Linux--chmod

Source: Internet
Author: User
Tags readable

The chmod command is used to change access rights for Linux system files or directories. Use it to control access to files or directories. There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.

Each file and directory in a Linux system has access permissions, which are used to determine who can access and manipulate files and directories.
Access to a file or directory is divided into read-only, write-only, and executable three types. As an example of a file, a read-only permission means that only the content is allowed to be read, and any changes to it are forbidden. Executable permission means that the file is allowed to be executed as a program. When a file is created, the file owner automatically has read, write, and execute permissions on the file to facilitate the reading and modification of the file. Users can also set access rights to any combination they want, as needed.
There are three different types of users who can access files or directories: The file owner, the same group of users, and other users. The owner is typically the creator of the file. The owner can allow the same group of users access to the file, as well as the access rights of the file to other users on the system. In this case, every user in the system can access the files or directories that the user owns.
Each file or directory has three groups of access rights, each group is represented by three bits, respectively, the read, write, and execute permissions of the file owner, the read, write, and execute permissions of the user belonging to the primary group, and the read, write, and execute permissions of other users in the system. When you use the LS-L command to display the details of a file or directory, the leftmost column is the file's access rights. For example:

Command:

Ls-al

Output:

[Email protected] test]# Ll-al

Total 316lrwxrwxrwx 1 root root 11-22 06:58 Linklog.log-Log2012.log

-rw-r--r--1 root root 302108 11-13 06:03 log2012.log

-rw-r--r--1 root root 11-13 06:03 Log2013.log

-rw-r--r--1 root root 0 11-13 06:03 log2014.log

-rw-r--r--1 root root 0 11-13 06:06 log2015.log

-rw-r--r--1 root root 0 11-16 14:41 log2016.log

-rw-r--r--1 root root 0 11-16 14:43 log2017.log

We take Log2012.log as an example:

-rw-r--r--1 root root 296K 11-13 06:03 log2012.log

The first column has 10 locations, and the first character specifies the file type. In the usual sense, a directory is also a file. If the first character is a horizontal line, it represents a non-directory file. If it is D, the representation is a directory. From the second character to the tenth, a total of 9 characters, a group of 3 characters, respectively, representing 3 groups of users of the file or directory permissions. The permission character is represented by a horizontal line for an empty license, R for Read only, W for write, and X for executable.

For example:
-rw-r--r--
Indicates that the Log2012.log is an ordinary file, the owner of the Log2012.log has read and write permissions, and the Log2012.log owner is the same group as the user only, and the other user only has Read permission.

After determining the access rights of a file, users can use the chmod command provided by the Linux system to reset different access rights. You can also use the Chown command to change the owner of a file or directory. Use the CHGRP command to change the user group for a file or directory.

The chmod command is very important for changing the access rights of a file or directory. Users use it to control access to files or directories. The details of the chmod command are as follows.

1. Command format:

chmod [-CFVR] [--help] [--version] Mode file

2. Command function:

Used to change the access rights of a file or directory, using it to control access to a file or directory.

3. Command parameters:

Necessary parameters:
-C When a change occurs, the report processes the information
-F error Message not output
-R handles all files in the specified directory and its subdirectories
-V Run-time display verbose processing information

Select parameters:
--reference=< directory or File > set to have the same permissions as the specified directory or file
--version displaying version information
< permissions >+< permissions settings > Allow directories or files within a permission scope to have the specified permissions
< permission scope >-< permission settings > Delete permission scope of directory or file specified permission
< permission range >=< permissions settings > Set permissions for a directory or a file in a permission range for a specified value

Permission range:
U: The current user of the directory or file
G: The current group of directories or files
O: Users or groups other than the current user or group of directories or files
A: All Users and Groups

Permission code:
R: Read permission, denoted by the number 4
W: Write permission, denoted by the number 2
X: Execute permission, denoted by the number 1
-: Delete permission, denoted by the number 0
S: Special Permissions

There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.
1). Text Setting Method:
chmod [who] [+ | - | =] [mode] File name
2). Digital Setting method
We must first understand the meaning of the attributes represented by numbers: 0 means no permissions, 1 means executable permissions, 2 is writable, 4 is read, and then it is added. So the format of the numeric attribute should be 3 octal numbers from 0 to 7, in the Order of (U) (g) (O).
For example, if you want the owner of a file to have "read/write" Two permissions, you need to have 4 (readable) +2 (writable) =6 (read/write).
The general form of the digital setting method is:
chmod [mode] file name

The numbers correspond to characters as follows:

R=4,w=2,x=1
To rwx the property, 4+2+1=7
To rw-the attribute then 4+2=6;
To r-x the property, 4+1=7.

