LMLPHP后院

扫码查看  原文链接 : https://blog.lmlphp.com/archives/356/Understanding_of_user_group_permissions_under_Linux  来自 : LMLPHP后院

本篇讲述 Linux 用户组别权限的理解，希望给大家带来帮助。

先看操作历史记录。

Last login: Thu Aug  3 03:31:18 2017 from 202.101.22.42
root@may:~# groups root
root : root
root@may:~# groups sudo
groups: sudo: no such user
root@may:~# groups www-data
www-data : www-data
root@may:~# usermod -G www-data root
You have new mail in /var/mail/root
root@may:~# groups www-data
www-data : www-data
root@may:~# exit
logout
Connection to lmlphp.com closed.



Last login: Thu Aug  3 04:29:46 2017 from 202.101.22.42
root@may:~# groups www-data
www-data : www-data
root@may:~# groups root
root : root www-data
root@may:~# usermod --help
Usage: usermod [options] LOGIN

Options:
  -c, --comment COMMENT         new value of the GECOS field
  -d, --home HOME_DIR           new home directory for the user account
  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
  -f, --inactive INACTIVE       set password inactive after expiration
                                to INACTIVE
  -g, --gid GROUP               force use GROUP as new primary group
  -G, --groups GROUPS           new list of supplementary GROUPS
  -a, --append                  append the user to the supplemental GROUPS
                                mentioned by the -G option without removing
                                him/her from other groups
  -h, --help                    display this help message and exit
  -l, --login NEW_LOGIN         new value of the login name
  -L, --lock                    lock the user account
  -m, --move-home               move contents of the home directory to the
                                new location (use only with -d)
  -o, --non-unique              allow using duplicate (non-unique) UID
  -p, --password PASSWORD       use encrypted password for the new password
  -R, --root CHROOT_DIR         directory to chroot into
  -s, --shell SHELL             new login shell for the user account
  -u, --uid UID                 new UID for the user account
  -U, --unlock                  unlock the user account
  -v, --add-subuids FIRST-LAST  add range of subordinate uids
  -V, --del-subuids FIRST-LAST  remvoe range of subordinate uids
  -w, --add-subgids FIRST-LAST  add range of subordinate gids
  -W, --del-subgids FIRST-LAST  remvoe range of subordinate gids
  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account

root@may:~# group
groupadd  groupdel  groupmod  groups
root@may:~# groupdel --help
Usage: groupdel [options] GROUP

Options:
  -h, --help                    display this help message and exit
  -R, --root CHROOT_DIR         directory to chroot into

You have new mail in /var/mail/root
root@may:~# man groupdel
-bash: man: command not found
root@may:~# vim /etc/passwd
You have new mail in /var/mail/root
root@may:~# groups
root www-data
root@may:~# vim /etc/group
root@may:~# usermod -G lin root
root@may:~# groups
root www-data
root@may:~# groups root
root : root lin
root@may:~# groups www-data
www-data : www-data
root@may:~# groups lin
lin : lin sudo
root@may:~# groups
root www-data
root@may:~# groups root
root : root lin
root@may:~# exit
logout
Connection to lmlphp.com closed.



Welcome to Ubuntu 14.04 LTS (GNU/Linux 2.6.32-042stab108.8 x86_64)

 * Documentation:  https://help.ubuntu.com/
You have new mail.
Last login: Thu Aug  3 04:31:07 2017 from 202.101.22.42
root@may:~# groups
root lin
root@may:~# groups root
root : root lin
root@may:~# usermod -G www-data root
root@may:~# groups
root lin
root@may:~# groups root
root : root www-data
root@may:~#

以上操作历史可见：groups 后接用户名，显示用户所在的组别，可能还未生效。直接执行 groups 返回当前用户的组别，当前的权限范围内的组别，也许一退出就发生变化。

关于 usermod 的用法，参考 shell 教程 使用groupadd命令创建新用户组 和 使用usermod修改用户信息。