To change file permissions, you simply need to know the chmod command. Its simple to learn, and there are two different modes to use it: a symbolic mode and a numeric mode. By now you have some hints, on how to use a little of both, so now we get into detail.
To change an object’s permissions, you either have to be the owner for that given object, or the superuser root (root can get way with anything, oh the mighty root). This means there is no way you can change files and directories permissions, even though it might be possible to view them!
Like I said, there are two modes to use the chmod command:
- NUMERIC
This one is the most common, and the one you will be using almost exclusively. There are differente ways to do some things, but sometimes you stick with the better one, right? Well, you decide…
When using numeric mode, you simply do, for example, chmod 666 object1. This would, like you learned before, change the permission of the owner, the group and the rest of the world to read/write/not-execute (4=read/2=write/0=not-execute).
You can use combination of numbers to obtain what you intend. For example, its also possible to change permissions in a bunch o files, like you would do when copying, using wildcards or file extensions. You even can change permissions on everything inside a given directory, but not the directory itself; you can choose to follow child directories, affecting everything on the way. Now do you see why I keep saying CLI is the power?
Like any Linux Command, you have some options flags you can add. Today I’ll just steal the man page for chmod and present you with that:
POSIX OPTIONS
-R Recursively change permissions of directories and their contents.– Terminate option list.
GNU OPTIONS
-c, –changes
Verbosely describe the action for each file whose permissions actually changes.-f, –silent, –quiet
Do not print error messages about files whose permissions cannot be changed.-v, –verbose
Verbosely describe the action or non-action taken for every file.-R, –recursive
Recursively change permissions of directories and their contents.
Not to many right? The other chmod mode is:
- SYMBOLIC
In this mode, you pretty much do the same, that when you choose numeric mode, but some people find it more simple to use this one.
In symbolic mode you use letters to identify the trio bits, which are: u = user, g = group, o = others and a = all. You also use in combination to letters, qualifiers, which are the +, - and =, and on the top of the cake you use the good old letters you know for permissions, read, write and execute.
A simple example is chmod u=rwx, g=r, o=r object1. This will change for object1 permissions for the owner user (read/write/execute), the owner group (read) and the rest of the world (read). Simple, and you could do it just for a specific permission trio, like chmod g=rw object1. Its also possible to set an object permission, without really knowing what permissions it already has. You just use the modifier + instead of the =, so you get chmod a+x object1, and this will add execute permission to everyone (a=all, remember). There is a small trick in this last example.. you can drop the a and just use the +x, like chmod +x object1 (since no group is specified, all are changed).
One last modifier, the minus (-); this is the same with the plus modifier, except it takes, instead of giving… simple right?
Train this a little bit, and find out for yourself which mode is more comfortable to you. Keep in mind that this aims to be simple and effective, so keep training until you do it automatically (I’ll guess… a couple of minutes).
Cya soon for the last part on filesystem security.
LINKS: man chmod
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
0 comments ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment