Linux File System Permissions: LinuxLookup

Submitted by charlie.collins on Sun, 07/09/2000 - 08:37

Tagged:

Tutorials

Yet another Linux site, man, the plethora continues to grow. LinuxLookup is a very nice site, good content and nice look and feel (I will look for the backend and try to provide the LinuxLookup syndication link on ToTSP, keep posted.) I saw this story come across LinuxToday and thought I would relate it because it is indeed true that file permissions are on of the most bewildering things for Linux newbies. This is a reprint direct from LinuxLookup (check them out too!) Ownership & Permissions Guide Written by Ty ( ty@linuxlookup.com ) v1.0, July 4, 2000 _________________________________________________________ TABLE OF CONTENTS 1. Introduction

1.1 Copyright & Disclaimer
1.2 Synopsis

2. The Chmod Command

2.1 What is Chmod?
2.2 Permissions & Values
2.3 Chmod Usage

3. The Chown Command

3.1 What is Chown?
3.2 Chown Usage

_________________________________________________________ 1. Introduction 1.1 Copyright & Disclaimer This document is copyright Ã‚Â© by Ty ( ty@linuxlookup.com ). You are encouraged to redistribute it. However you may not modify this document, if you intend to redistribute it in any manner. This document is available for free, and, while I have done the best I can to make it accurate and up to date, I take no responsibility for any problems you may encounter resulting from the use of this document. 1.2 Synopsis I've witness countless new users complaining about inoperative programs/ items due to a bad permission set on their part. Hopefully this will enlighten some of our inexperienced viewers.Two programs essential in the command-line arsenal help change file permissions and ownership. They are chmod and chown. Chmod lets you change the access permissions to individual files, directories & devices. Chown (change ownership) lets you change a file(s) to another owner. _________________________________________________________ 2. The Chmod Command 2.1 What is Chmod? Chmod is used to change the access permissions of a named file, directory, device or program. These permissions can be set to three different classes, user, group, and the world. Each of these classes of user (owner, group and world) can have permission to read, write or execute the file, depending on your preference. 2.2 Permissions & Values Before I get into details regarding usage of the chmod command, first let me explain something about file permissions which is essential. In Linux, every file and directory has three(3) sets of access permissions. Those applied to the owner of the file, those applied to the group the file has, and those of all users on the system. You can see these permissions when you do an ls -l. The output will look like: [ty@linuxlookup /ty]$ ls -l total 16 drwx------ 2 ty ty 4096 Jun 9 00:01 mail -rw------- 1 ty ty 557 Jul 4 12:22 mbox drwx------ 2 ty ty 4096 Apr 5 20:55 nsmail drwx---r-x 4 ty ty 4096 Jun 11 21:34 public_html What does all this mean? Well let me break it down for you. This first column of the listing is the permissions of the file. drwx---r-x The first character represents the type of file. The 'd' means directory. drwx---r-x The next nine(9) characters are the file permissions. The first three(3) characters represent the permissions held by the file's owner (ty), the second three(3) are for the group the files are in and the last three(3) are the world permissions. The following letters are used to represent those permissions:

Letter Meaning r Read w Write x Execute

Each permission has a corresponding value. Seen here:

Read = 4 Write = 2 Execute = 1

When you combine attributes, you add their value.

Permission Values Meaning --- 0 No permissions r-- 4 Read only rw- 6 Read and Write rwx 7 Read, Write and Execute r-x 5 Read and Execute --x 1 Execute

Sure other combinations exist, but this is all you'll need (I hope). When you combine these values, you get three numbers that make up the files the files permissions. Here are some examples: Permission Values Meaning -rw------- 600 The owner has read and write permissions. Nobody else has privileges.This is what you'll want to set for the majority of your files. -rw-r--r-- 644 The owner has read and write permissions. The group and world has read only permissions. Use this when you're sure you want to let others read this file. -rw-rw-rw- 666 *THIS IS BAD* Everybody has read and write permissions.You don't want people to be allowed to change your files. -rwx------ 700 The owner has read, write and execute permissions. This is what you'd use for programs you'll want to run. -rwxr-xr-x 755 The owner has read, write and execute permissions. The group and rest of the world have read and execute. -rwxrwxrwx 777 *THIS IS BAD* Everyone has read, write and execute permissions.Allowing people to edit your files is just asking for trouble. -rwx--x--x 711 The owner has read, write and execute permissions.The group and the rest of the world have execute only permissions.This is perfect for letting others run programs, but not copy. drwx------ 700 This is a directory. Only the owner can read and write to it. (Note: All directories must have an executable bit set) drwxr-xr-x 755 This directory can be changed only by the owner, but everyone else can view it's contents. drwx--x--x 711 This is perfect for when you need to keep a directory world readable, but you don't want people being able to view it's content. Only if they know the file name they're looking for will they be allowed to read it. 2.3 Chmod Usage Now that I've shown you some of the permissions, learning chmod is easy. To change the permissions on a file, log in as root and then enter the following:

[root@linuxlookup /root]# chmod permissions filename

Where permissions is a numeric value (three(3) digits which can be seen above) and file is the name of the file for which you want to affect. For example, to set the ty.html file to be read and writeable by the owner, but only want to allow the group and world read access, the command would be:

[root@linuxlookup /root]# chmod 644 ty.html

To recursively change the permissions on all the files in a specific directory, use the -R option in the command. For example, to male all the files on /home/ty/html set to the permission 755, you would:

[root@linuxlookup /root]# chmod -R 755 /home/ty/html

_________________________________________________________ 3. The Chown Command 3.1 What is Chown? Chown is pretty straightforward. It allows you to change ownership. It's also used in conjunction with Chmod, as you should know by the time you're done reading this guide. 3.2 Chown Usage To change the owner of a file, you must use the chown command. Log in as root and enter the following:

[root@linuxlookup /root]# chown ownername filename

Where ownername is the login name of the user you want to change the file's owner setting to, and filename is the name of the file for which you want the owner changed. For example, if you wanted to change the owner for the file index.html to ty, you would use chown as follows:

[root@linuxlookup /root]# chown ty index.html

To change the owner of a directory and all its subdirectories and files, you can use the chown command with the -R option. For example, to change the owner on all the files in the my-stuff directory to ty, you would use: