$ ll a -rw-r--r-- 1 root root 12 Jan 11 21:01 a $ chmod -c 755 a changed from 0644 (rw-r--r--) to 0755 (rwxr-xr-x) $ ll a -rwxr-xr-x 1 root root 12 Jan 11 21:01 a $ chmod -v 644 a changed from 0757 (rwxr-xrwx) to 0644 (rw-r--r--) $ chmod -v 644 a retained as 0644 (rw-r--r--)
$ ll a b -rwxr-xr-x 1 root root 12 Jan 11 21:01 a -rw-r--r-- 1 root root 12 Jan 11 21:04 b $ chmod --reference=a b $ ll a b -rwxr-xr-x 1 root root 12 Jan 11 21:01 a -rwxr-xr-x 1 root root 12 Jan 11 21:04 b
# 不足4位,则默认用0填充 $ ll file -rw-r--r-- 1 root root 0 Feb 24 15:25 file $ chmod -v 2 file mode of ‘file’ changed from 0644 (rw-r--r--) to 0002 (-------w-) $ chmod -v 22 file mode of ‘file’ changed from 0002 (-------w-) to 0022 (----w--w-) $ chmod -v 222 file mode of ‘file’ changed from 0022 (----w--w-) to 0222 (-w--w--w-) $ chmod -v 2222 file mode of ‘file’ changed from 0222 (-w--w--w-) to 2222 (-w--wS-w-) $ chmod -v -2222 file mode of ‘file’ changed from 2222 (-w--wS-w-) to 0000 (---------) $ chmod -v 644 file mode of ‘file’ changed from 2222 (-w--wS-w-) to 0644 (rw-r--r--) $ chmod -v 755 file mode of ‘file’ changed from 0644 (rw-r--r--) to 0755 (rwxr-xr-x) # 指定的权限为文件的最终权限,特殊权限不会累加 $ chmod -v 4770 file mode of ‘file’ changed from 0755 (rwxr-xr-x) to 4770 (rwsrwx---) $ chmod -v 6770 file mode of ‘file’ changed from 4770 (rwsrwx---) to 6770 (rwsrws---) $ chmod -v 2770 file mode of ‘file’ changed from 6770 (rwsrws---) to 2770 (rwxrws---) $ chmod -v 644 file mode of ‘file’ changed from 2770 (rwxrws---) to 0644 (rw-r--r--) # 指定suid权限 $ chmod -v 4755 file mode of ‘file’ changed from 0644 (rw-r--r--) to 4755 (rwsr-xr-x)
$ ll -d dir drwxr-xr-x 2 root root 6 Feb 24 15:28 dir/ $ chmod -v 770 dir mode of ‘dir’ changed from 0755 (rwxr-xr-x) to 0770 (rwxrwx---) $ chmod -v 4770 dir mode of ‘dir’ changed from 0770 (rwxrwx---) to 4770 (rwsrwx---) # 目录的特殊权限为自动累加,而非指定的权限,即4770->2770->6770,这里和文件权限有差别 $ chmod -v 2770 dir mode of ‘dir’ changed from 4770 (rwsrwx---) to 6770 (rwsrws---) # 特殊权限位指定为0也无法删除对应权限 $ chmod -v 0770 dir mode of ‘dir’ retained as 6770 (rwsrws---) # 可以指定-当前权限值或-7777来清空所有权限,如下的-6770 $ chmod -v -6770 dir mode of ‘dir’ changed from 6770 (rwsrws---) to 0000 (---------) $ chmod -v -7777 dir mode of ‘dir’ changed from 6770 (rwsrws---) to 0000 (---------) # 再还原目录的默认权限755 $ chmod -v 755 dir mode of ‘dir’ changed from 0000 (---------) to 0755 (rwxr-xr-x) # 指定sgid和sticky权限,可以拆分开2755+1755,也可以直接指定为3755 $ chmod -v 2755 dir mode of ‘dir’ changed from 0755 (rwxr-xr-x) to 2755 (rwxr-sr-x) $ chmod -v 1755 dir mode of ‘dir’ changed from 2755 (rwxr-sr-x) to 3755 (rwxr-sr-t) $ chmod -v 3755 dir mode of ‘dir’ retained as 3755 (rwxr-sr-t)
# 添加和删除所有权限,包括特殊权限 $ chmod -v 7777 dir mode of ‘dir’ changed from 0755 (rwxr-xr-x) to 7777 (rwsrwsrwt) $ chmod -v -7777 dir mode of ‘dir’ changed from 7777 (rwsrwsrwt) to 0000 (---------)
# 默认用户是a,即所有用户,644 -> 755 $ chmod -v +x file mode of ‘file’ changed from 0644 (rw-r--r--) to 0755 (rwxr-xr-x) $ chmod -v -x file mode of ‘file’ changed from 0755 (rwxr-xr-x) to 0644 (rw-r--r--) # 指定所有者加x权限 $ chmod -v u+x file mode of ‘file’ changed from 0644 (rw-r--r--) to 0744 (rwxr--r--) # 指定所有者和所属组加x $ chmod -v ug+x file mode of ‘file’ changed from 0744 (rwxr--r--) to 0754 (rwxr-xr--) $ chmod -v a+x file mode of ‘file’ changed from 0754 (rwxr-xr--) to 0755 (rwxr-xr-x) # 指定所属组的权限和所有者的权限相同g=u $ chmod -v g=u file mode of ‘file’ changed from 0755 (rwxr-xr-x) to 0775 (rwxrwxr-x) # 指定权限 $ chmod -v u=rw,g=r,o=r file mode of ‘file’ changed from 0775 (rwxrwxr-x) to 0644 (rw-r--r--) # 指定所有用户权限均和所有者的权限相同a=u $ chmod -v a=u file mode of ‘file’ changed from 0644 (rw-r--r--) to 0666 (rw-rw-rw-) # 指定suid权限,注意需要同步增加x权限 $ chmod -v u=rwxs,g=rx,o=r file mode of ‘file’ changed from 0644 (rw-r--r--) to 4754 (rwsr-xr--) $ chmod -v u-s file mode of ‘file’ changed from 4754 (rwsr-xr--) to 0754 (rwxr-xr--) # 清空所有权限可以使用ugo=或a=,即指定空权限 $ chmod -v ugo= file mode of ‘file’ changed from 0754 (rwxr-xr--) to 0000 (---------) # 指定suid和sgid $ chmod -v u=rwxs,g=rwxs,o=r file mode of ‘file’ changed from 0000 (---------) to 6774 (rwsrwsr--) $ chmod -v a= file mode of ‘file’ changed from 6774 (rwsrwsr--) to 0000 (---------)
# 大小写Xx $ ll file -rwx------ 1 root root 0 Feb 24 15:25 file # 文件原来有x权限的,+X有效 $ chmod -v +X file mode of ‘file’ changed from 0700 (rwx------) to 0711 (rwx--x--x) $ chmod -v -X file mode of ‘file’ changed from 0711 (rwx--x--x) to 0600 (rw-------) # 文件原来没有任何x权限的,+X无效,需要使用+x $ chmod -v +X file mode of ‘file’ retained as 0600 (rw-------) $ chmod -v +x file mode of ‘file’ changed from 0600 (rw-------) to 0711 (rwx--x--x)
# suid和sgid权限 $ chmod 644 file # 单独加s权限无效,显示为大写S,需要配合x一起使用才行,即+xs $ chmod -v u+s file mode of ‘file’ changed from 0644 (rw-r--r--) to 4644 (rwSr--r--) # 增加suid权限 $ chmod -v u+xs file mode of ‘file’ changed from 4644 (rwSr--r--) to 4744 (rwsr--r--) # 增加sgid权限 $ chmod -v g+xs file mode of ‘file’ changed from 4744 (rwsr--r--) to 6754 (rwsr-sr--)
# 注意s权限和x权限的不同模式之间可能会覆盖,不建议数字模式和字母模式混用 # 如先+s后指定755权限就会覆盖 $ chmod 644 file $ chmod -v u+s file mode of ‘file’ changed from 0644 (rw-r--r--) to 4644 (rwSr--r--) # 指定755后suid权限被覆盖 $ chmod -v 755 file mode of ‘file’ changed from 4644 (rwSr--r--) to 0755 (rwxr-xr-x) $ chmod -v 644 file mode of ‘file’ changed from 0755 (rwxr-xr-x) to 0644 (rw-r--r--) # 分开指定+s和+x权限则为累加不会覆盖 $ chmod -v u+s file mode of ‘file’ changed from 0644 (rw-r--r--) to 4644 (rwSr--r--) $ chmod -v u+x file mode of ‘file’ changed from 4644 (rwSr--r--) to 4744 (rwsr--r--) # 推荐直接合并指定+xs权限 $ chmod -v u+xs file mode of ‘file’ changed from 0644 (rw-r--r--) to 4744 (rwsr--r--)
# sgid作用于目录,则可以继承目录的用户组属性 $ chown root:usera dir # 目录增加写权限 $ chmod 777 dir # 目录增加sgid权限 $ chmod -v g+s dir mode of ‘dir’ changed from 0777 (rwxrwxrwx) to 2777 (rwxrwsrwx) # 也可以直接通过数字模式指定sgid权限和写权限 $ chmod 2777 dir $ ll -d dir drwxrwsrwx 2 root usera 54 Feb 23 20:18 dir/ # 在目录中新建文件的用户组属性为usera而非创建者,自动继承dir目录的用户组 $ echo aaa > dir/aaa $ ll dir/ -rw-r--r-- 1 root usera 4 Feb 23 20:19 aaa
# /tmp具有sticky权限且所有用户均具有写权限,即所有用户均可以创建和删除文件,但是只能删除自己创建的文件 $ su - usera $ echo aaa > /tmp/aaa $ exit $ su - userb $ echo bbb > /tmp/bbb $ ll -d /tmp drwxrwxrwt. 14 root root 4096 Feb 24 16:55 /tmp # 用户userb想要删除usera的aaa文件,提示没有权限,只能删除自己创建的bbb文件 $ rm /tmp/aaa rm: remove write-protected regular file ‘/tmp/aaa’? y rm: cannot remove ‘/tmp/aaa’: Operation not permitted $ rm /tmp/bbb $ ll /tmp/bbb ls: cannot access /tmp/bbb: No such file or directory
# 添加删除特殊权限推荐先使用数字模式更改标准权限,然后使用字母模式更改特殊权限 $ chmod -v -7777 dir mode of ‘dir’ changed from 6755 (rwsr-sr-x) to 0000 (---------) $ chmod -v 755 dir mode of ‘dir’ changed from 0000 (---------) to 0755 (rwxr-xr-x) $ chmod -v o+t dir mode of ‘dir’ changed from 0755 (rwxr-xr-x) to 1755 (rwxr-xr-t) $ chmod -v g+s dir mode of ‘dir’ changed from 1755 (rwxr-xr-t) to 3755 (rwxr-sr-t) $ chmod -v u+s dir mode of ‘dir’ changed from 3755 (rwxr-sr-t) to 7755 (rwsr-sr-t) $ chmod -v u-s dir mode of ‘dir’ changed from 7755 (rwsr-sr-t) to 3755 (rwxr-sr-t) $ chmod -v g-s dir mode of ‘dir’ changed from 3755 (rwxr-sr-t) to 1755 (rwxr-xr-t) $ chmod -v o-t dir mode of ‘dir’ changed from 1755 (rwxr-xr-t) to 0755 (rwxr-xr-x) $ chmod -v g+s,o+t dir mode of ‘dir’ changed from 0755 (rwxr-xr-x) to 3755 (rwxr-sr-t) $ chmod -v g-s,o-t dir mode of ‘dir’ changed from 3755 (rwxr-sr-t) to 0755 (rwxr-xr-x)