Linux – File Permissions and the ‘chmod’ Command
Linux was designed to be a multi-user operating system. So
there must be a way to limit who has access to what files, and how much access.
There are three sets of users in linux,
· User-this is an individual, such as yourself, that has login credentials to the system. Each user has their own home directory where they have full access to the files.
· Group-this is a set of multiple users. A group is typically created by the system admin. For instance, at a university, there could be a group setup for each course, where the professor is the group leader, and students are group members.
· Other-this refers to individuals that are not the user and not in the group being discussed.
Linux uses file permission attributes to set who has access to what files. Type in 'ls -l' in any directory with at least one file in it. This will show you all the information about each file/directory.
$ ls
-l
drwxr-x--- 1 jdoe jane 4096 Dec 28 04:09 tmp
-rw-r--r-- 1 jdoe jdoe 969 Dec 21 02:32 foo
|
Column |
Value |
Meaning |
|
1 |
drwxr-x--- |
File Permissions |
|
2 |
1 |
Forget this one! |
|
3 |
Jdoe |
Owner |
|
4 |
Jane |
Group owner |
|
5 |
4096 |
Size in bytes |
|
6 |
Dec |
Last Modified Month |
|
7 |
28 |
Last Modified Day |
|
8 |
04:09 |
Last Modified Time |
|
9 |
tmp |
File Name |
File Permission Attribute
Let's break down the 10 character file permission attribute in Column 1:
|
Special |
User |
Group |
other |
|
- |
--- |
--- |
--- |
· Special attribute- This is blank(-) for normal files, but it is set to d for directories. This can be other letters for other devices etc, but do not worry about that now.
· 'user' permission- The user refers to the person who owns the file. So if you own the file, these characters apply to you.
· 'group' permissions- These apply to any user who is in the group owned by the group owner.
· 'other' permissions- These apply to any one who is not the owner, and who is not in the group owned by the group owner.
Read, Write and Execute
The user, group, and other permissions can have read(r),
write(w), and or execute(x) permissions. The order of the permissions is 'rwx'
for each permission set. Each permission attribute can either be on(r,w, or x)
or off(-).
What does read, write and execute mean?
· Read(r)-the contents of the file/directory can be viewed.
· Write(w)-the file can be modified or deleted.
· Execute(x)-the file can be executed, or run. This only makes sense if the file is a program or script that does something. Also, having the execute permission for a directory means the directory can be cd'd into(eg. cd directoryName)
Examples
-rwxrwxrwx
All users have full access to this file.
-rw-r--r--
Owner has read, write access to the file. All other users have read access.
drwx------
This is a directory that the user has full access, while all other users have no access.
Changing the Permissions with 'chmod' Command
There are several ways to change the attributes with the chmod command. In my opinion, the easiest way to use chmod is as follows (you would insert file permissions after the equals sign, see examples below),
chmod u=,g=,o= fileName
Fittingly, u, g and o are as follows,
· u-user
· g-group
· o-other
If you leave out u,g or o, that attribute will not be modified.
chmod u=,g= fileName
Note: An error will occur if you put spaces between u=,g=.
Examples
$ chmod u=rwx,g=r,o=w foo
$ ls -l
-rwxr---w- jdoe jdoe 969 Dec 21 02:32 foo
Not including g will keep it the same as before,
$ chmod u=x,o=r foo
$ ls -l
---xr--r-- jdoe jdoe 969 Dec 21 02:32 foo
A blank after o will clear all attributes,
$ chmod u=rx,g=w,o= foo
$ ls -l
-r-x-w---- jdoe jdoe 969 Dec 21 02:32 foo
Using + and – to add and remove attributes
You can also use + and – to add and subtract attributes.
Examples
$ chmod u=wx,g=w,o= foo
$ ls -l
--wx-w---- jdoe jdoe 969 Dec 21 02:32 foo
$ chmod u+r-w,g-w+r,o+r foo
$ ls -l
-r-xr--r-- jdoe jdoe 969 Dec 21 02:32 foo
Using 3-digit octal value to set attributes
Lastly, you can specify the attributes with a 3 digit octal. Each of the user, group and other permissions have 3 attributes(rwx) that can be on or off, and as such can be thought of as a 3 bit word which is easily converted to an octal digit(0-7),
chmod (u#)(g#)(o#) fileName
· 0='---'
· 1='--x'
· 2='-w-'
· 3='-wx'
· 4='r--'
· 5='r-x'
· 6='rw-'
· 7='rwx'
Example
$ chmod 764 foo
$ ls -l
-rwxrw-r-- jdoe jdoe 969 Dec 21 02:32 foo
Previous - Finding A File | Next - Creating and Deleting Files and Directories
No comments:
Post a Comment