A guide to setting up and changing file permissions in the Linux Operating Systerm.
The chmod/chgrp/chown commands are used to change the permissions/ownership
of files and/or directories. Linux is often used as a multi-user system and
it is not desirable that all users have access to all files and directories.
For eg. : On a multi-user environment in a corporate office using a central
server running linux , it might be required the accounts documents be shared
between employees of the acccounts department . At the same time, it might
be undesirable and indeed dangerous if anyone having access to the server
is able to read/edit them.
It is for such situations that Linux has a 3X3 permission system.
There are 3 levels of security for a file :
Read Permission : Permission to read a file (r)
Write Permission : Permission to edit a file (w)
Execute Permission : Permission to execute a file if it is executable
(x)
and 3 different levels for a directory :
Enter Permission : Permission to Enter into the Directory
Show Entry : Permission to see the contents of the Directory
Write Entry : Permission to make a new file or subdirectory in
the Directory
For granting the above permissions, users are divided into 3 different
sets
User : The owner of the file/directory - mostly the person
who created the file/directory
Group : Linux users can be divided in groups and one user can
be a member of more than one group.
A Group denotes all users who are members of group(s)
to which the owner of a file/directory belongs
Others : All users not in the group(s) of the owner.
For eg :
A user level r/w/x permission means only the owner can read, write and
execute the file
A group level r/w/x permission means only the members of group(s) to which
the owner belongs can read, write and execute the file
An other level r/w/x permission means Everyone can read/write/execute
the file.
The chmod Command
The chmod command is used to change the permissions of files/directories
in linux. It\\\'s syntax is as follows :
chmod -R/c/f/v [u / g / o / a] [+ / - / =] [rwxXstugo..]
for eg. if u want to give all users in the group of the owner just read
permission to a file called foo.txt, the command is
chmod g+r /home/aarjav/foo.txt
here g stands for group, + stands for giving permission (as against -
for taking permission away), r stands for read permission.
so g+r means ?give group read permission?. All users for the owners group
now have read permission to foo.txt
Now if they misbehave and u want to take their read permission away.
The command is the same as above, just substituting the + sign with a minus
sign
chmod g-r /home/aarjav/foo.txt
As shown the general format of the command is
chmod -R/c/f/v [u / g / o / a] [+ / - / =] [rwxXstugo]
here
u : user
g: group
o : others
a : all
+ : give permission
- : take permission away
= : cause the permissions given to be the only permissions of the file
r : read permission
w: write permission
x : execute permission
X: execute only if it is a directory or already has execute permission for
some user
s : set user or group ID on execution
t : save program text on swap device
u : the permissions that the user who owns the file has for it
g : the permissions that the owner?s group has for a file
o : the permissions that users not in the owner?s group have for it
(X, s, t, u, g and o are not required for common tasks)
the initial options -R/c/f/v are explained as follows :
-c : Displays names of only those files whose permissions are being changed
( --changes can also be used instead of -c )
-f : Suppresses display of error messages when a file?s permissions cannot
be changed
( --silent of --quiet can also be used instead of -f )
-R: Recursively changes the permission of all files in all subdirectories
of the directory whose
permissions are being changed
( --recursive can also be used )
-v : Displays results of all permission changes
( --verbose can also be used )
The chown command
The chown command is used to change the user and/or group which owns one
or more files or directories. Its general format is :
chown [-Rcfv] [username][:.][groupname] foo.txt
The flags used above are same as those used in the chmod command . The
following are the different ways in which this command can be used :
- The username followed by a dot or colon followed by a groupname changes
both the user and group ownerships to those specified. - The username followed by a dot or colon and no groupname changes the
user ownership as specified and changes the group ownership to the specified
user?s login group. - If the colon or dot and groupname are specified without a username,
then only the groupownership is changed. This is effectively the same as
the chgrp command. - If the username is not followed by a dot or a colon, then only the
user ownership is changed.
The chgrp command
The chgrp command is used to change the group ownership of one or more files
or directories. Its general syntax is :
chgrp [-Rcfv] groupname foo.txt
The flags used here are also the same as those in the chmod command. The
changes in ownership are applied to the groupname and the filename specified.
Posts
Post a Comment