Home » Linux » Sogou
User group permissions

User group permissions



UID identifier is an abstraction of reality, /etc/passwd



GID identifier, container, collection of a class of users, /etc/group

security context (secure context):

user A - > process (proxy A) - > file


r: is readable and allows you to view file content using commands such as cat;

w: can be written to edit or delete this file;

x: executable, eXecutable, you can submit to the kernel as a command at the command prompt;

Directory: there is executable permission

by default

r: can execute LS for this directory to list all internal files;

w: creates files in this directory;

x: can use CD to switch this directory, or you can use LS -l to see the details of internal files;

user class:

administrator: UID = 0

regular user [1-65535]:

system user [1-499]: users who run the service specifically, do not need to log on to system

general user [500-60000]: you can log on to the system to get the resource

user group:

Administrators group:

general group:

system group:

general group:

user group category:

private group: when a user is created, if it does not specify the group to which it belongs, the system automatically creates a group with the same name as the user name;

base group: user's default group

addition group: other groups other than the default group

/* sorts out the relationships between various Linux in ID */

1, after each user login, corresponds to a uid, a GID, an additional group ID,

2, each program file has the file owner ID, the file all groups ID, and the corresponding RWX permissions, as well as the plain file.

3, when the user opens the file for permission testing, if you have any of the following circumstances, you can execute the program to generate the process:

a, when the user is a super user,

b, the user ID is the same as the file owner ID, and the file owner has the X permission

c, the user's GID is the same as the file group ID, and the file group has the X permission

d, the other of the file has x permissions,

4, the user's uid becomes the actual user ID of the process, the user's GID becomes the actual group ID of the process, and the additional group ID of the user becomes the additional group ID of the process;

5, when the program file does not set SUID and SGID, the process's active user ID is equal to the actual user ID of the process, and the valid group ID of the process is equal to the actual group ID of the process;

6, when the program file is set SUID, the valid user ID of the process is saved to the process "save settings user ID", and the owner of the program file ID becomes the valid ID of the process;

7, when the program file is set SGID, the valid group ID of the process is saved to the process, the saved set user group ID, and all the group ID of the program file become the valid user group of the process. ID;


account: login name

password: password


GID: basic group ID

comment: note

HOMEDIR: home directory,

SHELL: the user's default shell, cat /etc/shells, looks at the current system security shell


account: login name

encrypted password: encrypted password

encryption method:

symmetric encryption: encryption and decryption using the same key

public key cryptography: each password appears in pairs, one for the private key (decryption), and one for the public key (encryption)

one-way encryption, hash encryption: used to extract data signature, data integrity check

1, avalanche effect,

2, fixed length output

MD5:Message Digest, 128 bit fixed length output

SHA1:Secure Hash Algorithm, 160 bit fixed length output

add user:

useradd/adduser LOGNAME

default parameter source /etc/default/useradd

add user group

groupadd GROUPNAME

common command:

user management:

useradd, userdel, usermod, passwd, Chsh, chfn, finger, ID, chage

group management:

groupadd, groupdel, groupmod, gpasswd

authority management:

chown, chgrp, Chmod, umask

copyright notice: This article is original article for blogger. Without permission from blogger,.

must not be reprinted