 |  |
50.5. Using chmod to Change File Permission
To change a file's permissions, you need to use the chmod command, and you must be the file's owner or root. The command's syntax is pretty simple:
% chmod new-mode file(s)
The new-mode describes the access permissions you want after the change. There are two ways to specify the mode: you can use either a numeric mode or some symbols that describe the changes. I generally prefer the numeric mode (because I'm strange, I suppose). To use a numeric mode, decide what permissions you want to have, express them as an octal number (Section 1.17, Section 50.2), and give a command like this one:
% chmod 644 report.txt
This gives read and write access to the owner of report.txt and read-only access to everyone else.
Many users prefer to use the symbolic mode to specify permissions. A symbolic chmod command looks like this:
% chmod g-w report.txt
This means "take away write access for group members." The symbols used in mode specifications are shown in Table 50-1.
Table 50-1. chmod symbolic modes
|
Category |
Mode |
Description |
|---|---|---|
|
Who |
u |
User (owner) of the file. |
|
g |
Group members. |
|
|
o |
Others. |
|
|
a |
All (i.e., user, group, and others). |
|
|
What to do |
- |
Take away this permission. |
|
+ |
Add this permission. |
|
|
= |
Set exactly this permission (Section 50.6). |
|
|
Permissions |
r |
Read access. |
|
w |
Write access. |
|
|
x |
Execute access. |
|
|
X |
Give (or deny) execute permission to directories, or to files that have another "execute" bit set. |
|
|
s |
Set user or group ID (only valid with + or -). |
|
|
t |
Set the "sticky bit" (Section 50.4, Section 1.17). |
(Section 50.2 explains the "Who" and "Permissions" categories.) Here are a few example symbolic modes:
- o=r
- Set others access to read-only, regardless of what other bits are set.
- o+r
- Add read access for others.
- go-w
- Take away write access for group members and others.
- a=rw
- Give everyone (user, group, and others) read-write (but not execute) access.
Remember that + and - add or delete certain permissions but leave the others untouched. The commands below show how permissions are added and subtracted:
% ls -l foo -rwx-----x 1 mikel 0 Mar 30 11:02 foo % chmod a+x foo % ls -l foo -rwx--x--x 1 mikel 0 Mar 30 11:02 foo % chmod o-x,g+r foo % ls -l foo -rwxr-x--- 1 mikel 0 Mar 30 11:02 foo %
Note the last chmod command. It shows something we haven't mentioned before. With symbolic mode, you're allowed to combine two (or more) specifications, separated by commas. This command says "take away execute permission for others, and add read access for group members."
On occasion, I've wanted to change the permissions of a whole directory tree: all the files in a directory and all of its subdirectories. In this case, you want to use chmod -R (the R stands for recursive) or find -exec (Section 9.9, Section 50.6). You won't need this often, but when you do, it's a real lifesaver.
-- ML
|  | |
| 50.4. Protecting Files with the Sticky Bit |  | 50.6. The Handy chmod = Operator |
Copyright © 2003 O'Reilly & Associates. All rights reserved.