ºìÁªLinuxÃÅ»§
Linux°ïÖú
µ±Ç°Î»ÖÃ: ºìÁªLinuxÃÅ»§ > Linux¼¼ÊõÓëÓ¦ÓÃ

LinuxϵͳÖÐÈçºÎʵÏÖ¶ÔϵͳÓû§µÄ¿ØÖÆ

·¢²¼Ê±¼ä:2006-09-15 09:45:34À´Ô´:ºìÁª×÷Õß:pkncoin
¡¡¡¡×î½üÒòΪ¹¤×÷ÐèÒª£¬ ÎÒ¿´ÁËһЩÓйØlinuxÔÚϵͳ°²È«É϶ÔÓû§ÎļþÊÚȨ¼°ÏµÍ³×ÊÔ´ÏÞ¶îµÄ×ÊÁÏ£¬ÔÚÕâÀïºÍ´ó¼Ò·ÖÏíÎÒµÄÌå»á¡£

¡¡¡¡µ±ÄãʹÓõÄlinuxϵͳÓû§ÓÐÒ»¶¨ÊýÄ¿µÄʱºò£¬ ϵͳ¶ÔÓû§ÔÚÎļþϵͳ°²È«·½ÃæºÍÔÚϵͳ×ÊԴʹÓ÷½ÃæµÄ¿ØÖƾͱäµÃÔ½À´Ô½ÖØÒª¡£ÀýÈ磺ÔÚÎļþµÄȨÏÞ£¬ÎļþµÄÊôÐÔ£¬ÎļþϵͳµÄÏÞ¶îºÍϵͳ×ÊÔ´·½Ã棬linux¶¼ÌṩÏàÓ¦µÄ¿ØÖÆ·½·¨¡£ÏÂÃæ¾Í´ÓÕâËĸö·½Ãæ̸̸Linux¡£

¡¡¡¡ÎļþȨÏÞ

¡¡¡¡ÎļþȨÏÞ¶ÔÓÚÿ¸ölinuxµÄʹÓÃÕßÀ´ËµÊÇ×îΪÊìϤÁË¡£ ËüÊÇÒ»ÖÖ¶ÔÓû§Îļþ·ÃÎÊ¿ØÖƵĻúÖÆ£¬ÄÜÏÞÖÆÓû§¶ÔÎļþϵͳ»î¶¯·¶Î§£¬ÄܽµµÍÓû§¶Ôϵͳ°²È«Íþв¡£

¡¡¡¡À´¿´Ò»¸ö¼òµ¥µÄÀý×Ó:

[code][chase@lustre doc]$ ls -l-rw-rw-r-- 1 chase chase 2 Feb 17 00:17 a.txt[/code]

¡¡¡¡ÕâÊÇÔËÐÐls -l µÄ½á¹û¡£ÔÚÕâÀïÎÒÃÇ¿ÉÒÔÇå³þµÄ¿´µ½Ò»Ð©¹ØÓÚÎļþa.txtµÄÐÅÏ¢¡£ÕâЩÐÅÏ¢Ö÷ÒªµÄº¬ÒåÈçÏÂ:

¡¡¡¡-rw-rw-r--(ÎļþȨÏÞ) 1(ÎļþÁ´½ÓÊý) chase(ÓµÓÐÕß)chase(Óû§×éºÅ) 2(Îļþ´óС)Feb 17 00:17(×îºóÐÞ¸ÄÈÕÆÚ) a.txt(ÎļþÃû)ÉÏÃæµÄÐÅÏ¢±íʾÎļþÊÇÓÉchaseÓµÓкÍÊôÓÚchaseÓû§×é¡£¶øÔÚȨÏÞλÉÏ£¬ÎÒÃÇ¿ÉÒÔ°ÑËü·Ö³ÉËIJ¿·Ö:

¡¡¡¡-(ÎļþÀàÐÍ) rw-(ÓµÓÐÕßȨÏÞ) rw-(Óû§×éȨÏÞ) r--(ÆäËûÓû§È¨ÏÞ)

¡¡¡¡¶ÔÓÚµÚÒ»²¿·Ö±íʾÎļþµÄÀàÐÍ£¬ÔÚlinuxÏÂÒ»¹²ÓÐÆßÖÖÎļþÀàÐÍ£¬°üÀ¨Ì×½Ó×Ö(s)£¬·ûºÅÁ´½ÓÎļþ(l)£¬ÆÕͨÎļþ(-)£¬¿ìÉ豸Îļþ(b)£¬Ä¿Â¼(d)£¬×Ö·ûÉ豸(c)ºÍÃüÃû¹ÜµÀ(P) (À¨ºÅÖÐÊÇÎļþÔÚȨÏÞλÉϵıíʾ·û)¡£ÆäËûÈý²¿·Ý½á¹¹ÀàËÆ£¬¶¼ÊÇÓÃÈý¸ö×Ö·û(rwx)±íʾ¡£r¶ÔÓ¦µÄÊǶÁȨÏÞ£¬w¶ÔÓ¦µÄÊÇдȨÏÞ£¬x¶ÔÓ¦µÄÊÇÓÐÔËÐеÄȨÏÞ¡£ ¶ÔÓÚÕâÈý²¿·ÖÎÒÃǶ¼¿ÉÒÔÓÃÈýλ¶þ½øÖÆ»òһλ°Ë½øÖÆÊýÀ´±íʾ£¬µ±Ä³Ò»Î»Ê¹ÄÜʱ¾Í°ÑÕâһλ·ûֵΪ1£¬Èçrw-¾Í±íʾ¶ÁºÍдλʹÄÜ£¬¶ÔÓ¦µÄλ¸³1£¬ËùÒÔÔÚÕâÖÖÇé¿öÏ¿ÉÒÔÓöþ½øÖÆ110»ò°Ë½øÖÆ6±íʾ¡£

¡¡¡¡µ±ÎÒÃÇÒª¸Ä±äÎļþȨÏÞʱ¼È¿ÉÒÔÓÃ×Ö·û·½Ê½£¬ÓÖ¿ÉÒÔÓð˽øÖÆÊýµÄ·½Ê½¡£¸Ä±äÎļþȨÏÞµÄÃüÁîÊÇchmod¡£ÓÃ×Ö·û·½Ê½µÄ»°£¬ÆäÖÐu´ú±íÓµÓÐÕߣ¬g´ú±íÓû§×飬o´ú±íÆäËûÓû§ºÍa´ú±íËùÓÐÈË¡£ÀýÈçµ±ÄãÒª°ÑÉÏÎļþa.txtµÄȨÏ޸ıäΪÓû§×éÖ»ÄܶÁ£¬¾Í¿ÉÒÔÓÃ

[code][chase@lustre doc]$ chmod g-w a.txt
[chase@lustre doc]$ ls -l
-rw-r--r-- 1 chase chase 2 Feb 17 00:35 a.txt[/code]

¡¡¡¡ÕâÑùÓû§×é¾Í¶ÔÕâ¸öÎļþÖ»¶Á¡£Èç¹ûÄãÔËÐÐÏÂÃæµÄÃüÁî

[code][chase@lustre doc]$ chmod +x a.txt
[chase@lustre doc]$ ls -l-rwxr-xr-x 1 chase chase 2 Feb 17 00:35 a.txt[/code]

¡¡¡¡ËùÓеĿÉÔËÐÐλ¶¼»áʹÄÜ£¬µ«ÊÇ

[code][chase@lustre doc]$ chmod +w a.txt
[chase@lustre doc]$ ls -l-rw-rw-r-- 1 chase chase 2 Feb 17 00:35 a.txt[/code]

¡¡¡¡¾Í²»»á°Ñ¿Éдλȫ²¿Ê¹ÄÜ£¬Ò»¶¨Òªa+w²Å¿ÉÒÔ£¬Ö÷ÒªµÄÔ­ÒòÎÒ²»Ì«Çå³þ£¬ ¿ÉÄܳöÓÚ°²È«¿¼ÂÇ°É¡£Èç¹ûÓÃÊý×Ö·½Ê½£¬Í¬Ñù°´ÉϵÄȨÏ޸ıä˳Ðò£¬ÔËÐÐÃüÁîÈçÏÂ

[code][chase@lustre doc]$ chmod 644 a.txt
[chase@lustre doc]$ ls -l-rw-r--r-- 1 chase chase 2 Feb 17 00:35 a.txt[/code]

¡¡¡¡ËùÓÐÔËÐÐλʹÄÜ

[code][chase@lustre doc]$ chmod 755 a.txt
[chase@lustre doc]$ ls -l-rwxr-xr-x 1 chase chase 2 Feb 17 00:35 a.txt[/code]

¡¡¡¡ÁíÍ⻹ÓÐSUID»òSGID£¬ÕâÁ½¸öȨÏÞλÖ÷ÒªÊÇÉ趨Óû§»òÓû§×éµÄÔËÐÐID¡£SUID¹¦ÄÜÊǵ±Óû§(²»Ò»¶¨ÊǸÃÎļþµÄÓµÓÐÕß)Ö´ÐÐSUIDÎļþʱ£¬ Õâ¸öÎļþÓÐЧÓû§ºÅ(UID)¾Í»á±»É趨Ϊ¸ÃÎļþÓµÓÐÕßµÄÓû§ºÅ(UID)£»¶ÔÓÚGUID£¬ÀàËÆSUIDµ±Óû§(²»Ò»¶¨ÊǸÃÎļþµÄÓû§×é³ÉÔ±)ÕâÐÐSGIDÎļþʱ£¬Õâ¸öÎļþµÄÓÐЧÓû§×éºÅ(GID)¾Í»á±»É趨Ϊ¸ÃÎļþµÄÓû§×éºÅ(GIU)¡£
ÎÄÕÂÆÀÂÛ

¹²ÓÐ 2 ÌõÆÀÂÛ

  1. lgms2008 ÓÚ 2006-09-15 16:52:23·¢±í:

    ÊܽÌÁË

  2. pkncoin ÓÚ 2006-09-15 09:47:10·¢±í:

    ¡¡¡¡³ýÁËÒÔÉÏ˵ȨÏÞλÒÔÍ⣬»¹ÓÐÒ»¸öȨÏÞλ˵һ˵µÄ£¬µ±ÄãÔËÐÐÏÂÃæµÄÃüÁîʱ

    [code][chase@lustre doc]$ ls -ld /tmp/drwxrwxrwt 3 root root 4096 Feb 16 23:42 /tmp/[/code]

    ¡¡¡¡ÓÐûÓÐ×¢Òâµ½ÔÚȨÏÞλÖеÚÈý²¿·ÝµÄ×îºóһλ¾¹È»ÊÇt£¬ÕâһȨÏÞλµÄÃû×Ö½ÐÕ³×Åλ(sticky bit)¡£ÎÒ¼ûһЩÊéÊÇÕâô·­ÒëµÄ£ºÕâÖÖȨÏÞÖ÷ÒªÊÇÔÚĿ¼ÉϳöÏÖ£¬ËüÊÇʹÓû§ÔÚÕâ¸öĿ¼ÀïÖ»ÄÜɾ³ýÊôÓÚ×Ô¼ºµÄÎļþ£¬¶ø²»ÄÜɾ³ýÆäËûÈ˵ÄÎļþ¡£ÏÂÃæÊÇPractical UNIX& Internet Security Ò»ÊéÖжÔÕ³×ÅλÆðÔ´µÄ˵Ã÷:

    ÒýÓÃ:
    The Origin of "Sticky"A very long time ago£¬ UNIX ran onmachines with much less memory than today: 64 kilobytes, for instance. This amount of memory was expected to contain a copy of the operating system, I/O buffers, and running programs. This memory often wasn't sufficient when there were several large programs running at the same time.To make the most of the limited memory, UNIX swapped processes to and fromsecondarystorage as their turns at the CPU ended. When a program was started, UNIX would determine the amount of storage that might ultimately be needed for the program, its stack,and all its data. It then allocated a set of blocks on the swap partition of the disk or drum attached to the system. (Many systems still have a /dev/swap, or a swapper process that is a holdover from these times.)

    Each time the process got a turn from the scheduler, UNIX would swap in the program and data, if needed, execute for a while, and then swap out the memory copy if the space was needed for the next process. When the process exited or exec'd another program, the swap space was reclaimed for use elsewhere. If there was not enough swap space to hold the process's memory image, the user got a "No memory error " (still possible on many versions of UNIX if a large stack or heap is involved.)

    Obviously, this is a great deal of I/O traffic that could slow computation. So, one of the eventual steps was development of compiler technology that constructed executable files with two parts: pure code that would not change, and everything else. These were indicated with a special magic number in the header inside the file. When the program was first executed, the program and data were copied to their swap space on disk first, then brought into memory to execute. However, when the time comes to swap out, the code portions were not written to disk - they would not have changed from what was already on disk! This change was a big savings.

    The next obvious step was to stop some of that extra disk-to-disk copying at start-up time. Programs that were run frequently - such as cc, ed, and rogue - could share the same program pages. Furthermore, even if no copy was currently running, we could expect another one to be run soon. Therefore, keeping the pages in memory and on the swap partition, even while we weren't using them, made sense. The "sticky bit" was added to mark those programs as worth saving.

    Since those times, larger memories and better memory management methods have largely removed the original need for the sticky bit.


    ¡¡¡¡¶ÔÓÚÉÏÃæ˵µÄÈý¸öȨÏÞ룬ÎÒÃÇÔõÑù¸Ä±äÄØ£¿¶ÔÓÚÕâÈý¸öȨÏÞ룬 chmodÓжÔÓ¦µÄ×Ö·ûºÍ°Ë½øÖÆÊý·½Ê½À´¸Ä±ä¡£¶ÔÓÚSUIDºÍSGIDλÎÒÃÇÖ»ÄÜÓÃu+/-s»òg+/-sÀ´¸Ä±ä£»¶øÕ³×Åλ¾ÍÓÃ+t¾Í¿ÉÒÔÀ­£¬ÒòΪËüÊǶÔËùÓеÄÓû§ÊÚȨµÄ£¬ÕâÊÇÓÃ×Ö·û·½Ê½¸Ä±äµÄ·½·¨:

    ¡¡¡¡SUID¸Ä±ä

    [code][chase@lustre doc]$ ls -l a.txt;chmod u+s a.txt;ls -l a.txt-rwxr-xr-x 1
    chase chase 2 Feb 17 00:35 a.txt-rwsr-xr-x 1
    chase chase 2 Feb 17 00:35 a.txt[/code]

    ¡¡¡¡GUID¸Ä±ä

    [code][chase@lustre doc]$ ls -l a.txt;chmod g+s a.txt;ls -l a.txt-rwsr-xr-x 1
    chase chase 2 Feb 17 00:35 a.txt-rwsr-sr-x 1
    chase chase 2 Feb 17 00:35 a.txt[/code]

    ¡¡¡¡Õ³×Åλ¸Ä±ä

    [code][chase@lustre doc]$ ls -l;chmod +t sticky;ls -ldrwxrwxr-x 2 chase
    chase 4096 Feb 17 04:25 stickydrwxrwxr-t 2
    chase chase 4096 Feb 17 04:25 sticky[/code]

