Linux服务器 Linux Permission Management Linux User Permissions chmod Tutorial User Group Management Linux Basics 2025-12-08 84 views

Why Linux Permission Management is Necessary?

In the computer world, permissions are like keys that determine who can open which doors. As a multi-user operating system, Linux assigns each user (such as yourself, me, system services) unique “keys” to access files, directories, or execute commands. Without permission management, any user could delete system files or view others’ private data, leading to system chaos. Thus, permission management serves two primary purposes:
1. Protect System Security: Prevent accidental operations or malicious behavior.
2. Facilitate Collaboration: Allow different users to obtain appropriate permissions based on task requirements (e.g., regular users only handle their own files, while administrators manage the entire system).

Core Concepts: Users, Groups, and Permissions

To understand permissions, you must first grasp three fundamental concepts: User, Group, and Permission Type.

1. User

In Linux, each user has a unique identity. For example, a user you create might be named “Xiaoming,” while system-built-in users include “root” (the super administrator).
- Regular User: E.g., Xiaoming, who only performs daily operations (viewing files, writing personal documents) with limited permissions.
- System User: E.g., “nobody,” “daemon”—used exclusively by system services with minimal permissions to prevent service programs from overstepping boundaries.
- Root User: The system’s “super administrator,” with full permissions but extreme danger (misoperations can destroy the system). It is recommended to use root sparingly for daily tasks.

2. Group

A group is a “small team” for users, where multiple users can join the same group for unified permission management. For example, all members of a development team join the “dev” group, and the team leader grants “write code” permissions to group members, while users outside the group lack this access.
- Each file/directory also has an “owning group,” which defaults to the same group as the user who created it.

3. Permission Types

In Linux, permissions for each file/directory are divided into three categories, targeting different user groups:
- Owner: The user who created the file, with default highest permissions.
- Group: The group the file belongs to; group members share group permissions.
- Others: All other users in the system excluding the owner and their group.

Each category has three operations: Read (r), Write (w), and Execute (x).

Permission Table: What Do rwx Mean?

Permission Type Read (r) Write (w) Execute (x)
File View content Modify content Run a program (e.g., scripts, executables)
Directory List contents (ls) Create/delete files Enter directory (cd)

Example: -rwxr-xr-- means:
- Owner (first rwx): Read, Write, Execute (7)
- Group (middle r-x): Read, Execute (5)
- Others (last r--): Read Only (4)

How to View and Modify Permissions?

1. View Permissions: ls -l

Execute ls -l (or ll, a shorthand for ls -l) to see detailed file/directory permissions.

Example Output: 

-rwxr-xr-- 1 小明  开发组  100  10月1日 14:30 test.txt
  • First character -: File type (directory is d, soft link is l).
  • Next rwxr-xr--: Permission info (owner, group, others).
  • 1: Hard link count (usually 1).
  • 小明: File owner.
  • 开发组: File’s group.
  • 100: File size (bytes).
  • 10月1日 14:30: Modification time.
  • test.txt: Filename.

2. Modify Permissions: chmod

There are two methods to modify permissions: Numeric (using numbers) and Symbolic (using text).

(1) Numeric Method: Use numbers to represent permissions (r=4, w=2, x=1)

Permission combinations are represented by adding numbers:
- rwx (read+write+execute) = 4+2+1=7
- rw- (read+write) = 4+2=6
- r-x (read+execute) = 4+1=5
- --x (execute only) = 1

Syntax: chmod [numeric] target_file

Examples:
- chmod 754 test.txt: Owner (7=rwx), Group (5=r-x), Others (4=r–).
- chmod 644 test.txt: Owner (6=rw), Group (4=r), Others (4=r).

(2) Symbolic Method: Use text to describe adding/removing permissions

Syntax: chmod [operator][permission_type] target_file
- Operators: + (add), - (remove), = (set).
- Permission Types: u (owner), g (group), o (others), a (all users).

Examples:
- chmod u+x test.txt: Add execute permission to the owner.
- chmod go-r test.txt: Remove read permission from group and others.
- chmod a=rwx test.txt: Set full permissions (rwx) for all users.

3. Modify Owner/Group: chown and chgrp

To transfer file management to others, use chown (change owner) or chgrp (change group).
- chown new_owner file/directory: E.g., chown Xiaohong test.txt.
- chgrp new_group file/directory: E.g., chgrp DesignGroup test.txt.

Common Scenarios and Precautions

Common Issues for Beginners:

  1. Why can’t I modify the file I created?
    The file may not be owned by you or have restricted permissions. Use ls -l to check permissions. If the owner is root, run chown your_username file or sudo chown your_username file.

  2. I can’t enter a directory due to insufficient permissions?
    Directories require execute permission (x) to enter (e.g., cd). For example, if the docs directory lacks access:
    - Check with ls -ld docs. If it shows drw-r--r--, the x permission is missing.
    - Fix with chmod +x docs.

  3. How can a regular user run commands with sudo?
    The administrator must add the regular user to the sudo group. Then use sudo command to temporarily gain root permissions. E.g., sudo apt install vim.

Security Tips:

  • Never grant write permissions to others: E.g., chmod o+w test.txt may allow others to modify or delete the file.
  • Minimize root usage for daily tasks: Use sudo instead of su - to reduce risks.
  • Regularly check permissions: If a file is modified unexpectedly, use ls -l to check for permission anomalies.

Summary

The core of Linux permission management is: Three user types (owner, group, others) + Three operations (read, write, execute). Master the commands ls -l (view permissions), chmod (modify permissions), and chown/chgrp (modify owner/group) to handle most permission issues. It may seem complex initially, but with hands-on practice (e.g., creating users, modifying file permissions), you’ll quickly become proficient!

Exercise: Try creating a file, use ls -l to check permissions, modify with chmod 754, change ownership with chown, then change the group with chgrp to observe permission changes.

Related Articles

Linux System Maintenance: Essential Basic Knowledge for Beginners 2025-12-08 Linux User Permission Management: Resolving Common Issues for Beginners 2025-12-08 Detailed Explanation of Linux File Permissions: Must-Know Knowledge for Beginners 2025-12-08 Linux User Management: Creation, Deletion, and Permission Assignment 2025-12-08 Essential for Beginners: 5 Basic Linux Server Commands 2025-12-08
Xiaoye