Click Here!
home account info subscribe login search My ITKnowledge FAQ/help site map contact us


 
Brief Full
 Advanced
      Search
 Search Tips
To access the contents, click the chapter and section titles.

Complete Idiot's Guide to Linux
(Publisher: Macmillan Computer Publishing)
Author(s): Manuel Ricart
ISBN: 078971826x
Publication Date: 12/22/98

Bookmark It

Search this book:
 
Previous Table of Contents Next


Changing File Permissions

If you are a file’s owner or the superuser, you can change permissions on a file. For this purpose, you use the chmod command.

The chmod command offers a symbolic mode in which you add or subtract permissions and a numeric mode in which you specify the permissions you want for the file. Before using the chmod command, you need to know how to use its numeric and symbolic modes.

Permissions by the Numbers: 4, 2, 1, and 0

Permissions can be set as numbers. Although this method might seem a little complicated to the uninitiated, it really isn’t. For one thing, there are only four numbers that you need to worry about:

  The number 4 specifies read permissions
  The number 2 specifies write permissions
  The number 1 specifies execute permissions
  The number 0 specifies no permissions of any kind

If you wanted to enable read and write permissions, you add the values: 4+2=6, so you assign the number 6.

If you wanted to enable read and execute permissions, you add the values again: because 4+1=5, you use the value 5.

If you wanted to enable read, write, and execute, you would add 4+2+1 to get 7, the value you should assign. The values for the individual permissions are designed so they form unique values in various combinations.

Easy? I think it is. However, the one thing that might complicate matters is that you need to specify permissions for all three roles at the same time: owner, group, and others. To do so, string a sequence of three of these permissions together. The result is a number called a mode.

To give a file’s owner and group read and write permission, but only read permission to all other users, specify the mode as 664: (4+2) for the owner, (4+2) for the group, and (4) for others.

Permissions Using Symbols: u, g, o, r, w, and x

It is sometimes useful to set permissions using symbols because they allow you to set permissions one role at a time or one permission at a time. For example, you can grant group read permission to a file without needing to know the owner or other users’ permissions for the file.

In order to set permissions using symbols, you must remember the letters which go with certain words: user or owner (u), group (g), others (o), read (r), write (w), and execute (x).

A symbol-based permission string follows one of two formats:

  identity-permissions to deny permission(s)
  identity+permissions to grant permission(s)

Here are a few sample permission strings; their meanings should become increasingly clear.

Table 16.1 Granting Permissions Using Symbols

string Permissions Granted to

ugo+rwx read, write, execute owner, group, and others
ug+w write owner and group
g+rx read and execute group

Table 16.2 Denying Permissions Using Symbols

string Permissions Denied to

ugo-rwx read, write, execute owner, group, and others
o-rw read and write others
go-x execute group and others

Note that the string “ugo” can be replaced with “a” for “all.” For example, “ugo+w” and “a+w” both grant write permission to everyone.

Using chmod to Change Permissions

To change the permissions on a file, you take the mode you calculated or the symbols you need and use the chmod command. The syntax is chmod [options] mode filename [filename…]

Let’s try this on the computer. Let’s create the following:

  Two regular files called fileone and filetwo
  One directory called adir
  A symbolic link named filethree
     [alberto@digital alberto]$ touch fileone filetwo
     [alberto@digital alberto]$ mkdir adir
     [alberto@digital alberto]$ ln -s fileone filethree
     [alberto@digital alberto]$ ls -l
     total 2
     -rw-rw-r--   1 alberto  alberto       388 Jul 29 19:03 Xrootenv.0
     drwxrwxr-x   2 alberto  alberto      1024 Aug  4 18:05 adir
     -rw-rw-r--   1 alberto  alberto         0 Aug  4 18:05 fileone
     lrwxrwxrwx   1 alberto  alberto         7 Aug  4 18:05 filethree ->
     fileone
     -rw-rw-r--   1 alberto  alberto         0 Aug  4 18:05 filetwo

Now let’s change filetwo and filethree to mode 644. We’ll also deny (remove) all write permisstions to adir.

     [alberto@digital alberto]$ chmod 644 filetwo filethree
     [alberto@digital alberto]$ chmod ugo-w adir

Now let’s list the results:

     [alberto@digital alberto]$ ls -l
     total 2
     -rw-rw-r--   1 alberto  alberto       388 Jul 29 19:03 Xrootenv.0
     dr-xr-xr-x   2 alberto  alberto      1024 Aug  4 18:05 adir
     -rw-r--r--   1 alberto  alberto         0 Aug  4 18:05 fileone
     lrwxrwxrwx   1 alberto  alberto         7 Aug  4 18:05 filethree ->
     fileone
     -rw-r--r--   1 alberto  alberto         0 Aug  4 18:05 filetwo

What happened? Both filetwo and adir show changed permissions as expected, but filethree’s modes remain as they were. The reason for this odd occurrence is that chmod does not change the mode of a symbolic link—permissions of a symbolic link are never used. What it did instead was to change the mode of the file the link pointed to—fileone! So fileone and filetwo have a mode of 644 (4+2)(4)(4), or rw for owner, r for group and other. All of the w, or write switches have been turned off for adir.


Previous Table of Contents Next


Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home

Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement.