The superuser or owner of a file can modify its permissions. We use the chmod command for modifying permissions of a file. Permissions can be changed in two ways; you can use either user symbolic modes or octal numbers for modifying permissions.
There are four user modes that can be used with the chmod command. We represent different users with these modes. Also, there are file modes which are represented with characters we have studied earlier. User and file modes are listed in Table 7-2.
Mode | Meaning |
---|---|
u | User or owner of a file |
g | Group membership of the file |
o | Others (not owner or member of group) |
a | All users |
r | Read permission |
w | Write permission |
x | Execute permission |
To grant permission to a user, we use the " + " symbol between the user and file modes. To revoke a permission, use " - " between the user and file modes. To exactly assign a permission, regardless of the previous permission, we use the " = " symbol.
For example, to grant execute permission to the owner of file myprog , the chmod command will be used as follows . We have used the ll command to show old and new file permissions.
$ ll myprog -rw-rw-rw- 1 boota users 103 Sep 8 18:06 myprog $ chmod u+x myprog $ ll myprog -rwxrw-rw- 1 boota users 103 Sep 8 18:06 myprog $
To revoke write permission of other users, we can use the following command.
$ ll myprog -rwxrw-rw- 1 boota users 103 Sep 8 18:06 myprog $ chmod o-w myprog $ ll myprog -rwxrw-r-- 1 boota users 103 Sep 8 18:06 myprog $
Now the owner has all read, write, and execute permissions, members of the users group have read and write permissions, and all other users have only read permissions. If you want to grant all users only read permissions, you can use following command.
$ ll myprog -rwxrw-r-- 1 boota users 103 Sep 8 18:06 myprog $ chmod a=r myprog $ ll myprog -r--r--r-- 1 boota users 103 Sep 8 18:06 myprog $
As you have seen, when we use the " = " symbol, the new file permissions are set regardless of the previous permissions.
You can also combine more than one mode in the command line to change multiple permissions simultaneously , as in the following example.
$ ll myprog -r--r--r-- 1 boota users 103 Sep 8 18:06 myprog $ chmod u+x,o-r myprog $ ll myprog -r-xr----- 1 boota users 103 Sep 8 18:06 myprog $
Each group of rwx can be represented by an octal number. In the binary number system each position has a weight associated with it. These weights double at each step as we move from right to left, the right-most character carrying weight 1. If we map this scheme to rwx , the " x " carries weight 1, " w " carries weight 2 and " r " carries weight 4. We can change symbolic modes with these weights. A file that has all the permissions set can be considered as carrying weight 7 (4+2+1). A file with only read and write permissions will carry weight 6 (4+2). As three binary characters make one octal digit, we add weights of three modes for each user group (owner, group, others) to make an octal number containing three digits. As an example, if we want to grant all three (read, write, execute) permissions to all users, we can use 777 with chmod as follows.
$ ll myprog -r--r--r-- 1 boota users 103 Sep 8 18:06 myprog $ chmod 777 myprog $ ll myprog -rwxrwxrwx 1 boota users 103 Sep 8 18:06 myprog $
If you want to grant all permissions to the owner (4+2+1=7), read and execute permissions to the group (4+1=5), and no permission for other users (0), the command is:
$ ll myprog -r--r--r-- 1 boota users 103 Sep 8 18:06 myprog $ chmod 750 myprog $ ll myprog -rwxr-x--- 1 boota users 103 Sep 8 18:06 myprog $
If you feel comfortable with octal numbers, this is a quicker way to grant or revoke multiple file permissions.
Top |