Linux system is a multi-user and multi task time-sharing operating system, but the system can not identify people, it distinguishes each user by account. During the installation of each Linux system, the password should be set for the root account, which is the first account of the system. Every user who logs into the system with this account is a super administrator, and they have absolute control over the system. By applying to the system administrator, you can also create a common account for the system. Every user who logs into the system with an ordinary account has only partial control over the system.
We know that the data in the computer is stored on the hardware in the form of binary 0 and 1. In Linux, for the convenience of management, the system organizes these data into directories and files, and presents them to users in a tree structure. As shown in the figure below:
The / at the top is the root directory, and all files in Linux start from the root directory. In addition, it is very important that in Linux, not only ordinary documents are files, but also directories are files. Even devices and processes are abstracted into files. The purpose of this is to simplify operation and facilitate management.
Therefore, the control right mentioned at the beginning of this paper is the user’s control right over the files in the system. Generally speaking, the permission of so and so files is for specific users.
In addition, every login user is in a directory at any time, which is called current directory. When the user just logs in, the directory is the home directory, the home directory of the root user is / root, and the home directory of the ordinary user is usually / home / user_ name。 Here, the first character / is the root directory mentioned above. Root and home are the names of the two subdirectories under the root directory. Note that / after home is the directory separator, not a part of the directory name, user_ Name is the name of a normal user’s home directory.
Let’s take a look at the specific command:
1. PWD print current directory
[[email protected] ~]# pwd /root
2. CD switch directory
For example, switch to the root directory and print the current directory (note the change in the command prompt)
These two commands are so simple that their options are not commonly used. The CD command is followed by a pathname. The pathname can be “absolute” or “relative.”. The absolute one is the pathname starting with /, such as the pathname in the command CD / usr / local / SRC; the relative one is the pathname relative to the current directory. If the inclusion and inclusion relationship of the directory in Linux is compared to the parent-child relationship, the symbol represents the parent directory, and the symbol represents the current directory.
Assuming that the current directory is / usr / local / SRC, there are two ways to switch to the root directory: CD / and CD.. /
Then switch back to root’s home directory: CD root and CD. / root
In addition, if there are no parameters after CD, the effect of execution is to switch home directory:
3. Lists the contents of the directory
ls [OPTION]… [FILE]…
When the command LS is followed by no parameters, the contents of the current directory will be displayed
[[email protected] ~]# ls anaconda-ks.cfg install.log install.log.syslog
The above example shows three files Anaconda in the / root directory- ks.cfg 、anaconda- ks.cfg 、anaconda- ks.cfg .
Option – L enables the results of LS command to be displayed in long format
[[email protected] ~]# ls -l total 84 -rw------- 1 root root 1666 Jan 14 2016 anaconda-ks.cfg -rw-r--r-- 1 root root 55745 Jan 14 2016 install.log -rw-r--r-- 1 root root 5039 Jan 14 2016 install.log.syslog
Show the meaning of the results.
4. MKDIR create directory
mkdir [OPTION]… DIRECTORY…
The usual way to use it is to use the command name directly followed by the directory name (it can be more than one). Here we talk about the rules of Linux file naming: Linux allows all characters except character / in the file name, and the maximum number of characters in the file name is 255 (Chinese characters are 127). Linux does not encourage special characters in the file name (it is easy to cause confusion), and the file name is sensitive to case. The number of files or directories is limited by the file system used.
For example, create a temp directory under the current directory and view it with LS:
[[email protected] ~]# mkdir temp [[email protected] ~]# ls anaconda-ks.cfg install.log install.log.syslog temp
Option – P can create subdirectories recursively. For example, enter temp and create directory dir1 and dir2. The subdirectories of dir1 are test:
[[email protected] ~]# cd temp [[email protected] temp]# mkdir -p dir1/test dir2 [[email protected] temp]# ls dir1 dir2 [[email protected] temp]# cd dir1 [[email protected] dir1]# ls test
5. Touch “create file”
touch [OPTION]… FILE…
In fact, the function of this command is to modify the file time. When the specified file does not exist, a new file will be created. Because there are many other ways to change the time of a file, many users mistakenly think that it is the command to create a file. For example, create the file file1 in the temp directory, and create the file File2 in the subdirectory dir1 of temp
[[email protected] temp]# touch file1 dir1/file2 [[email protected] temp]# ls dir1 dir2 file1 [[email protected] temp]# cd dir1 [[email protected] dir1]# ls file2 test
6. Useradd add add account
useradd [options] name
For example, to create an account named learner:
[[email protected] dir1]# useradd learner
By default, the user add command will create the user’s home directory while creating the user account, and update the configuration files related to the user in the system (there are many configuration files in Linux, which are used to set the environment information and parameters for the software running. They are usually in the format of text, which is convenient for the user to change their content to change the software running environment. In Linux, most configuration files are in the directory / etc, such as configuration files related to user management (such as / etc / passwd, / etc / group, / etc / shadow, / etc / gshadow, etc.).
Let’s enter the newly created user’s home directory and use the LS command to view the contents of the directory
[[email protected] dir1]# cd /home/learner [[email protected] learner]# ls [[email protected] learner]#
No information is printed on the terminal. Try the – a option of LS:
[[email protected] learner]# ls -a . .. .bash_logout .bash_profile .bashrc
The function of option – A is to display all the files in the directory, including the current directory. And the parent directory.. the files beginning with. In Linux are hidden files. The three hidden files here are the configuration files that users need to use when they log in to the system.
7. Passwd add or change account password
passwd [OPTION]… [NAME]
Note that the newly added account cannot be logged in immediately by the command useradd. You must also add a password for the account and a password for the new user learner
[[email protected] ~]# passwd learner Changing password for user learner. New UNIX password: XXXXXX # here XXXXXX is not displayed on the screen Bad password: it is too simple / systematic Retype new UNIX password: XXXXXX # repeated input, where XXXXXX is not displayed on the screen passwd: all authentication tokens updated successfully.
When the passwd command is executed directly without a user name, its function is to change the password of the current account.
8. Cat view file content
cat [OPTION]… [FILE]…
For example, check the configuration file / etc / passwd to save the system account
[[email protected] ~]# cat /etc/passwd root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin .... learner:x:1000:1000::/home/learner:/bin/bash
Part of the output is excerpted here. We can see that the information of the newly created account learner is in the last line of the file. Each line in the file is divided into seven columns. Take the first line as an example to illustrate the meaning of each column
1) The account name is root.
2) X is the password. In some systems, the real password encryption is stored in / etc / shadow, where X or * is reserved.
3) 0 is the user ID.
4) 0 is the user group ID, corresponding to a record in the / etc / group file.
5) Root is descriptive information.
6) / root is the user’s home directory.
7) / bin / Bash is the login shell of the user. Every login user needs to start a shell program for the user to use.
Corresponding to the newly created user learner, its user ID is 1000. Usually, the user ID (uid) and the user name are one-to-one correspondence. The uid of root is 0. If the user group ID (GID) is not specified when creating a user, the system will generate a GID with the same uid number and put the new user into the group. The meaning of user group is to add flexibility to permission control, such as grouping different users into a group, and then making the file set permissions for this group.
In the system, there are also some users whose login shell is / SBIN / nologin. These users are “pseudo users”, and they cannot log in. Their existence is mainly for the convenience of management and to meet the requirements of the corresponding system process for the file owner.
9. Head tail more less
The use of these four commands is similar to cat, except for the difference in display mode.
The head is displayed from the first line of the file, and 10 lines are displayed by default. Use the option – n to specify the number of displayed lines
[[email protected] ~]# head -n 3 /etc/group root:x:0: bin:x:1: daemon:x:2:
Displays the first three lines of the file / etc / group.
/In etc / group, each row is divided into four columns:
1) Group name
2) Password, there is no group password in Linux, here is x or*
3) Group ID (GID)
4) A list of members in a group, separated by commas. If the field is empty, it means the user name whose user group is GID.
Tail defaults to 10 lines from the bottom of the output file. You can also use the option – n to specify the number of lines
[[email protected] temp]# tail -n 4 /etc/shadow postfix:!!:16814:::::: sshd:!!:16814:::::: tcpdump:!!:16994:::::: learner:$6$.U5pPYhu$h9TnYR9L4dbJY6b6VgnAQBG5qEg6s5fyJpxZVrAipHeeFhHAiHk6gjWa/xOfvWx.CzM2fvk685OEUc.ZdBYiC0:17095:0:99999:7:::
The last four lines of the file / etc / shadow are displayed.
/Etc / shadow stores information such as account and password. Each line is divided into 9 columns
1) User name
2) Encrypted password
3) The time when the password was last modified; this time is the time interval (days) from January 1, 1970 to the last password modification.
4) The minimum number of days between two password changes. If the value of this field is empty, the account will be permanently available;
5) The maximum number of days between two password changes. If the value of this field is empty, the account will be permanently available;
6) How many days in advance to warn the user that the password will expire; if the value of this field is empty, the account will be permanently available;
7) How many days after the password has expired to disable this user; if the value of this field is empty, the account will be permanently available;
8) User expiration date: this field specifies the number of days (from January 1, 1970) when the user is voided. If the value of this field is empty, the account will be permanently available;
9) Leave the field blank for future development;
/The record lines in etc / shadow correspond to those in / etc / passwd one by one, which are automatically generated by pwconv command according to the data in / etc / passwd.
In addition, the command tail also has a common option – F, which is used to output as the file content increases. The default output interval is 1s.
The functions of more and less are to display the contents of the file in pages. The difference is that more does not allow flipping back, only the Enter key and the space bar can be used to display the next line and the next page respectively (similar to the man command). Less allows flipping back, and the up arrow and pageup key are also available. Readers can experiment with these two commands by themselves, and no more examples are given here.
10. Groupadd create user group
groupadd [OPTION] group
Option ‘- G’ specifies GID for newly created user groups. For example, create a new user group group1 and specify its GID as 1005, then create a new user Tom with uid as 1002, GID as 1000, login shell as / bin / sh:
[[email protected] ~]# groupadd -g 1005 group1 [[email protected] ~]# useradd -u 1002 -g 1000 -s /bin/sh tom [[email protected] ~]# tail -n 1 /etc/passwd tom:x:1002:1000::/home/tom:/bin/sh [[email protected] ~]# tail -n 1 /etc/group group1:x:1005:
Here, the options – u, – G and – s of the useradd command specify the uid, GID and login shell of the new user respectively.
11. Chmod change file permissions
chmod [OPTION]… MODE[,MODE]… FILE…
chmod [OPTION]… OCTAL-MODE FILE…
Before looking at the usage of this command, let’s explain the output of option – L of the command LS:
[[email protected] temp]# ls -l Total dosage 0 Drwxr-xr-x 3 root 29 Oct 21 20:34 dir1 Drwxr-xr-x 2 root 6 Oct 21 20:33 dir2 -Rw-r -- R -- 1 root 0 October 21 20:34 file1
The output is divided into seven parts
1) – rw-r — R — the first character in the 10 characters – represents the file type. In Linux, there are seven types of files, which are represented as follows:
D: the representative file is a directory
L: symbolic links
S: socket file
B: block device file
C: character device file
P: name the pipeline file
-: ordinary documents, or other documents besides the above documents
The remaining nine characters are divided into three groups to represent the permission of the file. In Linux, the permission of the file is represented by the binary 000-111 (one octal number)
R (read): read permission (if it is a file, it means to read the contents of the file; if it is a directory, it means to browse the directory). The first position of binary system is 1, that is 100, and decimal system is 4.
W (write): write permission (for a file, it has the permission to add or modify the contents of the file; for a directory, it has the permission to delete or move the files in the directory. )。 Binary second position 1 is 010, decimal is the number 2.
X (execute): execution right (for a file, it has the right to execute the file; for a directory, it has the right to enter the directory. )。 The third position of binary system is 1, which is 001. The decimal system is 1.
– (no authority): when there is no such authority. The binary representation is 000.
In this way, the last line file file1 permission in this example is as follows:
The first three characters’ RW – ‘indicate that the owner of the file has read and write permissions on the file, and the decimal number is 4 + 2 = 6.
The middle three characters’ R — ‘indicate that the group to which the file belongs has read permission for the file, and the decimal number is 4.
The last three characters’ R — ‘indicate that other users in the system have read permission to the file, and the decimal number is 4.
In this way, the permissions of the file can be represented by the decimal number ‘644’.
