如何找到可按组或其他方式写入的主目录? [英] how do I find home directories that are writable by group or other?
问题描述
我真的是Bash Script的新手,所以如果这个问题听起来很愚蠢,请多多包涵.我也不太确定要在互联网上搜索什么.如果我需要编写一个Shell脚本来列出任何目录,其中一个用户的主目录可以被其他用户修改,该怎么办?无法理解此由其他用户进行的修改"是什么意思.请提供帮助.谢谢!
I am really new to Bash Scripting so please bear with me if this question sounds stupid. I am also not too sure what to search on the internet.What should I do if I need to write a shell script to list any directory where one user's home directory can be modified by some other user? I am not able to understand what this 'modified by some other user means'.Please help. Thanks !
推荐答案
您的问题的简短答案是:不需要脚本,只需:
The very short answer to your question is: no script needed, simply:
ls -al /home
这将为您列出所有用户以及每个用户主目录的相应权限.Linux文件权限由 10位
控制,这些位表示谁具有访问权限,什么(如果有的话)特殊权限与给定文件相关联.讨论时,权限位通常表示为 drwxrwxrwx
.第一个或特殊的位含义如下:
That will list for you all users and the respective permissions for each users home directory. Linux file permission are controlled by 10 bits
that represent who has access and what, if any, special permissions are associated with a given file. The permissions bits are usually represented for discussion as drwxrwxrwx
. The first, or special, bit meaning is as follows:
_: (unset) indicates a regular file with no special properties
d: directory,
l: link,
s: the directory is setuid/setgid
t: sticky bit
接下来的九位 rwxrwxrwx
(三组 rwx
)控制对所有者文件的访问.那么谁是所有者 组或世界?让我们来看一个 ls -al/home
的示例:
The next nine bits rwxrwxrwx
(3 sets of rwx
) control the access the owner group world
has to the file in question. So who is the owner group or world? Let's look at an example from ls -al /home
:
drwxr-xr-x 15 deborah users 4096 Mar 11 2011 deborah
查看信息,我们可以将10位和信息分开,如下所示:
Looking at the information we can separate the 10 bits and information as follow:
d rwx r-x r-x .. deborah users ..... deborah
| | | \ \ \
owner | world owner group filename
group
特殊权限位上方是 d
,它表示文件名(最右边的 deborah )是目录.第一组3位指定所有者(deborah)具有 r
ead, w
rite和e x
ecute对文件的权限.同样,下一组3指定组(用户)具有 r
ead和e x
ecute权限,但没有 w
rite权限.注意:对于目录,执行位还控制(所有者,组或世界)是否可以进入目录
.同样,世界(每个人)与组(用户)具有相同的权限.
Above the special permission bit is a d
which indicates that the filename (at the far right deborah) is a directory. The first set of 3 bit specifies that the owner (deborah) has r
ead, w
rite and ex
ecute permission on the file. Similarly, the next set of 3 specify that the group (users) has r
ead and and ex
ecute permission but no w
rite permission. NOTE: with a directory, the execute bit also control whether the (owner, group or world) can descend into the directory
. In like manner, the world (everybody) has the same permission as group (users).
要操作这些位,请使用 chmod
(更改模式)命令.要操纵用户或组,请使用 chown
(更改所有者)命令. chown
命令具有简单的基本用法,只需指定新的 owner
和 group
,并用冒号:
分隔即可.例如,要将上面显示的文件更改为用户 david
和组 samba
所拥有,则命令将为 chown david:samba filename
To manipulate the bits, you use the chmod
(change mode) command. To manipulate the user or group, you use the chown
(change owner) command. The chown
command has simple basic usage, just specify the new owner
and group
separated by a colon :
. For example to change the file shown above to be owned by user david
and group samba
the command would be chown david:samba filename
有两种方法可以使用 chmod
更改权限或(模式).您既可以为特殊位指定八进制等效项,又可以通过数字一次指定三组所有者,组和世界位.例如:要为用户和组创建目录 rwx
,您可以发出以下命令:
There are two ways to change the permissions or (mode) with chmod
. You either specify the octal equivalent for special bit and the 3 sets of owner, group and world bits at once numerically. Example: to make the directory rwx
for the user and group you would issue the command:
chmod 0775 filename # to set all permissions as desired at once
0
仅表示目录没有特殊位设置,第一个 7
表示二进制 111
(或 rwx
),用户,第二个 7
表示组,最后一个 5
世界应具有(二进制 101
) r_x
权限.尽管并不总是必需,但建议您提供前导 0
,即使不会更改特殊权限位以消除任何歧义也是如此.
The 0
simply stating no special bit settings for the directory, the first 7
indicating the binary 111
(or rwx
) for the user, the second 7
indicating the same for the group and the final 5
indicating the world should have (binary 101
) r_x
permissions. While not always required, it is recommended to provide the leading 0
even when there will be no change to the special permission bit to remove any ambiguity.
您还可以将chmod与 +/-/= r
, w
, x
一起使用(对于相应的 rwx
位)表示 u
, g
或 o
u
ser, g
roup或 o
wner权限(您可以使用 a
对 all 进行剪切).要将所有内容放在一起并使用八进制位将模式设置为与上图所示相同,只需执行以下操作:
You can also use chmod with +/-/= r
, w
, x
(for corresponding rwx
bits) for u
, g
, or o
u
ser, g
roup, or o
wner permissions (you can shorcut using a
for all). To put it all together and set the mode the same as shown above using octal bit, you would simply do:
chmod g+w filename # to add the single write bit to group 'users'
使用此方法,可能需要多次调用 chmod
来设置所需的所有权限,但是使用八进制权限进行对比,则可以设置 all 权限一次通话中输入字段.
Using this method, you may be required to make multiple calls to chmod
to set all permission as required, but contrast using the octal permissions, you can set all permission fields in a single call.
显然,要完成的工作不止于此,但是对于一个很好的介绍来说,这应该足以使您开始管理权限和所有权.(显然,该帖子的发布时间也比最初预期的要长,请欣赏).
Obviously there is much more to it than this, but for a good introduction, this should be enough to get you started managing permissions and ownership. (obviously this post also turned out way longer than initially anticipated, enjoy).
这篇关于如何找到可按组或其他方式写入的主目录?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!