基本属性与特殊属性-CSDN博客

基本属性：

[root@localhost tmp]# mkdir test
[root@localhost tmp]# ls -ld test
drwxr-xr-x 2 root root 4096 Sep 30 10:50 test
[root@localhost tmp]# cd test
[root@localhost test]# touch 1
[root@localhost test]# cd ..
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxr-xr-x 2 root root 4096 Sep 30 10:50 test
[test@localhost tmp]$ ls -l test
total 0
-rw-r--r-- 1 root root 0 Sep 30 10:50 1
[test@localhost tmp]$ cd test
[test@localhost test]$ cd ..

目录有r,x权限时可正常ls

[root@localhost tmp]# chmod 770 test
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxrwx--- 2 root root 4096 Sep 30 10:50 test
[test@localhost tmp]$ ls -l test
ls: cannot open directory test: Permission denied
[test@localhost tmp]$ cd test
-bash: cd: test: Permission denied

目录没有r时无法正常ls查看，无x无法进入

[root@localhost tmp]# chmod 771 test
[root@localhost tmp]# touch test/1.txt
[root@localhost tmp]# chmod 777 test/1.txt
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxrwx--x 2 root root 4096 Sep 30 10:50 test
[test@localhost tmp]$ ls -l test
ls: cannot open directory test: Permission denied
[test@localhost tmp]$ cd test
[test@localhost test]$ ls
ls: cannot open directory .: Permission denied
[test@localhost test]$ rm 1.txt
rm: cannot remove `1.txt': Permission denied
[test@localhost test]$ mv 1.txt 2.txt
mv: cannot move `1.txt' to `2.txt': Permission denied
[test@localhost test]$ vi 1.txt
[test@localhost test]$ ls /tmp/ > 1.txt
[test@localhost test]$ cat 1.txt
aaa.txt
bbb.txt
log
log2
OSL_PIPE_0_SingleOfficeIPC_44e0c34da8623980ccf9f8299a62e4fb
passwd
test
test2.sh
test.sh
[test@localhost test]$ cd ..

目录有x时可进入，无w无法mv与rm，但文件本身有r,w权限，所以可以修改文件自身

[root@localhost tmp]# chmod 772 test
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxrwx-w- 2 root root 4096 Sep 30 10:50 test
[test@localhost tmp]$ ls -l test
ls: cannot open directory test: Permission denied
[test@localhost tmp]$ cd test
-bash: cd: test: Permission denied
[test@localhost tmp]$ mv test/1.txt test/2.txt
mv: accessing `test/2.txt': Permission denied
[test@localhost tmp]$ rm test/1.txt
rm: cannot remove `test/1.txt': Permission denied

目录只有w权限时，无法进入，无法ls，无法mv、rm操作

[root@localhost tmp]# chmod 773 test
[root@localhost tmp]# chmod 770 test/1.txt
[root@localhost tmp]# ll test/1.txt
-rwxrwx--- 1 root root 0 Oct  9 20:50 test/1.txt
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxrwx-wx 2 root root 4096 Sep 30 10:50 test
[test@localhost tmp]$ ls -l test
ls: cannot open directory test: Permission denied
[test@localhost tmp]$ cd test
[test@localhost test]$ mv 1.txt 2.txt
[test@localhost test]$ rm 2.txt
rm: remove write-protected regular empty file `2.txt'? y
[test@localhost test]$ cd ..

目录没有r权限无法ls，目录有w权限即可对文件夹下的名称进行rm或mv，与文件本身有没有w权限无关

[root@localhost tmp]# cd test
[root@localhost test]# touch 2
[root@localhost tmp]# chmod 774 test
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxrwxr-- 2 root root 4096 Sep 30 10:53 test
[test@localhost tmp]$ ls -l test
ls: cannot access test/2: Permission denied
total 0
-????????? ? ? ? ?            ? 2

ls查看时如果没有x权限，只能查看文件名不能查看文件属性

[root@localhost test]# chmod 775 ../test
[root@localhost test]# chmod 777 2
-----------------------------------------
[test@localhost tmp]$ ls -ld test
drwxrwxr-x 2 root root 4096 Oct  9 20:53 test
[test@localhost tmp]$ cd test
[test@localhost test]$ mv 2 4
mv: cannot move `2' to `4': Permission denied
[test@localhost test]$ rm 2
rm: cannot remove `2': Permission denied
[test@localhost test]$ ls /tmp/ > 2
[test@localhost test]$ cat 2
aaa.txt
bbb.txt
log
log2
OSL_PIPE_0_SingleOfficeIPC_44e0c34da8623980ccf9f8299a62e4fb
passwd
test
test2.sh
test.sh

此时无法删除，但可编辑

[root@localhost test]# chmod 777 ../test
[root@localhost test]# chmod 770 2
-----------------------------------------
[test@localhost test]$ ll
total 8
-rwxrwx--- 1 root root   11 Oct  9 20:19 2
drwxrwx--- 2 root root 4096 Oct  9 20:04 testr
[test@localhost test]$ mv 2 7
[test@localhost test]$ rm 7
rm: remove write-protected regular file `7'? y

此时可mv与rm

总结：x能否进入目录，r能否ls查看目录下的文件，w能否修改目录下文件名称及删除文件等；需要修改文件本身，如vi则需要判断文件本身有没有r,w权限。(用户执行chmod修改某个文件或文件夹，就算权限都有，也只能文件所有者或root能执行)

特殊属性：

设置后, 可以用 ls -l 来查看. 如果本来在该位上有x, 则这些特殊标志显示为小写字母 (s, s, t). 否则, 显示为大写字母 (S, S, T)
eg:
rwsrw-r-- 表示有setuid标志
rwxrwsrw- 表示有setgid标志
rwxrw-rwt 表示有sticky标志
添加
chmod u+s 文件夹
chmod g+s 文件夹
chmod o+t 文件夹
删除
chmod u-s 文件夹
chmod g-s 文件夹
chmod o-t 文件夹
0: 不设置特殊权限
1: 只设置sticky
2: 只设置SGID
3: 只设置SGID和sticky
4: 只设置SUID
5: 只设置SUID和sticky
6: 只设置SUID和SGID
7: 设置3种权限

[root@localhost tmp]# umask
0022
-----------------------------------------
[test@localhost ~]$ umask
0002
[test@localhost tmp]$ id test
uid=505(test) gid=505(test) groups=505(test)
[test@localhost tmp]$ ls -l /usr/bin/passwd /etc/passwd
-rw-r--r--  1 root root  1783 Sep 29 15:34 /etc/passwd
-rwsr-xr-x. 1 root root 30768 Feb 22  2012 /usr/bin/passwd

/etc/passwd此文件只有root有修改权限，将/usr/bin/passwd设置setuid后，其它用户执行/usr/bin/passwd修改/etc/passwd会以root权限修改。

[root@MS8500 test]# ls -ld /tmp
drwxrwxrwt. 4 root root 4096 Oct  9 20:42 /tmp

t是只能所有者能删除，其他人员就算有权限也不能删除（主要用户文件夹，让用户有w权限添加文件，但没有权限删除）