Using chmod

Using chmod

Now that you know what permissions are, you probably want to know how to change them, because listing them can only get you so far. Listing them will help you to get a good grip on what is there, but to make changes you need to take the next step, which is to use the chmod command. There are two modes of operation that you can use with chmod: a quick-and-dirty mode, and a more user-friendly way of setting permissions.

The user-friendly mode uses easy-to-remember commands to set or unset permissions. To use this, do the following:

Pick a permission level. If you want to set permissions for the owner, the level is u. If you want to change permissions for the group, it is g. For other permissions, choose o. Lastly, if you want to affect all the levels of permissions (owner, group, and other), use a.

Choose an operation. Decide whether you want to set (turn on) or unset (turn off) a particular level of permission. If you want to set a permission, the operation is +; if you want to unset a permission, it is -.

Choose the permission itself. If you want to operate on the read permission, choose r, for write choose w, and for execute choose x.

Issue the chmod command in this manner: chmod <permission level><operation><permission> <filename> <filename> ....

Let's look at an example of chmod in action. It is important that you pay close attention to this lesson and try to walk away with this knowledge if you are moving from end user to system administrator. Not knowing how to set permissions will almost always ruin your chances for advancement because you will not be able to do anything without knowing how to change permissions.

The chmod command sets Unix file permissions exactly how you want them, so let's take a look at how. First you need to be connected to your Unix system. Because you will not always be on a local system, you may need to connect to a remote system, log in, change some permissions, and then exit the session using telnet or ssh. Once in the shell prompt, you need to execute a chmod command. Here are some examples of what you can do with the chmod command:

> chmod 0755
> chmod 755
> chmod u=rwx,g=rx,o=rx

Let's look at a real example. To activate group write permissions for the file shown here, type the following:

-rw------- 1 rob  test 1662882 Dec  25 12:00
>chmod g+w

To see if this worked, you can run ls -l on the filename as follows:

>ls -l

-rw--w---- 1 rob  test 1662882 Dec  25 12:00

Write permissions have been activated for the test group members. Because of its symbolic nature, this method for adjusting file permissions might be easy for some; however, there is another syntax that you might find more efficient and effective. In this example, you can set the actual bit mask that is used to control a file's permissions. The bit mask would be the three binary bits used to represent each level of permission. The three binary bits would be (in order from left to right):

  • 1st bit: (start from the left) controls read

  • 2nd bit: controls write

  • 3rd bit: controls execute

There, those are your three permissions, and now you can view our example here as binary numbers translated to decimal:

100 - Read permission - The decimal equivalent of this binary value is 4.
010 - Write permission - The decimal value for write is 2.
001 - Execute permission - The decimal representation is 1.

So this is the layout, and you would need to understand the concepts of Boolean math a bit, but if you don't, Figure will serve you well:

Permission Bits

3rd Bit Read

2nd Bit Write

1st Bit Execute







To figure this out you need to know how binary numbers are converted to decimal. You need only to know how to convert the first three numbers. From moving from right to left, start to count from 1 and move up by the power of 2 each time, so you would have 1, 2, and then 4, correct? If that is the case, then you need to know that if you took the first bunch of three 001 and counted from left to right saying that 0 is "off" and a 1 is "on," the first one count from right to left by 1, 2, and 4 would be 1. Now take the next example010. This one is two because the middle column in our example of 1, 2, 4 from the right to left would mean that 0 is off (so no 1), then 2 is on, then 4 is off. Get it now? How about the last one… 100.

With this example, you can quickly figure out the decimal number you need to use; instead of setting permissions the other way, you can specify them as such.

Using this technique, you can easily set multiple permissions simultaneously. For example, it's easy to see that 110 is the combination of the read and write permissions. The decimal value of this binary string is 6 (4+2). I now have my setting for read and write permissions. To use this method of setting a file's permissions, you set permissions for owner, group, and other simultaneously. Each of these digits is the sum of the permissions that you want to set. The first digit is the owner, the second is the group, and the third is other.

For example, suppose that you want to set the owner to have full permissions, and the group and other to have read and execute permissions. Full permissions are achieved by adding all the permission values (4+2+1=7). Read and execute permissions are a combination of 4+1=5. The three numbers you'll use to set this are 7, 5, and 5, entered as a single three-digit number, 755. The syntax for this form of chmod is as follows: chmod <permissions> <filename> <filename> ....

For example, check out the following:

>chmod 755
>ls -lg

-rwxr-xr-x 1 rob  test 1663882 Dec 25

As you might hope, the owner has full read, write, and execute permissions, whereas the group and other have read and execute permissions. As you become experienced, you'll probably find that this second method is the fastest way to set permissions. Just remember read (4), write (2), and execute (1), and you'll be fine.

Changing Permissions Recursively If you want to change the permissions of all the files and directories within any directory, you can use the -R option with the chmod command to recursively change everything within a directory.

This example performs recursive chmod for the directory:

> chmod -R 755 somedirectory

You should feel comfortable with changing permissions if you understood everything completely, and no fear if you didn't. This is why I harp on practice so much, to make sure that you will keep doing this until you can read permissions and their placement every time you run the ls l command.

Now that you are familiar with all these difficult concepts, let's build on them to show you how to change a group setting.

     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows