is 010 in binary, would mean the write permission.
三种权限中的每一种都由与十进制数字二进制等效的位之一表示。 因此5(二进制101)表示读取并执行。 2(二进制为010)表示具有写权限。
Using this method, you set the permissions that you wish to have; you do not add these permissions to the existing permissions. So if read and write permissions were already in place you would have to use 7 (111) to add execute permissions. Using 1 (001) would remove the read and write permissions and add the execute permission.
使用此方法,您可以设置所需的权限。 您不将这些权限添加到现有权限。 因此,如果已经具有读写权限,则必须使用7(111)添加执行权限。 使用1(001)将删除读取和写入权限,并添加执行权限。
Let’s add the read permission back on the “.page” files for the others category of users. We must set the user and group permissions as well, so we need to set them to what they are already. These users already have read and write permissions, which is 6 (110). We want the “others” to have read and permissions, so they need to be set to 4 (100).
让我们在“ .page”文件上为其他类别的用户添加读取权限。 我们还必须设置用户和组权限,因此我们需要将它们设置为已经存在的权限。 这些用户已经具有读写权限,为6(110)。 我们希望“其他”具有读取权限,因此需要将其设置为4(100)。
The following command will accomplish this:
以下命令将完成此操作:
chmod 664 *.page
This sets the permissions we require for the user, group members, and others to what we require. The users and group members have their permissions reset to what they already were, and the others have the read permission restored.
这会将我们对用户,组成员和其他人所需的权限设置为我们所需的权限。 用户和组成员的权限已重置为原来的权限,其他成员和用户的读取权限已恢复。
ls -l
高级选项 (Advanced Options)
If you read the man page for chmod you’ll see there are some advanced options related to the SETUID and SETGID bits, and to the restricted deletion or “sticky” bit.
如果阅读 chmod 的手册页 ,您会看到一些与SETUID和SETGID位以及受限制的删除或“粘滞”位相关的高级选项。
For 99% of the cases you’ll need chmod for, the options described here will have you covered.
对于99%的情况,您将需要chmod ,这里介绍的选项将为您服务。
翻译自: https://www.howtogeek.com/437958/how-to-use-the-chmod-command-on-linux/
linux命令 chmod
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
