1교시 09:30 ~ 10:30>
mv -> 단일 파일 이름 변경
rename -> 동일 패턴을 가진 파일 이름 변경
CMD [option set] -> tab 키로 확인 가능
자동 완성 확인>
[root@server1 /]# yum list | grep bash
bash.x86_64 4.4.19-14.el8 @anaconda
bash-completion.noarch 1:2.7-5.el8 @anaconda
bash.x86_64 4.4.20-2.el8 baseos
bash-doc.x86_64 4.4.20-2.el8 baseos
libguestfs-bash-completion.noarch 1:1.40.2-28.module_el8.5.0+821+97472045 appstream
libvirt-bash-completion.x86_64 6.0.0-37.module_el8.5.0+1002+36725df2 appstream
nbdkit-bash-completion.noarch 1.16.2-4.module_el8.5.0+746+bbd5d70c appstream
pcp-pmda-bash.x86_64 5.3.1-5.el8 appstream
-> bash-completion.noarch 1:2.7-5.el8
chown> 파일 소유권 변경
# chown user01 file1 -> file1의 소유자를 user01로 변경
# chown .other file1 -> file1의 그룹소유자를 user01로 변경
# chown user01.other file1 (# chown user01:other file1)
# chown -R -> 디렉토리 내의 모든 파일의 내용의 권한을 변경되지
-f : 바뀌어 지지 않는 파일들에 대해서 오류 메시지를 보여주지 않는다.
-v : 작업 상태를 자세히 보여준다.
-R : 경로와 그 하위 파일들 모두를 바꾼다.
[root@server1 test]# mkdir -p dir1/dir2/dir3
[root@server1 test]# touch dir1/file{1..2}
[root@server1 test]# chown .user01 dir1
[root@server1 test]# chown -Rv .user01 dir1
changed ownership of 'dir1/dir2/dir3' from root:root to :user01
changed ownership of 'dir1/dir2' from root:root to :user01
changed ownership of 'dir1/file1' from root:root to :user01
changed ownership of 'dir1/file2' from root:root to :user01
ownership of 'dir1' retained as root:user01
[root@server1 test]#
Every 1.0s: ls -lR . /test server1.example.com: Sat Dec 18 10:13:51 2021
.:
total 0
/test:
total 0
drwxr-xr-x. 3 root user01 44 Dec 18 10:11 dir1
/test/dir1:
total 0
drwxr-xr-x. 3 root user01 18 Dec 18 10:11 dir2
-rw-r--r--. 1 root user01 0 Dec 18 10:11 file1
-rw-r--r--. 1 root user01 0 Dec 18 10:11 file2
/test/dir1/dir2:
total 0
drwxr-xr-x. 2 root user01 6 Dec 18 10:11 dir3
/test/dir1/dir2/dir3:
total 0
[root@server1 test]# find /test/dir1 -type f -exec chown .fedora {} \;
[root@server1 test]#
Every 1.0s: ls -lR . /test server1.example.com: Sat Dec 18 10:15:26 2021
.:
total 0
/test:
total 0
drwxr-xr-x. 3 root user01 44 Dec 18 10:11 dir1
/test/dir1:
total 0
drwxr-xr-x. 3 root user01 18 Dec 18 10:11 dir2
-rw-r--r--. 1 root fedora 0 Dec 18 10:11 file1
-rw-r--r--. 1 root fedora 0 Dec 18 10:11 file2
/test/dir1/dir2:
total 0
drwxr-xr-x. 2 root user01 6 Dec 18 10:11 dir3
/test/dir1/dir2/dir3:
total 0
[root@server1 test]# chown -R root:root dir1
[root@server1 test]#
Every 1.0s: ls -lR . /test server1.example.com: Sat Dec 18 10:16:23 2021
.:
total 0
/test:
total 0
drwxr-xr-x. 3 root root 44 Dec 18 10:11 dir1
/test/dir1:
total 0
drwxr-xr-x. 3 root root 18 Dec 18 10:11 dir2
-rw-r--r--. 1 root root 0 Dec 18 10:11 file1
-rw-r--r--. 1 root root 0 Dec 18 10:11 file2
/test/dir1/dir2:
total 0
drwxr-xr-x. 2 root root 6 Dec 18 10:11 dir3
/test/dir1/dir2/dir3:
total 0
[root@server1 test]# touch file{1..100000}
[root@server1 test]# touch file{100001..300000}
-bash: /usr/bin/touch: Argument list too long
[root@server1 test]#
screen, tmux : 백그라운드 터미널
2교시 10:40 ~ 11:40>
chgrp> 그룹명 변경되지
-c : 작업 상태를 자세히 보여주나, 바뀌어 지는 것만 보여준다.
-f : 그룹이 바뀌어 지지 않는 파일들에 대한 오류 메시지를 보여주지 않는다.
-v : 작업 상태를 자세히 보여준다.
-R : 주로 file 이름으로 경로를 사용해서, 그 안에 있는 모든파일도 함께 gourp으로 바꾼다.
- 일반사용자의 경우에 그룹소유권 변경을 해주는 경우 해당 그룹을 소유(개인 권한 소유)하고 있어야 한다.
[root@server1 test]# pwd
/test
[root@server1 test]# chmod 777 .
[root@server1 test]# ls -ld .
drwxrwxrwx. 2 root root 19 Dec 18 10:36 .
[root@server1 test]# chown user01.root file1
[root@server1 test]# echo 'user01' | passwd --stdin user01
Changing password for user user01.
passwd: all authentication tokens updated successfully.
[root@server1 test]# groupadd -g 60001 g1
[root@server1 test]# cat /etc/group | grep g1
g1:x:60001:
[root@server1 test]# su - user01
[user01@server1 ~]$ id
uid=1002(user01) gid=1002(user01) groups=1002(user01) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[user01@server1 ~]$ cd /test
[user01@server1 test]$ ls
file1
[user01@server1 test]$ ls -l
total 0
-rw-r--r--. 1 user01 root 0 Dec 18 10:36 file1
[user01@server1 test]$ echo 111111 > file1
[user01@server1 test]$ cat file1
111111
[user01@server1 test]$ chgrp g1 file1
chgrp: changing group of 'file1': Operation not permitted
[user01@server1 test]$ chgrp user01 file1
[user01@server1 test]$ ls -l
total 4
-rw-r--r--. 1 user01 user01 7 Dec 18 10:40 file1
[user01@server1 test]$ exit
logout
[root@server1 test]# usermod -aG g1 user01
[root@server1 test]# id
uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[root@server1 test]# id user01
uid=1002(user01) gid=1002(user01) groups=1002(user01),60001(g1)
[root@server1 test]# su - user01
[user01@server1 ~]$ cd /test
[user01@server1 test]$ ls
file1
[user01@server1 test]$ chgrp g1 file1
[user01@server1 test]$ ls -la
total 4
drwxrwxrwx. 2 root root 19 Dec 18 10:36 .
dr-xr-xr-x. 18 root root 236 Dec 5 17:23 ..
-rw-r--r--. 1 user01 g1 7 Dec 18 10:40 file1
[user01@server1 test]$
파일의 퍼미션 변경>
심볼릭 모드(symbolic mode)
옥타 모드(octal mode)
chmod> 파일이날 디렉토리를 새로운 권한으로 변경
rwx rwx rwx
u g o -> a
421 421 421
+ : 퍼미션 허가
- : 퍼미션 금지
= : 퍼미션 지정
파일
* r : 파일을 읽을 수 있는 권한
w : 파일을 수정할 수 있는 권한
x : 파일을 실행할 수 있는 권한
rwx
rw-
r-x
r--
---
디렉토리
r : ls 명령어를 사용 가능한 권한
w : 디렉토리에 수정을 하기 하기 위해 cp mv rm 명령어에 관한 권한
* x : 디렉토리에 진입을 위해 cd 명령어를 사용 가능한 권한
rwx
r-x
[root@server1 test]# rm -rf *
[root@server1 test]# touch file1
[root@server1 test]# chmod u+x file1
[root@server1 test]# chmod g-r file1
[root@server1 test]# chmod u-x,g+x,g+r file1
[root@server1 test]# chmod g-rx file1
[root@server1 test]# chmod a=r
chmod: missing operand after ‘a=r’
Try 'chmod --help' for more information.
[root@server1 test]# chmod a=r file1
[root@server1 test]# chmod a=--- file1
[root@server1 test]#
--- : 권한 없음 0 000
r-- : 읽기 권한 4 100
r-x : 읽기 실행 5 101
rw- : 읽기 쓰기 6 110
[root@server1 test]# chmod 744 file1
[root@server1 test]# chmod 755 file1
[root@server1 test]# chmod 754 file1
[root@server1 test]# chmod 7 file1
[root@server1 test]# stat file1
File: file1
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: fd00h/64768d Inode: 1142082 Links: 1
Access: (0007/-------rwx) Uid: ( 0/ root) Gid: ( 0/ root)
Context: unconfined_u:object_r:default_t:s0
Access: 2021-12-18 10:54:17.390174025 +0900
Modify: 2021-12-18 10:54:17.390174025 +0900
Change: 2021-12-18 11:03:53.714194530 +0900
Birth: -
[root@server1 test]# chmod 27 file1
[root@server1 test]# stat file1
File: file1
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: fd00h/64768d Inode: 1142082 Links: 1
Access: (0027/-----w-rwx) Uid: ( 0/ root) Gid: ( 0/ root)
Context: unconfined_u:object_r:default_t:s0
Access: 2021-12-18 10:54:17.390174025 +0900
Modify: 2021-12-18 10:54:17.390174025 +0900
Change: 2021-12-18 11:04:34.415195979 +0900
Birth: -
[root@server1 test]# chmod 777 file1
[root@server1 test]#
<terminal01>
[root@server1 test]# su - fedora
[fedora@server1 ~]$ clear
[fedora@server1 ~]$ id
uid=1001(fedora) gid=1001(fedora) groups=1001(fedora) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[fedora@server1 ~]$ mkdir dirtest
[fedora@server1 ~]$ touch dirtest/test2.txt
[fedora@server1 ~]$ ls -lR
.:
total 0
drwxrwxr-x. 2 fedora fedora 23 Dec 18 11:08 dirtest
./dirtest:
total 0
-rw-rw-r--. 1 fedora fedora 0 Dec 18 11:08 test2.txt
[fedora@server1 ~]$ chmod 757 .
[fedora@server1 ~]$ ls -ld .
drwxr-xrwx. 5 fedora fedora 128 Dec 18 11:08 .
[fedora@server1 ~]$ chmod 755 dirtest/
[fedora@server1 ~]$ ls -ld dirtest/
drwxr-xr-x. 2 fedora fedora 23 Dec 18 11:08 dirtest/
[fedora@server1 ~]$ echo 'fedora file' > dirtest/test2.txt
[fedora@server1 ~]$ ls -l dirtest/test2.txt
-rw-rw-r--. 1 fedora fedora 12 Dec 18 11:11 dirtest/test2.txt
[fedora@server1 ~]$ ls -ld dirtest/
drwxr-xr-x. 2 fedora fedora 23 Dec 18 11:08 dirtest/
[fedora@server1 ~]$ chmod 666 dirtest/test2.txt
[fedora@server1 ~]$ chmod 660 dirtest/test2.txt
[fedora@server1 ~]$ ls -ld dirtest/
drwxr-xr-x. 2 fedora fedora 23 Dec 18 11:08 dirtest/
[fedora@server1 ~]$ cd dirtest/
[fedora@server1 dirtest]$ ls
test2.txt
[fedora@server1 dirtest]$ ls -l
total 4
-rw-rw----. 1 fedora fedora 12 Dec 18 11:11 test2.txt
[fedora@server1 dirtest]$ chmod 664 test2.txt
[fedora@server1 dirtest]$
<terminal02>
[root@server1 ~]# su - user01
[user01@server1 ~]$ clear
[user01@server1 ~]$ cd /home/fedora
-bash: cd: /home/fedora: Permission denied
[user01@server1 ~]$ id
uid=1002(user01) gid=1002(user01) groups=1002(user01),60001(g1) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[user01@server1 ~]$ ls -ld
drwx------. 4 user01 user01 113 Dec 18 10:41 .
[user01@server1 ~]$ cd /home/fedora/dirtest
-bash: cd: /home/fedora/dirtest: Permission denied
[user01@server1 ~]$ cd /home/fedora/dirtest
[user01@server1 dirtest]$ pwd
/home/fedora/dirtest
[user01@server1 dirtest]$ ls
test2.txt
[user01@server1 dirtest]$ cd ..
[user01@server1 fedora]$ ls
dirtest
[user01@server1 fedora]$ cd dirtest/
[user01@server1 dirtest]$ ls
test2.txt
[user01@server1 dirtest]$ cat test2.txt
fedora file
[user01@server1 dirtest]$ ls -l
total 4
-rw-rw-r--. 1 fedora fedora 12 Dec 18 11:11 test2.txt
[user01@server1 dirtest]$ cat test2.txt
fedora file
[user01@server1 dirtest]$ cat test2.txt
cat: test2.txt: Permission denied
[user01@server1 dirtest]$
[user01@server1 dirtest]$
[user01@server1 dirtest]$
[user01@server1 dirtest]$ rm -rf test2.txt
rm: cannot remove 'test2.txt': Permission denied
[user01@server1 dirtest]$ touch file2
touch: cannot touch 'file2': Permission denied
[user01@server1 dirtest]$ cp file1 file2
cp: cannot stat 'file1': No such file or directory
[user01@server1 dirtest]$ cp test.txt ~/file2
cp: cannot stat 'test.txt': No such file or directory
[user01@server1 dirtest]$ cp test2.txt ~/file2
cp: cannot open 'test2.txt' for reading: Permission denied
[user01@server1 dirtest]$ cp test2.txt ~/file2
[user01@server1 dirtest]$
umask> 기본 퍼미션 조정
파일 디렉토리
Default Permission 666 777
umask 022 022
생성 기본퍼미션 644 755
[root@server1 test]# umask
0022
[root@server1 test]# umask 000
[root@server1 test]# rm -rf *
[root@server1 test]# touch file1
[root@server1 test]# mkdir dir1
[root@server1 test]# umask 0022
[root@server1 test]# touch file2
[root@server1 test]# mkdir dir2
[root@server1 test]#
Every 1.0s: ls -l /test server1.example.com: Sat Dec 18 11:21:07 2021
total 0
drwxrwxrwx. 2 root root 6 Dec 18 11:19 dir1
drwxr-xr-x. 2 root root 6 Dec 18 11:19 dir2
-rw-rw-rw-. 1 root root 0 Dec 18 11:19 file1
-rw-r--r--. 1 root root 0 Dec 18 11:19 file2
3교시 11:50 ~ 12:50>
umask>
rw-rw-rw- -> 실행 차단
[root@server1 test]# umask 007
[root@server1 test]# touch file3
[root@server1 test]# mkdir dir3
[root@server1 test]#
Every 1.0s: ls -l /test server1.example.com: Sat Dec 18 11:36:20 2021
total 0
drwxrwxrwx. 2 root root 6 Dec 18 11:19 dir1
drwxr-xr-x. 2 root root 6 Dec 18 11:19 dir2
drwxrwx---. 2 root root 6 Dec 18 11:35 dir3
-rw-rw-rw-. 1 root root 0 Dec 18 11:19 file1
-rw-r--r--. 1 root root 0 Dec 18 11:19 file2
-rw-rw----. 1 root root 0 Dec 18 11:35 file3
SetUID와 SetGID>
<terminal01>
[root@server1 test]# which passwd
/usr/bin/passwd
[root@server1 test]# ls -l /usr/bin/passwd
-rwsr-xr-x. 1 root root 33600 Apr 7 2020 /usr/bin/passwd
[root@server1 test]# stat /usr/bin/passwd
File: /usr/bin/passwd
Size: 33600 Blocks: 72 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 922804 Links: 1
Access: (4755/-rwsr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Context: system_u:object_r:passwd_exec_t:s0
Access: 2021-12-18 10:39:05.407141576 +0900
Modify: 2020-04-07 12:08:59.000000000 +0900
Change: 2021-11-27 12:20:15.365910564 +0900
Birth: -
[root@server1 test]#
[root@server1 test]#
[root@server1 test]# chmod 0755 /usr/bin/passwd
[root@server1 test]# stat /usr/bin/passwd
File: /usr/bin/passwd
Size: 33600 Blocks: 72 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 922804 Links: 1
Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Context: system_u:object_r:passwd_exec_t:s0
Access: 2021-12-18 10:39:05.407141576 +0900
Modify: 2020-04-07 12:08:59.000000000 +0900
Change: 2021-12-18 11:48:07.363288948 +0900
Birth: -
[root@server1 test]#
<terminal02>
[fedora@server1 ~]$ passwd
Changing password for user fedora.
