April 11, 2011, 3:28 a.m.
posted by badaboom
Now that you know what permissions are, you probably want to know how to change them, because listing them can only get you so far. Listing them will help you to get a good grip on what is there, but to make changes you need to take the next step, which is to use the chmod command. There are two modes of operation that you can use with chmod: a quick-and-dirty mode, and a more user-friendly way of setting permissions.
The user-friendly mode uses easy-to-remember commands to set or unset permissions. To use this, do the following:
Let's look at an example of chmod in action. It is important that you pay close attention to this lesson and try to walk away with this knowledge if you are moving from end user to system administrator. Not knowing how to set permissions will almost always ruin your chances for advancement because you will not be able to do anything without knowing how to change permissions.
The chmod command sets Unix file permissions exactly how you want them, so let's take a look at how. First you need to be connected to your Unix system. Because you will not always be on a local system, you may need to connect to a remote system, log in, change some permissions, and then exit the session using telnet or ssh. Once in the shell prompt, you need to execute a chmod command. Here are some examples of what you can do with the chmod command:
> chmod 0755 script.sh > chmod 755 script.sh > chmod u=rwx,g=rx,o=rx script.sh
Let's look at a real example. To activate group write permissions for the script.sh file shown here, type the following:
-rw------- 1 rob test 1662882 Dec 25 12:00 script.sh >chmod g+w script.sh
To see if this worked, you can run ls -l on the filename as follows:
>ls -l script.sh -rw--w---- 1 rob test 1662882 Dec 25 12:00 script.sh
Write permissions have been activated for the test group members. Because of its symbolic nature, this method for adjusting file permissions might be easy for some; however, there is another syntax that you might find more efficient and effective. In this example, you can set the actual bit mask that is used to control a file's permissions. The bit mask would be the three binary bits used to represent each level of permission. The three binary bits would be (in order from left to right):
There, those are your three permissions, and now you can view our example here as binary numbers translated to decimal:
100 - Read permission - The decimal equivalent of this binary value is 4. 010 - Write permission - The decimal value for write is 2. 001 - Execute permission - The decimal representation is 1.
So this is the layout, and you would need to understand the concepts of Boolean math a bit, but if you don't, Figure will serve you well:
To figure this out you need to know how binary numbers are converted to decimal. You need only to know how to convert the first three numbers. From moving from right to left, start to count from 1 and move up by the power of 2 each time, so you would have 1, 2, and then 4, correct? If that is the case, then you need to know that if you took the first bunch of three 001 and counted from left to right saying that 0 is "off" and a 1 is "on," the first one count from right to left by 1, 2, and 4 would be 1. Now take the next example010. This one is two because the middle column in our example of 1, 2, 4 from the right to left would mean that 0 is off (so no 1), then 2 is on, then 4 is off. Get it now? How about the last one… 100.
Using this technique, you can easily set multiple permissions simultaneously. For example, it's easy to see that 110 is the combination of the read and write permissions. The decimal value of this binary string is 6 (4+2). I now have my setting for read and write permissions. To use this method of setting a file's permissions, you set permissions for owner, group, and other simultaneously. Each of these digits is the sum of the permissions that you want to set. The first digit is the owner, the second is the group, and the third is other.
For example, suppose that you want to set the owner to have full permissions, and the group and other to have read and execute permissions. Full permissions are achieved by adding all the permission values (4+2+1=7). Read and execute permissions are a combination of 4+1=5. The three numbers you'll use to set this are 7, 5, and 5, entered as a single three-digit number, 755. The syntax for this form of chmod is as follows: chmod <permissions> <filename> <filename> ....
For example, check out the following:
>chmod 755 script.sh >ls -lg script.sh -rwxr-xr-x 1 rob test 1663882 Dec 25 script.sh
As you might hope, the owner has full read, write, and execute permissions, whereas the group and other have read and execute permissions. As you become experienced, you'll probably find that this second method is the fastest way to set permissions. Just remember read (4), write (2), and execute (1), and you'll be fine.
You should feel comfortable with changing permissions if you understood everything completely, and no fear if you didn't. This is why I harp on practice so much, to make sure that you will keep doing this until you can read permissions and their placement every time you run the ls l command.
Now that you are familiar with all these difficult concepts, let's build on them to show you how to change a group setting.