System V共享内存权限位：含义，以及如何更改 [英] System V shared memory permission bits: meaning, and how to change

问题描述

我知道，当我创建一个共享内存块，我们设置权限，使每个proccess可以读取和该块与0​​777（不知道为什么，我的老师只是说使用它这样）写的。

I know that when i create a shared memory block, we set the permission so that every proccess can read and write in that block with 0777 (no idea why, my teacher just said to use it like that).

我和shmget的，创建：

I'm creating with shmget as:

shmget(IPC_PRIVATE, sizeof(server_config), IPC_CREAT|0777)

不过，我想知道：

However I'd like to know:

• 各有什么数字意味着

• What each number means

如何更改标志被创建的共享内存块后

How to change the flag after the shared memory block is created

如何只允许1 proccess写的，而所有其他proccesses只能读

How to only allow 1 proccess to write, while all the other proccesses can only read

推荐答案

这是一个八进制数或编辑选项，您使用的目录权限相同。

It's an octal number of ORed options the same ones that you use for directory permissions.

这是它们的含义（源）

rwx rwx rwx = 111 111 111
rw- rw- rw- = 110 110 110
rwx --- --- = 111 000 000

and so on...

rwx = 111 in binary = 7
rw- = 110 in binary = 6
r-x = 101 in binary = 5
r-- = 100 in binary = 4

其中当然，研究表示的阅读和是W 为写的再 X 手段的执行的

Where of course, r stands for read and w for write then x means execute.

有也（看到这些价值观定义的常量人 开放（2） ）

There are also constants defined with these values (see man open(2))

S_IRWXU  00700 user (file owner) has read, write and execute permission
S_IRUSR  00400 user has read permission
S_IWUSR  00200 user has write permission
S_IXUSR  00100 user has execute permission
S_IRWXG  00070 group has read, write and execute permission
S_IRGRP  00040 group has read permission
S_IWGRP  00020 group has write permission
S_IXGRP  00010 group has execute permission
S_IRWXO  00007 others have read, write and execute permission
S_IROTH  00004 others have read permission
S_IWOTH  00002 others have write permission
S_IXOTH  00001 others have execute permission

正如你所看到的 0777 拥有国内领先的 0 ，因为它是八进制，相当于 S_IRWXU | S_IRWXG | S_IRWXO 。

As you can see 0777 has a leading 0 because it's octal and is equivalent to S_IRWXU | S_IRWXG | S_IRWXO.

要回答你的另外两个问题：

To answer your other two questions:

• 您可以更改共享内存块的权限与 了shmctl 。它是这样的 - 没有经过充分测试，可能是车：

• You can change the permissions on a shared memory block with shmctl. It goes something like this -- completely untested, may be buggy:

int change_shm_perm(int shmid, mode_t new_permissions)
{
  struct shmid_ds buf;
  if (shmctl(shmid, IPC_STAT, &buf)) {
    perror("shmctl(IPC_STAT)");
    return -1;
  }
  buf.shm_perm = (buf.shm_perm & ~0777) | (new_permissions & 0777);
  if (shmctl(shmid, IPC_SET, &buf)) {
    perror("shmctl(IPC_SET)");
    return -1;
  }
  return 0;
}

要只允许一个过程来写，而所有其他人只能读，与写权限的进程必须根据自己的UID运行。然后，你有一个过程中创建的内存段，并设置其权限 0644 。它应该是从模式位的解释，为什么这个有预期的效果清晰。

To allow only one process to write, while all others can only read, the process with write privileges must run under its own uid. Then you have that process create the memory segment and set its permissions to 0644. It should be clear from the explanation of mode bits why this has the desired effect.

这篇关于System V共享内存权限位：含义，以及如何更改的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！