Decoding those Permissions
Changing Permissions: Symbolic Chmod
Changing Permissions: Absolute Chmod
If you look at a list of files using the long list format ls -l, you'll see the permissions, owner, file size, modification time, and filename.[tethys]:[8:39am]:[/home/rnejdl/DOCS] > ls -al total 1825 drwxr-xr-x 2 rnejdl rnejdl 512 Sep 16 10:27 . drwxr-xr-x 23 rnejdl rnejdl 4096 Sep 17 21:09 .. -rw------- 1 rnejdl sarah 208896 May 3 23:09 DSLProvo.doc -rwxr--r-- 1 rnejdl rnejdl 307543 Sep 11 17:37 IPAddressing-Overview.pdf -rwxr--r-- 1 rnejdl rnejdl 412989 Aug 28 18:08 Routers-DSL-Flowpoint.pdf -rwxr--r-- 1 rnejdl rnejdl 76810 Sep 6 11:42 SWOT analysis.vsd -rwxr--r-- 1 rnejdl rnejdl 20480 Sep 6 11:41 Social Styles.doc -rwxr--r-- 1 rnejdl rnejdl 25600 Sep 15 17:43 Acceptable Use Policy.doc -rwxr--r-- 1 rnejdl rnejdl 28160 Sep 6 11:42 bibliography leadership.doc -rw------- 1 rnejdl rnejdl 705536 Sep 12 23:45 provo-final.doc -rwxr--r-- 1 rnejdl rnejdl 23552 Sep 6 11:41 question types.doc [tethys]:[8:39am]:[/home/rnejdl/DOCS] >
The first column of the list shows who can read, write, and execute the files or directories - in other words, the permissions. It basically shows who has permission to do what to a given file or directory.
rstands for "read" and means that you're allowed to read the file or directory. w stands for "write" and gives permission to edit or change the file as well as create, move, rename, or remove a directory. x stands for "execute," which gives permission to run a file or search a directory.
Every file or directory has four sets of
rwxpermissions. The first set represents the user (u), the second set represents the group (g), the third set represents other (o), and the fourth set represents all (a). The column will look like this:-rwxrwxrwx
Each set of rwx represents user, group, and other respectively. Only the owner of a file or a privileged user may change the permissions on a file.
There are two ways to change permissions on a file or directory, either with absolute chmod (which uses numbers) or with symbolic chmod (which uses lettered commands).
Both ways use the command chmod, which stands for "change mode".
chmodchanges who can access a particular file. A "mode" is created by combining the various options from who, opcode, and permission. To add permissions to a file, you use +, to remove permissions you use-.
Structure: chmod [option] mode file
Changing Permissions: Symbolic Chmod
With symbolic chmod, you only change one set of permissions at a time--that is, you change the user's permissions, or the group's permissions, or the "others"' permissions.
For the record, you can change more than one set of permissions at a time, but it is horrendously complicated and you shouldn't have to worry about it. Take this file for example:
-rw-r--r-- 1 meghan friends 476 Oct 14 17:13 pics.html
To allow a group (friends, in this case) "write" access, you would type:chmod g+w pics.html
If you wanted to remove "read" ability from "other" you would type:chmod o-r pics.html
Changing permissions: Absolute Chmod
It is also possible to specify permissions using a three-digit sequence. This is a more efficient way to change permissions (or at least it requires less typing), so use this method if it doesn't confuse you. Each type of permission is given an octal value:
Read = 4
Write = 2
Execute = 1
These values are added together for each user category. The permissions are changed by using a three-digit sequence with the first digit representing owner permission, the second digit representing group permission, and the third digit representing other permission. For example, if you wanted to make pics.html readable, writable, and executable for the user, readable and writable for the group, and readable for other, you would type:chmod 764 pics.html
The first digit means readable and writable for the user (4+2+1), the second digit means readable and writable for the group (4+2), and the third digit means readable for other (4).
Listed below is a chart giving a few examples of different numberic codes used with the
chmodcommand and the UNIX permissions that would be seen.
If you want to change the permissions on a directory tree use the -R option. chmod -R will recursively change the permissions of directories and their contents.