Current password:
New password:
Retype new password:
passwd: Authentication token manipulation error
[fedora@server1 ~]$
특수권한 소유자권한비트 그룹권한비트 기타권한비트
SetUID SetGID sticky-bit r w x r w x r w x
1 1 1 1 1 1 1 1 1 1 1 1
4 2 1
천 백 십 일
[root@server1 test]# touch file1
[root@server1 test]# chmod 4777 file1
[root@server1 test]# touch file2
[root@server1 test]# chmod 4644 file2
[root@server1 test]# stat file1
File: file1
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: fd00h/64768d Inode: 1142082 Links: 1
Access: (4777/-rwsrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
Context: unconfined_u:object_r:default_t:s0
Access: 2021-12-18 11:54:56.873303519 +0900
Modify: 2021-12-18 11:54:56.873303519 +0900
Change: 2021-12-18 11:55:44.312305206 +0900
Birth: -
[root@server1 test]# stat file2
File: file2
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: fd00h/64768d Inode: 1142093 Links: 1
Access: (4644/-rwSr--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Context: unconfined_u:object_r:default_t:s0
Access: 2021-12-18 11:55:48.258305347 +0900
Modify: 2021-12-18 11:55:48.258305347 +0900
Change: 2021-12-18 11:55:55.670305611 +0900
Birth: -
[root@server1 test]# chmod 4755 touch
[root@server1 test]# stat touch
File: touch
Size: 96320 Blocks: 192 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 1142082 Links: 1
Access: (4755/-rwsr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Context: unconfined_u:object_r:default_t:s0
Access: 2021-12-18 12:00:08.539314608 +0900
Modify: 2021-12-18 11:58:11.756310453 +0900
Change: 2021-12-18 12:00:25.050315195 +0900
Birth: -
[root@server1 test]# su - fedora
[fedora@server1 ~]$ cd /test
[fedora@server1 test]$ ./touch file3
[fedora@server1 test]$
Every 1.0s: ls -l /test server1.example.com: Sat Dec 18 12:02:01 2021
total 96
-rw-rw-r--. 1 fedora fedora 0 Dec 18 11:59 file1
-rw-rw-r--. 1 fedora fedora 0 Dec 18 11:59 file2
-rw-rw-r--. 1 root fedora 0 Dec 18 12:01 file3
-rwsr-xr-x. 1 root root 96320 Dec 18 11:58 touch
SetGID>
동영상 참고해야함
Sticky Bits>
특수권한 소유자권한비트 그룹권한비트 기타권한비트
SetUID SetGID sticky-bit r w x r w x r w x
0 0 1 1 1 1 1 1 1 1 1 1
천 백 십 일
'CentOS > Study' 카테고리의 다른 글
| [리눅스]01. 08 교육 정리 (0) | 2022.01.08 |
|---|---|
| [리눅스]12.18 교육 정리 2 (0) | 2021.12.19 |
| [리눅스]12.04 교육 정리 (0) | 2021.12.04 |
| [리눅스]11.27 교육 정리 (0) | 2021.11.28 |
| [리눅스]Linux 프로세스 모니터링 및 관리 요점정리 (0) | 2021.07.18 |
