On most of today's modern operating systems, your average file has associated with it a given set of permissions, that is, rules for who can do what to it. These permissions include the ability to read the file, to write to it or over it, and to execute it.
back to top.
| permissions | read | write | execute |
| things that use each: | less, cat, cp, emacs (read-only), directories (to read contents) | rm, mv, emacs (write-only), directories (to write contents) | programs (needed to run them), directories (to 'cd' into them) |
back to top.
Let's take a look at an example. You can try this yourself by doing
ls -l at the command prompt (without the single quotes).
allspice[~/21]11:29pm$ ls -l
drwx------ 2 finney users 512 Feb 21 2000 classExercises
-rw------- 1 finney users 887 Jan 24 16:41 foo.c
-rw-r--r-- 1 finney users 924 Jan 24 16:41 someotherfile
drwx------ 2 finney users 512 Jul 20 2000 includes
-rw-r--r-- 1 finney users 758 Jan 28 13:29 makefile-example
drwx------ 2 finney users 512 Feb 2 00:20 otherstuff
drwx------ 3 finney users 512 Feb 21 2000 proj
drwx------ 2 finney users 512 Mar 29 2000 sched
specifically, let's start by looking at just one of these files:
-rw-r--r-- 1 finney users 758 Jan 28 13:29 makefile-example
the input on the far left of the line above gives information
on the permissions of the file. in this case, we have
-rw-r--r--. Each of these ten characters tells us
something important about the permissions of the file. you'll notice that some of these lines start with a 'd', while
others start with a '-'. The 'd' means that it's a
directory, and the '-' means that it's a regular file. Next,
you'll see 9 characters which represent the permissions for the file. These
permissions are actually divided into three groups, as follows:
rw- r-- r-- a b c
where 'a' represents the permissions that the file's owner (finney) has, 'b' represents permissions for the file that the group a specific group (users) has , and 'c' represents everyone else. So in this case, I've decided to give myself read (r) and write (w) permissions, but not execute (x), since this is a file that I want to read and write, but not run (like a program or script). I've given both my group and everyone else read permissions in this example, because I certainly don't mind anyone seeing how I put a makefile together (reading other people's makefiles was how I learned:).
back to top.
The command you want to use is chmod. For more information
on chmod, you can read its online man page by typing man
chmod. Anyways, the general format for chmod is as follows:
chmod nnn file(s) where: nnn = octal (0-7) permissions file(s) = list of one or more files to be changedThe 'octal' permissions in the above example represent the permissions that you want to give the files that you're chmodding. The first 'n' is for you, the second is for the permissions for people in your group, and the third is for anyone else. To figure out what set of numbers you want to put in, look up the value for each permission that you want to give in the table below, and add them together (you should notice that each unique combination has a unique sum).
| permissions | read | write | execute | nothing |
| octal value: | 4 | 2 | 1 | 0 |
Example 1: ultra-top-secret-plans.txt
So I have these ultra-top-secret-plans for world domination and the like, and when I look at the permissions given to it in my home directory, I see:
-rw-r--r-- 1 finney users 54285 Feb 25 23:20 ultra-top-secret-plans.txtGasp! That means anyone could read them! I'd better change that right away. So, in this case, I still want to have read and write permissions for myself, so that means 6 for me (r=4, w=2, r+w=6). And since I don't want anyone else at all to be able to have any kind of access to the file, that means 0 for everyone else. I then put those permissions in order and I have the command-line:
chmod 600 ultra-top-secret-plans
Example 2: public_html/
So I have a directory called public_html in which I've placed
all sorts of documents for people to read... I've gone ahead and set all the
permissions on them to 644, so other people can read them too,
but still, I can't bring it up on a webpage! What could be wrong?
This is actually a rather frequent occurence, and in fact has nothing to
do with the permissions that have been set on the file, but has to do with
the permissions set on the directories above/before the directory in which
my files are. In this case, in my public_html directory, I
get the following listing (from ls -l):
drwxr-xr-x 2 finney users 512 Feb 28 16:13 cgi-bin drwxr-xr-x 4 finney users 512 Feb 28 17:18 chat -rwxr--r-- 1 finney users 212133 Feb 21 2000 command.txt drwxr-xr-x+ 4 finney users 512 Feb 25 23:07 cs23 -rwxr--r-- 1 finney users 741 Feb 26 00:22 index.html drwxr-xr-x 2 finney users 512 Feb 26 21:36 s-rcon drwxr-xr-x 2 finney users 512 Mar 3 09:24 sys-adminbut if I go up a directory (
cd ..), the permissions on my
public_html directory are:
drwx------ 8 finney users 1024 Feb 28 16:12 public_htmlSo let's try changing that. I want people to be able to both read and execute this directory (so they can get to all the goodies inside), and I want to be able to do everything, so the command I want is:
chmod 755 public_html/