For directory dir1:
The first three characters’ RWX ‘indicate that the directory owner has read, write and execute permissions on it, and the decimal system is 4 + 2 + 1 = 7.
The middle three characters’ R-X ‘indicate that the group to which the directory belongs has read and execute permissions. In decimal system, it is 4 + 1 = 5.
The last three characters’ R-X ‘indicate that other users in the system (` others’) have read and execute permissions on it, and the decimal system is 4 + 1 = 5.
This directory permission is expressed in decimal system as’ 755 ‘. Pay attention to the difference between the same permissions of files and directories.
2) The number after the permission represents the number of hard links to the file
3) The owner of the root file, sometimes represented as the user’s uid.
4) The group to which the root file belongs is sometimes represented as the GID of the user group.
5) File size in bytes.
6) October 21 indicates the time when the file content was last modified.
7) The last column is the file name.
For example, add execution permission to the user group of file file1:
[[email protected] temp]# chmod g+x file1 [[email protected] temp]# ls -l file1 -Rw-r-xr -- 1 root 0 October 21 20:34 file1
Here, G + X means to increase the group’s permission to execute X.
For example, reduce the read permission to other people in file1:
[[email protected] temp]# chmod o-r file1 [[email protected] temp]# ls -l file1 -Rw-r-x --- 1 root 0 October 21 20:34 file1
Here, o-r means to reduce the read r permission for others.
If you set RW permission to any user of file file1:
[[email protected] temp]# chmod a=rw file1 [[email protected] temp]# ls -l file1 -Rw-rw-rw-1 root 0 Oct 21 20:34 file1
Here, a = RW means that all is set to RW permission.
Or use decimal notation to directly specify the file permissions:
[[email protected] temp]# chmod 644 file1 [[email protected] temp]# ls -l file1 -Rw-r -- R -- 1 root 0 October 21 20:34 file1
For example, set the permissions of directory dir1 and all directories and files in the directory to 777
[[email protected] temp]# chmod 777 -R dir1 [[email protected] temp]# ls -l Total dosage 0 Drwxrwxrwx 3 root 29 Oct 21 20:34 dir1 Drwxr-xr-x 2 root 6 Oct 21 20:33 dir2 -Rw-r -- R -- 1 root 0 October 21 20:34 file1
The function of option – R is to change the target permission recursively.
In addition, such as directory / tmp permissions:
[[email protected] tmp]# ls -l / .... Drwxrwxrwt. 7 root 88 Oct 22 21:14 TMP ....
We can see that the last bit of permission is t, which stands for sticky. Its function is to give the directory special permission: the user cannot delete the files that do not belong to the user in the directory.
T. indicates that the file is protected by the security context of SELinux.
For example, the permission of executable file / bin / Su:
[root[email protected] bin]# ls -l /bin/su -Rwsr-xr-x. 1 root 32072 November 20, 2015 / bin / Su
The owner’s permission RWS, where s stands for suid, and if it is in the user group, it stands for sgid. It is used to give the file special permission: when the user executes the file, he is regarded as the owner of the file.
These special-purpose permissions can be known to ordinary users.
12. Lsattr list hidden permissions
lsattr [option] [files…]
[[email protected] temp]# lsattr ---------------- ./dir1 ---------------- ./dir2 ---------------- ./file1
The hidden permission bits of the file are listed, with a total of 16 bits (because the hidden permission is related to the file system, the setting of the hidden permission of the file is not necessarily the same for different file systems).
13. Chatr sets hidden permissions for files
chattr [+-=] [mode] files…
For example, add a hidden permission to file1
[[email protected] temp]# chattr +a file1 [[email protected] temp]# lsattr file1 -----a---------- file1
The a permission here means that this file can only add data, not delete or modify data. Only root can configure this property.
Add hidden attribute to File2
[[email protected] temp]# chattr +i file2 [[email protected] temp]# lsattr file2 ----i----------- file2
The I permission here means that the file cannot be modified, deleted, renamed or linked. Only root can configure this property.
These hidden permissions are not commonly used, usually know these two.
14. Chown changes the owner and group of the file
chown [OPTION]… [OWNER][:[GROUP]] FILE…
For example, change the owner of file file1 to learner:
[[email protected] temp]# chown learner file1 [[email protected] temp]# ls -l file1 -Rw-r -- R -- 1 learner root 0 Oct 21 20:34 file1
Recursively change the directory and group to which all files belong, such as directory 1 and dirner
[[email protected] temp]# chown -R learner:learner dir1 [[email protected] temp]# ls -l Total dosage 0 Drwxrwxrwx 3 learner 29 Oct 21 20:34 dir1 ....
Here users and user groups can be replaced by corresponding uid and GID, colon: can also be replaced by dot.
15. Userdel and groupdel are used to delete users and user groups.
Userdel is used to delete the user account. Option – R can delete the user home directory as well.
Groupdel is used to delete user groups. Note that the primary group of existing users cannot be removed. You must remove this user before removing this group.
16. ID printing user ID information
id [OPTION]… [USER]
Display current user information when not following user name:
[[email protected] ~]# id Uid = 0 (root) GID = 0 (root) group = 0 (root)
17. Who AMI, who, w display login user information
Command whoamI to print out the current user name:
[[email protected] ~]# whoami root
Command who to print the current login user information:
[[email protected] ~]# who root tty1 2016-09-30 15:18 root pts/0 2016-10-23 17:12 (192.168.78.140) learner pts/1 2016-10-23 17:49 (192.168.78.140) root pts/2 2016-10-23 17:50 (192.168.78.140)
In the display information, the first column is the user name, the second column is the login terminal, the third column is the login time, and the last column is the login IP address.
The display information of command W is similar to that of who, adding some system information
[[email protected] ~]# w 17:56:59 up 23 days, 2:39, 4 users, load average: 0.00, 0.01, 0.05 USER TTY FROM [email protected] IDLE JCPU PCPU WHAT Root tty1 30916 23days 0.01s 0.01s - Bash root pts/0 192.168.78.140 17:12 7:31 0.01s 0.00s bash learner pts/1 192.168.78.140 17:49 7:29 0.00s 0.00s -bash root pts/2 192.168.78.140 17:50 3.00s 0.00s 0.00s w
The first line of the output shows the running time of the system, how many users are currently logged in, and the average load of the CPU (which will be described in the article later). The rest of the information adds idle time, CPU usage time, and commands to run.
18. Su executes user commands
su [options…] [-] [user [args…]]
Two common usages:
Option – C command is used to execute the command specified by – C with the target account:
[[email protected] ~]# su learner -c pwd /root
In the example, the command pwd is executed with the account learner. Switch users when option – C is not used:
[[email protected] ~]# whoami root [[email protected] ~]# su learner [[email protected] root]$ whoami learner
Note that if you switch from ordinary account to root or other account, you need to enter the corresponding password.
When switching accounts with or without options – or – L or — login, there will be differences in environment variables. At the same time, with these options, the current directory will be switched to the home directory of the target account. Use the exit command to exit:
[[email protected] ~]# pwd /root [[email protected] ~]# su - learner Last login: OCT 23 18:22:23 CST 2016pts / 5 [[email protected] ~]$ pwd /home/learner [[email protected] ~]$ exit Log out [[email protected] ~]# whoami root
19. Sudo executes the command as another user
sudo [OPTION]… command
In Linux, for the sake of security, every user is not allowed to log in to the system with the root account, and some ordinary users are usually created. But some commands can only be executed by the root user. In order to allocate permissions more flexibly and enable ordinary users to execute some root commands, we can use sudo to complete this task.
Sudo assigns privileges to different users by maintaining a database that maps privileges to user names. These privileges can be identified by some different commands listed in the database. In order to obtain a certain privilege item, the qualified user only needs to input sudo and command on the command line, and then input the password (user’s own password, not root user’s password) again according to the prompt.
Use the – L option to view the root commands that the current user can execute
[[email protected] ~]$ sudo -l We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for learner: Sorry, user learner can't run sudo on centos7.
You can see here that learners can’t use sudo. To set up users to use sudo, you need to edit the configuration file / etc / sudoers of sudo. In this file, the comment lines beginning with the symbol #, which are used to explain or describe the configuration, do not play a practical role.
You need to use the command visudo to edit / etc / sudoers (similar to using the VI / VIM editor, which will be described in detail later).
The format of an entry in the configuration file is:
To run any command (all) in all places for the user learner:
learner ALL=(ALL) ALL
[[email protected] ~]$ sudo -l
[sudo] password for learner:
Match the default entry for the learner on this host:
The user learner can run the following commands on the host:
Of course, it doesn’t give ordinary users all rights. Here is just an example. The common way is to give a user some specific command permissions, such as allowing Tom to execute the command of immediate shutdown on the host machine, and adding entries in / etc / sudoers
tom machine=/usr/sbin/shutdown -h now
Note that machine is the host name used by Tom to log in to the system, which can be replaced by IP address, such as the login IP shown in the column from when using the command W. The command name after the equal sign must be the absolute path of the command, – h now is the parameter of the command / usr / SBIN / shutdown, and the effect of the command is to shut down immediately. The equal sign can be followed by multiple commands separated by commas. At the same time, the user name can also be a user group, with% group name instead. In addition, when user Tom executes sudo command, the writing of commands after sudo must be consistent with the configuration.
20. MV move file or directory
mv [OPTION]… SOURCE… DIRECTORY
The function of MV command is to move the file or directory from the source to the target directory. The path can be absolute or relative
For example, move the file File2 from the current directory to / root / temp / dir2
[[email protected] temp]# ls dir1 dir2 file1 file2 [[email protected] temp]# mv file2 /root/temp/dir2/ [[email protected] temp]# ls dir1 dir2 file1 [[email protected] temp]# ls dir2/ file2
The command MV can also change the name of the file, such as moving the directory dir2 to dir1 and changing it to dir3
[[email protected] temp]# ls dir1 dir2 file1 [[email protected] temp]# mv dir2 ./dir1/dir3 [[email protected] temp]# ls dir1 file1 [[email protected] temp]# ls dir1/ dir3 file2 test
21. Copy the file or directory
cp [OPTION]… SOURCE… DIRECTORY
If the copy file file1 is file3:
[[email protected] temp]# ls dir1 file1 [[email protected] temp]# cp file1 file3 [[email protected] temp]# ls dir1 file1 file3
Copy directory dir3 and its contents in directory dir1 to the current directory, named dir2:
[[email protected] temp]# cp -r dir1/dir3/ ./dir2 [[email protected] temp]# ls dir1 dir2 file1 file3
When copying a directory, you need to use the option – R. when the target already exists, you need to confirm whether to overlay. Enter y or yes to confirm the overlay, and enter n or no to cancel the overlay
[[email protected] temp]# cp file1 file3 CP: do you want to override "file3"? y [[email protected] temp]# cp file1 file3 CP: do you want to override "file3"? no
You can use the option – f (force) to force replication without confirmation.
[[email protected] temp]# cp -rf dir1/test ./dir2/
Note here – RF, when there are multiple options acting on a command, it can be concatenated without causing confusion.
22. Deleting files
rm [OPTION]… FILE…
The function of option – R is to delete the directory recursively, and the function of – F is to force deletion
[[email protected] temp]# ls dir1 dir2 file1 file3 [[email protected] temp]# rm -rf dir2/ [[email protected] temp]# ls dir1 file1 file3
23. Where is search system command
whereis [options] name…
The function of a command is to display the absolute path of the command name and the manual location of the command
[[email protected] test]# whereis ls ls: /usr/bin/ls /usr/share/man/man1/ls.1.gz
24. Du estimates the space occupied by the file
u [OPTION]… [FILE]…
For example, to view the size of file file1:
[[email protected] temp]# du file1 4 file1
The first column of the output indicates the amount of space occupied (in KB). The second column is the file name.
You can use the option – h to display in a human readable way:
[[email protected] temp]# du -h file1 4.0K file1
When the – s option is applied to the directory, only the total consumption is displayed. When not in use, each file in the directory will be displayed
[[email protected] temp]# du dir1 0 dir1/test 0 dir1/dir3 0 dir1 [[email protected] temp]# du -sh dir1 0 dir1
Linux adheres to the idea of “everything is a file”. Under this idea, all operations in Linux can be said to be file related. The commands listed here are the most basic file related commands that every user needs to keep in mind. Of course, we can’t list all their usages one by one here. If you want to know more, you must remember man!
The above is the whole content of this article, I hope to help you learn, and I hope you can support developer more.