Red Hat RHCSARHCE 7 Cert Guide（五）

zhangleivod

1.find / -user linda
  find / -group users
  chown -R linda /home/linda
  chown .account /home/account
  chown :account /home/account
  chown lisa.sales myfile
  chown lisa:sales myfile

  chgrp account /home/account
  chgrp -R account /home/account
  groupmems -g account -l  查看组中有那些用户
  groups username 查看用户在那些组
  newgrp   #change the effective primary group
2.Use of Read, Write, and Execute Permissions
        Permission                                        Applied to Files                                                Applied to Directories
        Read                                                Open a file                                                                List contents of directory
        Write                                        Change contents of a file                                        Create and delete files and modify        permissions on files
        Execute                                        Run a program file                                                        Change to the directory
3.chmod -R:递归所有
        chmod 755 /somefile
        chmod +x somefile
        chmod g+w,o-r somefile
4.SUID：(ugt:421)
        (That makes that when changing his password, the user temporarily has root permissions, which allows him to write to the /etc/shadow file.)
        ls -l /usr/bin/passwd
        -rwsr-xr-x. 1 root root 32680 Jan 28 2010 /usr/bin/passwd
  SGID:
        (If applied on an executable file, it gives the user who executes the file the permissions of the group owner of that file.)
        (When applied to a directory, SGID may be useful, because you can use it to set default group ownership on files and subdirectories created in that directory.)
        (the SGID permission is a very useful permission to set on shared group directories.)
  sticky bit
        (If sticky bit is applied, a user may delete a file only if he is the user owner of the file or of the directory that contains the file.)
5.To apply SUID, SGID, and sticky bit, you can use chmod as well. SUID has numeric value 4, SGID has numeric value 2, and sticky bit has numerical value 1.
        chmod 2755 /somedir
        I recommend working in relative mode if you need to apply any of the special permissions:
                chmod u+s
                chmod g+s
                chmod +t
6.ACL(The tar utility does not support ACLs. To make sure that your ACL settings are not lost when you make a backup, use star instead of tar. star works with exactly the
        same options as tar; it just adds support for ACL settings as well.)
        getfacl /home
        add an ACL to give read and execute permissions to the group sales as well
                setfacl -m g:sales:rx /dir
        (-m indicates that the current ACL settings need to be modified)
        (g:sales:rx tells the command to set the ACL to read and execute ( rx ) for the group ( g ) sales)
        If you want others not to get any permissions on anything that is created in /data, for example, use setfacl -m d:o::- /data .
        setfacl -m d:g:account:rwx,g:sales:rx /data/sales
7.umask(file:666，Dir:777)
8.chattr +s somefile
  chattr -s somefile
  lsattr
9.If you want others not to get any permissions on anything that is created in /data, for example, use setfacl -m d:o::- /data