自己搭建网站流程:
1.购买云服务器
2.在服务器上面 搭建网站环境 lnmp
3.购买域名
https://wanwang.aliyun.com/
修改权限
通过数字
chmod 755 /oldboy/oldboy.txt
通过字母
-rw-r--r-- 1 root root 321 Apr 16 12:19 oldboy.txt.bak
u g o
user group other
所有者 所属用户组 其他人
chmod u/g/o +|-|= 权限 oldboy.txt
给文件加上执行权限(/etc/rc.d/rc.local )
[root@oldboyedu59 ~]# chmod +x /etc/rc.d/rc.local
[root@oldboyedu59 ~]# ll /etc/rc.d/rc.local
-rwxr-xr-x. 1 root root 473 Oct 31 07:31 /etc/rc.d/rc.local
搭建测试权限环境
mkdir -p /oldboy/
echo pwd >/oldboy/lidao.sh
chown oldboy.oldboy /oldboy/lidao.sh
useradd oldboy 如果oldboy有问题则删除 再添加
需要2个窗口
root oldboy
root 下面测试 rwx
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-rw-r--r-- 1 root root 4 Apr 23 09:58 /oldboy/lidao.sh
[root@oldboyedu59 ~]# chmod +x /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-rwxr-xr-x 1 root root 4 Apr 23 09:58 /oldboy/lidao.sh
[root@oldboyedu59 ~]# cat /oldboy/lidao.sh
pwd
[root@oldboyedu59 ~]# echo 'hostname' >>/oldboy/lidao.sh
[root@oldboyedu59 ~]# /oldboy/lidao.sh
/root
oldboyedu59
测试 文件的rwx权限开始###
root修改权限
oldboy下测试
root 修改权限
[root@oldboyedu59 ~]# chmod u=r /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-r--r-xr-x 1 root root 13 Apr 23 10:00 /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
-r--r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh
oldboy下 测试文件的r权限
[oldboy@oldboyedu59 ~]$ ll /oldboy/lidao.sh
-r--r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ cat /oldboy/lidao.sh
pwd
hostname
[oldboy@oldboyedu59 ~]$ echo pwd >>/oldboy/lidao.sh
-bash: /oldboy/lidao.sh: Permission denied
[oldboy@oldboyedu59 ~]$ /oldboy/lidao.sh
-bash: /oldboy/lidao.sh: Permission denied
文件的r小结:
是否能查看文件的内容
[root@oldboyedu59 ~]# #root 修改权限 w
[root@oldboyedu59 ~]#
[root@oldboyedu59 ~]#
[root@oldboyedu59 ~]# chmod u=w /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
--w-r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh
W10: Warning: Changing a readonly file
oldboy进行测试
ldboy@oldboyedu59 ~]$ ll /oldboy/lidao.sh
▽-w-r-xr-x 1 oldboy oldboy 13 Apr 23 10:00 /oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ cat /oldboy/lidao.sh
cat: /oldboy/lidao.sh: Permission denied
[oldboy@oldboyedu59 ~]$ echo pwd >>/oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ echo pwd >>/oldboy/lidao.sh
[oldboy@oldboyedu59 ~]$ cat /oldboy/lidao.sh
cat: /oldboy/lidao.sh: Permission denied
[oldboy@oldboyedu59 ~]$ /oldboy/lidao.sh
-bash: /oldboy/lidao.sh: Permission denied
文件的rw小结:
1.r 是否能查看文件的内容
2.w 是否能修改文件内容 需要r配合
3.只有w的时候vim强制修改文件 会导致源文件内容被覆盖
[root@oldboyedu59 ~]# #root 修改权限 x
[root@oldboyedu59 ~]# chmod u=x /oldboy/lidao.sh
[root@oldboyedu59 ~]# ll /oldboy/lidao.sh
---xr-xr-x 1 oldboy oldboy 19 Apr 23 10:14 /oldboy/lidao.sh
文件的rwx小结:
1.r 是否能查看文件的内容
2.w 是否能修改文件内容 需要r配合
3.只有w的时候vim强制修改文件 会导致源文件内容被覆盖
4.x 是否能执行(命令或脚本) 需要r配合
root 环境准备
mkdir -p /oldboy/lidao
chown oldboy.oldboy /oldboy/lidao
touch /oldboy/lidao{01..5}.txt
[root@oldboyedu59 ~]# ll -d /oldboy/lidao
drwxr-xr-x 2 oldboy oldboy 214 Apr 19 09:25 /oldboy/lidao
root 测试目录r权限
[root@oldboyedu59 ~]# chmod u=r /oldboy/lidao
[root@oldboyedu59 ~]# ll -d /oldboy/lidao
dr--r-xr-x 2 oldboy oldboy 214 Apr 19 09:25 /oldboy/lidao
oldboy 测试目录r权限
[oldboy@oldboyedu59 /oldboy]$ ll -d lidao
dr--r-xr-x 2 oldboy oldboy 214 Apr 19 09:25 lidao
[oldboy@oldboyedu59 /oldboy]$ ls -l lidao
ls: cannot access lidao/oldboy01.txt: Permission denied
ls: cannot access lidao/oldboy02.txt: Permission denied
ls: cannot access lidao/oldboy03.txt: Permission denied
ls: cannot access lidao/oldboy04.txt: Permission denied
ls: cannot access lidao/oldboy05.txt: Permission denied
ls: cannot access lidao/alex01.txt: Permission denied
ls: cannot access lidao/alex02.txt: Permission denied
ls: cannot access lidao/alex03.txt: Permission denied
ls: cannot access lidao/alex04.txt: Permission denied
ls: cannot access lidao/alex05.txt: Permission denied
ls: cannot access lidao/oldboy.txt: Permission denied
total 0
-????????? ? ? ? ? ? alex01.txt
-????????? ? ? ? ? ? alex02.txt
-????????? ? ? ? ? ? alex03.txt
-????????? ? ? ? ? ? alex04.txt
-????????? ? ? ? ? ? alex05.txt
-????????? ? ? ? ? ? oldboy01.txt
-????????? ? ? ? ? ? oldboy02.txt
-????????? ? ? ? ? ? oldboy03.txt
-????????? ? ? ? ? ? oldboy04.txt
-????????? ? ? ? ? ? oldboy05.txt
-????????? ? ? ? ? ? oldboy.txt
[root@oldboyedu59 ~]# #测试目录的w
[root@oldboyedu59 ~]# chmod u=w /oldboy/lidao
[root@oldboyedu59 ~]# ll -d /oldboy/lidao
d-w-r-xr-x 2 oldboy oldboy 214 Apr 19 09:25 /oldboy/lidao
[oldboy@oldboyedu59 /oldboy]$ ls -l /root/
ls: cannot open directory /root/: Permission denied
[oldboy@oldboyedu59 /oldboy]$ touch /etc/passwd.txt
touch: cannot touch ‘/etc/passwd.txt’: Permission denied
[oldboy@oldboyedu59 /oldboy]$ rm -f /etc/hosts
rm: cannot remove ‘/etc/hosts’: Permission denied
[oldboy@oldboyedu59 /oldboy]$ cat /etc/shadow
cat: /etc/shadow: Permission denied
[oldboy@oldboyedu59 /oldboy]$ echo '#' >>/etc/passwd
-bash: /etc/passwd: Permission denied
Permission denied
查看umask
[root@oldboyedu59 ~]# umask
0022
文件默认权限的由来
666
-022
=644
目录默认的权限由来
777
-022
=755
umask 032
文件默认权限的由来
666
-032
=634
+010
644
目录默认的权限由来
777
-032
=745
1.umask 035 file dir默认的权限
file 666
-035
631
642
dir 777
035
742
2.创建文件的时候权限是000,创建目录的时候权限是111 umask?
模拟环境:
useradd www
mkdir -p /app/blog/uploads
touch /app/blog/guoav{01..5}-blue-ray-4k.mkv.torrent
root 窗口 www窗口
[oldboy@oldboyedu59 /app/blog]$ touch /app/blog/uploads/ycw-5k-100tb.torrent
touch: cannot touch ‘/app/blog/uploads/ycw-5k-100tb.torrent’: Permission denied
[oldboy@oldboyedu59 /app/blog]$ ll -d /app/blog/uploads/ycw-5k-100tb.torrent
ls: cannot access /app/blog/uploads/ycw-5k-100tb.torrent: No such file or directory
[oldboy@oldboyedu59 /app/blog]$ ll -d /app/blog/uploads/
drwxr-xr-x 2 root root 6 Apr 23 11:55 /app/blog/uploads/
方法1 给uploads 目录o+w
方法2 把uploads 修改为www.www
网站程序代码 /app/blog 目录 站点目录(单机权限控制)
1.谁运行网站程序
虚拟用户 www
2.控制权限
站点目录下文件 644 root root
站点目录下目录 755 root root
3.对于上传目录uploads
站点目录下文件 644 www www
站点目录下目录 755 www www
4.通过程序控制 只能上传图片或压缩包
5.取消上传上来的文件的执行权限(讲解到nfs的时候)