Home » Linux » Sogou
User group permissions

Sogou
User group permissions

user:


The

UID identifier is an abstraction of reality, /etc/passwd


Group

:


GID identifier, container, collection of a class of users, /etc/group





security context (secure context):


user A - > process (proxy A) - > file





file:


r: is readable and allows you to view file content using commands such as cat;


w: can be written to edit or delete this file;


x: executable, eXecutable, you can submit to the kernel as a command at the command prompt;





Directory: there is executable permission

by default

r: can execute LS for this directory to list all internal files;


w: creates files in this directory;


x: can use CD to switch this directory, or you can use LS -l to see the details of internal files;





user class:


administrator: UID = 0


regular user [1-65535]:


system user [1-499]: users who run the service specifically, do not need to log on to system


general user [500-60000]: you can log on to the system to get the resource





user group:


Administrators group:


general group:


system group:


general group:


user group category:


private group: when a user is created, if it does not specify the group to which it belongs, the system automatically creates a group with the same name as the user name;


base group: user's default group


addition group: other groups other than the default group








/* sorts out the relationships between various Linux in ID */


1, after each user login, corresponds to a uid, a GID, an additional group ID,


2, each program file has the file owner ID, the file all groups ID, and the corresponding RWX permissions, as well as the plain file.


3, when the user opens the file for permission testing, if you have any of the following circumstances, you can execute the program to generate the process:


a, when the user is a super user,


b, the user ID is the same as the file owner ID, and the file owner has the X permission


c, the user's GID is the same as the file group ID, and the file group has the X permission


d, the other of the file has x permissions,


4, the user's uid becomes the actual user ID of the process, the user's GID becomes the actual group ID of the process, and the additional group ID of the user becomes the additional group ID of the process;


5, when the program file does not set SUID and SGID, the process's active user ID is equal to the actual user ID of the process, and the valid group ID of the process is equal to the actual group ID of the process;


6, when the program file is set SUID, the valid user ID of the process is saved to the process "save settings user ID", and the owner of the program file ID becomes the valid ID of the process;


7, when the program file is set SGID, the valid group ID of the process is saved to the process, the saved set user group ID, and all the group ID of the program file become the valid user group of the process. ID;








/etc/passwd


account: login name


password: password


UID:


GID: basic group ID


comment: note


HOMEDIR: home directory,


SHELL: the user's default shell, cat /etc/shells, looks at the current system security shell





/etc/shadow


account: login name


encrypted password: encrypted password








encryption method:


symmetric encryption: encryption and decryption using the same key


public key cryptography: each password appears in pairs, one for the private key (decryption), and one for the public key (encryption)


one-way encryption, hash encryption: used to extract data signature, data integrity check


1, avalanche effect,


2, fixed length output


MD5:Message Digest, 128 bit fixed length output


SHA1:Secure Hash Algorithm, 160 bit fixed length output





add user:


useradd/adduser LOGNAME


default parameter source /etc/default/useradd





add user group


groupadd GROUPNAME





common command:


user management:


useradd, userdel, usermod, passwd, Chsh, chfn, finger, ID, chage


group management:


groupadd, groupdel, groupmod, gpasswd


authority management:


chown, chgrp, Chmod, umask



copyright notice: This article is original article for blogger. Without permission from blogger,.

must not be reprinted

Latest