    ¡¡¡¡ÔÚÓð˽øÖÆ·½Ê½¸Ä±äµÄ»°£¬ËüÃÇÈýλ¶¼ÓÐÏñ¶ÁдºÍ¿ÉÖ´ÐÐλ°Ë½øÖƱíʾ·¨£¬Ö»²»¹ýÔÚÎļþȨÏÞµÄÀ©Õ¹Î»£¬¶ÔÓ¦µÄ°Ë½øÖÆ·Ö±ðΪ4000(SUID)£¬2000(SGID)ºÍ1000(sticky bit)

    ¡¡¡¡SUID¸Ä±ä

    [code][chase@lustre doc]$ ls -l a.txt;chmod 4755 a.txt;ls -l a.txt-rwxr-xr-x 1
    chase chase 2 Feb 17 00:35 a.txt-rwsr-xr-x 1
    chase chase 2 Feb 17 00:35 a.txt[/code]

    ¡¡¡¡GUID¸Ä±ä

    [code][chase@lustre doc]$ ls -l a.txt;chmod 2755 a.txt;ls -l a.txt-rwsr-xr-x 1
    chase chase 2 Feb 17 00:35 a.txt-rwsr-sr-x 1 chase chase 2 Feb 17 00:35 a.txt[/code]

    ¡¡¡¡Õ³×Åλ¸Ä±ä

    [code][chase@lustre doc]$ ls -l;chmod 1755 sticky;ls -ldrwxrwxr-x 2 chase
    chase 4096 Feb 17 04:25 stickydrwxrwxr-t 2 chase chase 4096 Feb 17 04:25 sticky[/code]

    ¡¡¡¡µ±È»£¬Óû§·ÃÎʸÃÎļþʱ£¬ÏµÍ³»á¶ÁȡȨÏÞλÀ´ÅжÏÓû§¶Ô¸ÃÎļþµÄ·ÃÎÊȨÏÞ¡£ºÍÎļþȨÏÞÓйصÄϵͳ²ÎÊý»¹ÓÐÓû§È±Ê¡µÄÎļþÑÚÂ룬Á˽âÓû§µÄȱʡµÄÎļþÑÚÂë¿ÉÒÔÔËÐÐÃüÁî[chase@lustre doc]$ umask 0002

    ¡¡¡¡0002¾ÍÊÇÓû§È±Ê¡µÄÎļþÑÚÂ룬Ëü¾ö¶¨µ±Óû§½¨Á¢ÎļþʱȱʡµÄÎļþȨÏÞ£¬ËüºÍÎļþȨÏ޵ĹØϵÊÇ£ºÆÕͨÎļþ£º666&002=664£»Ä¿Â¼£º777&002=775¡£

    ¡¡¡¡¸Ä±äȱʡµÄÎļþÑÚÂëÖ»ÒªÔÚumaskºó¼ÓÉÏÏëÒªÉ趨µÄÎļþÑÚÂë¾Í¿ÉÒÔÀ­¡£ Èç¹ûÄã²»Ïëÿ´ÎµÇ½Ð޸ĵĻ°£¬¿ÉÒÔÔÚ`/.bash_profile¼ÓÉÏumask 077¡£

    ¡¡¡¡¿ÉÄÜÒÔÉÏ˵µÄ£¬¶ÔÓںܶàÈËÀ´Ëµ¶¼ÖªµÀ£¬µ«Êǵ±ÄãµÄϵͳÓû§ÈËÊý±È½Ï¶àµÄʱºò£¬ÕâЩÎļþȨÏÞʹÓÃÊÇÒªÌرðСÐÄ£¬ÒÔÃâһʱ²»É÷£¬Ôì³É¶Ôϵͳ²»±ØÒªÆÆ»µ¡£

ƵµÀÎÄÕÂ

×îн̳Ì

Ëæ»úÍƼö

¹ØÓÚÎÒÃÇ | ºÏ×÷ | ÁªÏµÎÒÃÇ

© linuxdiyf.com ºìÁªLinuxÃÅ»§ °æȨËùÓÐ