pavement

Numeric permissions

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
(Changing file permissions)
Line 39: Line 39:
 
   4 2 1 4 2 1 4 2 1
 
   4 2 1 4 2 1 4 2 1
 
If you want to set the permission for a particular file to rwxr-x---, you just need to add the numbers up for each trio:  
 
If you want to set the permission for a particular file to rwxr-x---, you just need to add the numbers up for each trio:  
  rwx == 4+2+1 == 7,  
+
  rwx == 4 2 1 == 7,  
  r-x == 4+0+1 == 5,
+
  r-x == 4 0 1 == 5,
  --- == 0+0+0 == 0.
+
  --- == 0 0 0 == 0.
 
So give the command
 
So give the command
 
  #chmod 750 filename.xyz
 
  #chmod 750 filename.xyz
Line 48: Line 48:
  
 
2. '''Defining permissions symbolically'''
 
2. '''Defining permissions symbolically'''
You'll want to tell [[chmod]] what to change the permissions to; for this you'll want to know that to [[chmod]], u == user, g == group, o == others and a == all, also that you can add and remove permisions with the =, + and - signs:
+
You'll want to tell [[chmod]] what to change the permissions to; for this you'll want to know that to [[chmod]], u == user, g == group, o == others and a == all, also that you can add and remove permisions with the =,   and - signs:
 
  chmod u=rwx,g=rx filename.xyz
 
  chmod u=rwx,g=rx filename.xyz
 
tells [[chmod]] "give these values and these values only"
 
tells [[chmod]] "give these values and these values only"
  chmod ug+rx filename.xyz
+
  chmod ug rx filename.xyz
 
tells [[chmod]] "add r and x permissions to user and group for filename.xyz"
 
tells [[chmod]] "add r and x permissions to user and group for filename.xyz"
 
  chmod o-rwx filename.xyz
 
  chmod o-rwx filename.xyz

Revision as of 13:50, 17 April 2007

Contents

How permissions are defined

File permissions are shown when you do an ls -l on a file or directory:

Description

The green circle highlights the first bit, which tells you if the file is a regular file (with a -), a directory (with d), a link (with l), or a unix domain socket (with s; not shown in this pic). The next three bits (red circle) show you the permissions on the file for the file's owner or user. The next three (yellow circle) show you permissions for the group the file belongs to. The last three (blue circle) show you permission for others -- anyone who is not the file owner or member of the group is other.

Permissions bits read r (the file can be read), w (the file can be written to), or x (the file is executable); a - in the place of any of those means that that bit is set to off.

If you noticed that all the files are of 0 byte size, the reason is because they're examples only and were created with touch. Congratulate yourself and go get a beer, you're paying far too much attention to the picture.

Context is everything

Note that the directories are set as executable for both user and group members. You have to "execute" a directory when you cd into it as well as (somewhat more importantly) when you search it with find.

How default permissions are set

Which permissions you file are created under by default are set by your umask, which is often set in your shell configuration file (.profile, .bashrc, .bash_profile, .cshrc, .tcshrc, etc. -- it can also set your umask by just running umask).

Changing file permissions

You can change the permissions of a file with chmod and the owner/group of a file with chown (group can also be set with chgrp).

To change permissions with chmod, you'll need to know how to tell the shell what permissions you want changed. There are two ways to do this, and they're both equal, although once you get the hang of using the numbers, you'll find that it's much more absolute and hence easier to be sure that the permissions that you asked for are the only ones that you'll get.

1. Defining permissions numerically

There are two ways to learn this: by rote, or comprehensively. If you just want a fast explanation of what the most commonly used numbers mean, it's like this:

7 ... rwx ... read/write/execute (all permissions)
6 ... rw- ... read/write (read/write, but do not execute) 
5 ... r-x ... read/execute (read-only, execution allowed)
4 ... r-- ... read (read-only, NO execution allowed)
0 ... --- ... (access denied)

Permission flags of 3, 2, or 1 (-wx, -w-, or --x) are also possible, but are very rarely used.

For the more comprehensive explanation, you'll need to know that the three permissions in a set (rwx) can be represented in binary as on or off, and you'll need to understand binary counting. This may help you a bit:

l r w x r w x r w x
- - - - - - - - - - 
  4 2 1 4 2 1 4 2 1

If you want to set the permission for a particular file to rwxr-x---, you just need to add the numbers up for each trio:

rwx == 4 2 1 == 7, 
r-x == 4 0 1 == 5,
--- == 0 0 0 == 0.

So give the command

#chmod 750 filename.xyz

and filename.xyz will have the permissions: -rwxr-x---

2. Defining permissions symbolically You'll want to tell chmod what to change the permissions to; for this you'll want to know that to chmod, u == user, g == group, o == others and a == all, also that you can add and remove permisions with the =, and - signs:

chmod u=rwx,g=rx filename.xyz

tells chmod "give these values and these values only"

chmod ug rx filename.xyz

tells chmod "add r and x permissions to user and group for filename.xyz"

chmod o-rwx filename.xyz

tells chmod "remove rwx permissions from the others group" -- note that this is the same as

chmod o-a filename.xyz

see also ACL.

Personal tools