If you share your Ubuntu machine with other people, you probably have multiple users set up, thinking that the other users log into their own accounts and only have access to their own home directories. However, by default, any user can access any home directory.
如果您与其他人共享Ubuntu计算机,则可能会设置多个用户,以为其他用户登录自己的帐户并且只能访问自己的主目录。 但是,默认情况下,任何用户都可以访问任何主目录。
When you add a new user in Ubuntu, the adduser utility creates a new home directory for the new account. By default, the new home directory is placed in the /home/ directory on the root followed by the username. For example, /home/lori. User home directories in Ubuntu are created with world read/execute permissions, giving all other users on the system rights to read the contents of other users’ home directories. See our article for more information about how file permissions work in Linux.
在Ubuntu中添加新用户时,adduser实用程序将为新帐户创建一个新的主目录。 默认情况下,新的主目录位于用户根目录下的/ home /目录中。 例如,/ home / lori。 在Ubuntu中创建的用户主目录具有全局读取/执行权限,从而赋予系统上的所有其他用户读取其他用户主目录内容的权限。 请参阅我们的文章,以获取有关文件权限在Linux中如何工作的更多信息。
NOTE: When we say to type something in this article and there are quotes around the text, DO NOT type the quotes, unless we specify otherwise.
注意:当我们说要在本文中键入某些内容并且文本周围有引号时,请不要键入引号,除非我们另外指定。
You can easily change the permissions for your home directory to protect your private files. To check the permissions on your home directory, press Ctrl+Alt+T to open a Terminal window. Type the following line at the prompt and press Enter. Replace “lori” with your own username.
您可以轻松更改主目录的权限以保护私有文件。 要检查主目录上的权限,请按Ctrl + Alt + T打开“终端”窗口。 在提示符下键入以下行,然后按Enter。 用您自己的用户名替换“ lori”。
ls –ld /home/lori
ls –ld / home / lori
NOTE: The command contains only lowercase L’s not the number 1.
注意:该命令仅包含小写的L而不是数字1。
At the beginning of the line, the permissions for the file are listed. As said in our article about Linux permissions:
在该行的开头,列出了文件的权限。 正如我们在有关Linux权限的文章中所述:
“The r stands for “read,” the w stands for “write,” and the x stands for “execute.” Directories will start with a “d” instead of a “-“. You’ll also notice that there are 10 spaces which hold value. You can ignore the first, and then there are 3 sets of 3. The first set is for the owner, the second set is for the group, and the last set is for the world.”
“ r代表“读取”, w代表“写入”, x代表“执行”。 目录将以“ d”而不是“-”开头。 您还会注意到,有10个保留值的空格。 您可以忽略第一个,然后有3组,每组3个。第一个组用于所有者,第二组用于组,最后一组用于世界。”
So, the home directory listed below has read, write, and execute permissions for the owner and read and execute permission for the group and world.
因此,下面列出的主目录具有所有者的读取,写入和执行权限,以及组和世界的读取和执行权限。
To change these permissions, type the following line at the prompt and press Enter.
要更改这些权限,请在提示符下键入以下行,然后按Enter。
sudo chmod 0750 /home/lori
须藤chmod 0750 / home / lori
Type your password when prompted and press Enter.
出现提示时输入密码,然后按Enter。
NOTE: The chmod command uses octal numbers as one way to indicate permissions. Our article about Linux file permissions uses a different method that requires more steps but may be easier to understand. Using the octal numbers to specify permissions is a quicker method. Use whichever method with which you are more comfortable. To learn about using octal numbers to set permissions, see this article.
注意:chmod命令使用八进制数字作为指示权限的一种方法。 我们有关Linux文件权限的文章使用了另一种方法,该方法需要更多步骤,但可能更易于理解。 使用八进制数字指定权限是一种更快的方法。 使用更舒适的方法。 要了解有关使用八进制数字设置权限的信息,请参阅本文。
Press the up arrow twice to use the “ls –ld /home/<username>” command again to check the permissions. Notice that the permissions for world are all dashes (-). That means that the world cannot read, write, or execute anything in your home directory.
按两次向上箭头以再次使用“ ls –ld / home / <用户名>”命令检查权限。 请注意,world的权限全为短划线(-)。 这意味着世界无法读取,写入或执行主目录中的任何内容。
However, users in the same group as you can read and execute files and folders in your home directory. If you don’t want anyone else but yourself to have access to your home directory, enter “0700” as the numbers in the chmod command.
但是,与您在同一组中的用户可以读取和执行主目录中的文件和文件夹。 如果您除了自己之外不希望其他人访问您的主目录,请在chmod命令中输入“ 0700”作为数字。
NOTE: For more information about managing users and groups in Linux, see our article.
注意:有关在Linux中管理用户和组的更多信息,请参阅本文。
To close the terminal window, type “exit” at the prompt and press Enter.
要关闭终端窗口,请在提示符下键入“ exit”,然后按Enter。
Now, when other users on the system try to access your home directory, the following dialog box displays.
现在,当系统上的其他用户尝试访问您的主目录时,将显示以下对话框。
You can also set up Ubuntu to use specific permissions when setting up the home directory for a new user you are creating. To do this, you need to edit the adduser configuration file. To do this, type the following command at the prompt and press Enter.
您还可以将Ubuntu设置为在为要创建的新用户设置主目录时使用特定权限。 为此,您需要编辑adduser配置文件。 为此,请在提示符下键入以下命令,然后按Enter。
gksudo gedit /etc/adduser.conf
gksudo gedit /etc/adduser.conf
We are using gedit to edit the file. You can use a different text editor if you want.
我们正在使用gedit编辑文件。 如果需要,可以使用其他文本编辑器。
NOTE: The gksudo command is like the sudo command but is used to run graphical programs as root. The sudo command is used to run command line programs as root.
注意:gksudo命令类似于sudo命令,但用于以root用户身份运行图形程序。 sudo命令用于以root用户身份运行命令行程序。
Enter your password in the Password edit box on the dialog box that displays and press Enter or click OK.
在显示的对话框的“密码”编辑框中输入密码,然后按Enter或单击“确定”。
Scroll down to the DIR_MODE command in the adduser.conf file. The number set is “0755” by default. Change it to reflect the different types of permissions (r, w, x) you want to grant to the different types of users (owner, group, world), such as “0750” or “0700” as discussed earlier. Click Save.
向下滚动到adduser.conf文件中的DIR_MODE命令。 默认设置为“ 0755”。 更改它以反映您想要授予不同类型的用户(所有者,组,世界)的不同类型的权限(r,w,x),例如前面讨论的“ 0750”或“ 0700”。 单击保存。
Close gedit by selecting Quit from the File menu. You can also click the X button in the upper-left corner of the window to close gedit.
通过从文件菜单中选择退出来关闭gedit。 您也可以单击窗口左上角的X按钮以关闭gedit。
Close the Terminal window by clicking the X in the upper-left corner of the window.
通过单击窗口左上角的X,关闭“终端”窗口。
Now, the files in your home directory will remain private. Just remember that, if there are other users in the same group as you, you might want to take away the permissions for both group and world for your home directory.
现在,您的主目录中的文件将保持私有状态。 请记住,如果与您在同一组中还有其他用户,则可能要取消主目录的组和世界权限。
656
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