4. Usage examples:
Example 1: Add file All user groups executable permissions

Command:

chmod a+x Log2012.log

Output:

[Email protected] test]# Ls-al Log2012.log

-rw-r--r--1 root root 302108 11-13 06:03 log2012.log

[Email protected] test]# chmod a+x log2012.log

[Email protected] test]# Ls-al Log2012.log

-rwxr-xr-x 1 root root 302108 11-13 06:03 log2012.log

[Email protected] test]#

Description
That is, the properties of the set file Log2012.log are: the file owner (U) increases the execution permissions, and the file belongs to the same group of users (g) To increase the execution permissions; other users (o) Increase execution permissions.
 

Example 2: Modify different user permissions at the same time

Command:

chmod ug+w,o-x Log2012.log

Output:

[Email protected] test]# Ls-al Log2012.log

-rwxr-xr-x 1 root root 302108 11-13 06:03 log2012.log

[Email protected] test]# chmod ug+w,o-x log2012.log

[Email protected] test]# Ls-al Log2012.log

-rwxrwxr--1 root root 302108 11-13 06:03 log2012.log


Description
That is, the property of the file text is: the file owner (U) to increase the Write permission, and the file belongs to the same group of users (g) To increase the Write permission; other users (o) Remove Execute permissions

Example 3: Delete file permissions

Command:

chmod a-x Log2012.log

Output:

[Email protected] test]# Ls-al Log2012.log

-rwxrwxr--1 root root 302108 11-13 06:03 log2012.log

[Email protected] test]# chmod a-x log2012.log

[Email protected] test]# Ls-al Log2012.log

-rw-rw-r--1 root root 302108 11-13 06:03 log2012.log

Description
Remove executable permissions for all users
 

Example 4: Setting permissions with "="

Command:

chmod u=x Log2012.log

Output:

[Email protected] test]# Ls-al Log2012.log

-rw-rw-r--1 root root 302108 11-13 06:03 log2012.log

[Email protected] test]# chmod u=x log2012.log

[Email protected] test]# Ls-al Log2012.log

---xrw-r--1 root root 302108 11-13 06:03 log2012.log

Description

Revoke all of the original permissions, and then have the owner have readable permissions

Example 5: Add permissions to all files in a directory and its subdirectories

Command:

Chmod-r u+x test4

Output:

[Email protected] test]# CD test4

[Email protected] test4]# Ls-al

Total 312drwxrwxr-x 2 root root 4096 11-13 05:50.

Drwxr-xr-x 5 root root 4096 11-22 06:58..

-rw-r--r--1 root root 302108 11-12 22:54 log2012.log

-rw-r--r--1 root root 11-12 22:54 Log2013.log

-rw-r--r--1 root root 0 11-12 22:54 log2014.log

[Email protected] test4]# CD.

[Email protected] test]# chmod-r u+x test4

[Email protected] test]# CD test4

[Email protected] test4]# Ls-al

Total 312drwxrwxr-x 2 root root 4096 11-13 05:50.

Drwxr-xr-x 5 root root 4096 11-22 06:58..

-rwxr--r--1 root root 302108 11-12 22:54 log2012.log

-rwxr--r--1 root root 11-12 22:54 Log2013.log

-rwxr--r--1 root root 0 11-12 22:54 log2014.log

Description

Recursively assign permissions to all files and subdirectories under the Test4 directory

Some other examples:

1).

Command:

chmod 751 File

Description

Assign read, write, execute (7) permissions to the owner of file, assign Read, execute (5) permissions to the group where the file resides, and assign permissions to other users to execute (1)

2).

Command:

chmod u=rwx,g=rx,o=x File

Description

Another form of the above example

3).

Command

chmod =r File

Description

Assign Read permissions to all users

3).

Command:

chmod 444 File

Description

Example above

4).

Command:

chmod a-wx,a+r File

Description

Example above

Linux--chmod

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.