UNIX File Permissions
Every file and directory in UNIX/Linux has read, write, and execute
permissions. Read permission means that the file can be read but not
modified or deleted. Write permission means that the file can be created, modified, or deleted. Execute permission means that the file can be executed. The execute permission is similar to a .exe file in Windows or DOS. For directories, execute permission means you can open the directory.
Permissions
There are 3 sets of permissions for every file or directory -- owner,
group, and world. For each set, there are separate read, write, and
execute permissions. The owner permissions are for the owner of the
file or directory. The group permissions are for everyone in the group.
The global permissions are for anyone. To see the current permissions,
owner, and group for a file or directory, type the following commands:
- "cd"
- "ls -l"
This will display the contents of your home directory in long format.
The following is an example of what you might have seen with the above
2 commands: drwxr--r-- 5 you public 4096 Feb 7 14:33 Desktop
drwxr--r-- 2 you public 4096 Apr 4 10:55 linuxpractice
-rwxr-xr-x 1 you public 223 Apr 6 11:37 myfirstscript
drwxr-xr-x 4 you public 4096 Apr 9 12:03 public_html
The third column (you) tells the owner of the file or directory, and
the fourth column (public) is the name of the group for the file or
directory.The permissions are listed in the first column. The first
letter is whether the item is a directory or a file. If the first letter
is a "d", then the item is a directory as in the first item
listed above, Desktop. Notice, for the file myfirstscript, the first
letter is "-". The next three letters are the permissions
for the owner of the file, the next three letters apply to everyone
in the group, and the last three letters are for everyone else. The
read, write, and execute permissions are referred to as r,w, and x respectively.
Thus, for the directory Desktop above, the owner you has read, write,
and execute permissions to the directory Desktop, everyone in the group
public has read permissions, and everyone else has read permissions.
The only one who can modify or delete any file in this directory is
the owner you (or the superuser- "root").
"chmod" is a standard UNIX/Linux command that allows you
to change the permissions of a file or directory. There are two arguments
for chmod: the permissions and the file/directory name. The permission
argument for chmod is based on numbers.
1 stands for execute.
2 stands for write.
4 stands for read.
To set more than one permission on a file or directory, you just add
up the permissions. For example, 7 means read, write, and execute permissions.
chmod takes the permissions as the first argument in the order user,
group, global. Thus, the command chmod 777 hello will change the permissions
of the file hello to read, write and execute by user, group, and everyone
else.
Note: To change the permissions of a file/directory, you must be the
owner of that file/directory. However, root can change permissions on
any file or directory.
One last topic that we should touch on here is the ownership commands.
If you are ROOT, you can change the ownership of files using the "chown
username filename" command. As with most commands,
there are many options. You can learn about those options by typing
"man chown"
Example:
- "chmod 777 Desktop" will allow EVERYBODY full access to
read, write and execute.
- "chmod 644 Desktop" will all the owner (you) read and
write access, the group read access, and everybody else (world) read
access too.
- "chmod 700 Desktop" will give yourself full access while
giving everybody else NOTHING.
|
