File Permissions Overview
Applications of File Permissions
Changing the permissions - the chmod command
Changing the owner - the chown command
Changing the groups - the chgrp command
The chmod Command
- Changes the actual permissions of files using a system of three octal (0-7) digits
- Each permission is given a numerical value: read is 4, write is 2, and execute is 1
- To get any combination of these permission, add the numbers of the permission you would like to enable and the rest will automatically be disabled.
For example, to give a file read (4) and write (2) but not execute (1) permissions, the octal value would be 4+2 = 6. Similarly, all permissions is 7, only read is 4, and so on.
- 3 of these octal digits are then combined, one each for the owner, group, and global permissions, to create the command in the form: chmod <3 digit octal number> <File to apply to>.
- The following table contains some common combinations:
3 Digit Number Corresponding File Permissions 777 -rwxrwxrwx 766 -rwx-rw-rw 755 -rwx-r-xr-x 774 -rwxrwxr-- 740 -rwx-r----- 700 -rwx------ 400 -r-------- -
For example, to change the permissions on a file named test.txt in /tmp/test so that everyone could read, write, and execute the file, you would first change to that directory and then type:
ComputerName:~# chmod 777 test.txt - Checking the permission on the above file using the ls -la command, we get:
-rwxrwxrwx 1 root root 31 Oct 28 10:07 test.txt - If we wanted only "root", the owner of the test.txt file, to be able to write to it, give groups execute rights, and everyone else only read rights, we would enter:
ComputerName:~# chmod 754 ./test.txt - The output of ls -la would then be:
-rwxr-xr-- 1 root root 31 Oct 28 10:07 test.txt - A file's permissions is affected by both its permissions and the permissions of the directory it is stored in.
- The method for changing a directory's permissions is the same a for a file, but it is also possible to recursively apply the permissions defined for the directory to everything contained within it using the -R option.
For example, if we wanted to change both the /tmp/test and the test.txt permissions so that only the owner has all permissions, we would type:
ComputerName:~# chmod -R 700 /tmp/test - The above command would give us the following output for ls -la:
drwx------ 2 root root 4096 Oct 28 10:07 .
-rwx------ 1 root root 31 Oct 28 10:07 test.txt
(the '.' represents the parent directory /tmp/test)
The chown Command
- Has a similar format to the chmod command and also supports the -R recursive command mentioned above, which is useful when changing the ownership or group of an entire directory.
- The basic format is chown <User> <Object to take ownership of>
For example, changing the ownership of the /tmp/test directory and all the files within it from "root" to "user", using the -R option:
ComputerName:~# chown -R user /tmp/test - After the above command, the output of the ls -la command within /tmp/test would then be:
drwx------ 2 user root 4096 Oct 28 10:07 .
-rwx------ 1 user root 31 Oct 28 10:07 test.txt
The chgrp Command
- The chgrp command has exactly the same syntax as the chown command, except the specified user is replaced with the correct group.
- To change the ownership of the /tmp/test directory to the users group, the following command would be used:
ComputerName:~# chgrp -R users /tmp/test - The output of the ls -la command is:
drwx------ 2 user users 4096 Oct 28 10:07 .
-rwx------ 1 user users 31 Oct 28 10:07 test.txt - It is important to note that chgrp is a specific command of chown and that chown can be used to perform both operations in a single command with the syntax:
chown <User> : <Group> <Object to take ownership of> - It is recommended to get accustomed to the chgrp and chown commands on a small test file or directory before attempting to apply them in more advanced applications as they can be quite harmful if not applied correctly.