Command for modifying Linux File Permissions: chmod

Source: Internet
Author: User
In Linux, each file and directory has access permission to determine who can access and operate files and directories.

File or directory access permissions are divided into read-only, write-only and executable. Taking a file as an example, the read-only permission indicates that only the content of the file can be read, and any changes to the file are prohibited. The executable permission indicates that the file can be used asProgramRun. When a file is created, the file owner automatically has the read, write, and executable permissions for the file to facilitate reading and modifying the file. You can also set the access permission to any combination as needed.

There are three different types of users who can access files or directories: file owners, users in the same group and other users. The owner is generally the creator of the file. The owner can allow users in the same group to access files and grant the file access permission to other users in the system. In this case, every user in the system can access the files or directories owned by this user.

Each file or directory has three groups of access permissions. Each group is represented by three digits, which are the read, write, and execution permissions of the file owner; the read, write, and execution permissions of users in the same group as the owner; the read, write, and execution permissions of other users in the system. When you use the LS-l command to display detailed information about a file or directory, the leftmost column lists the file access permissions. For example:

$ LS-l sobsrc. tgz

-RW-r -- 1 Root 483997 ju1 L5 17: 3l sobsrc. tgz

A horizontal line indicates an empty permit. R indicates read-only, W indicates write, and X indicates executable. Note that there are 10 locations in total. The first character specifies the file type. In general, a directory is also a file. If the first character is a horizontal line, it indicates a non-directory file. If it is D, it indicates a directory.

For example:

-RW-r --

Common File file main group users other users

Is the file sobsrc. the access permission of tgz, indicating sobsrc. tgz is a common file; sobsrc. the owner of tgz has the read and write permissions. users in the same group of tgz only have the read permission. Other users only have the read permission.

After determining the access permission for a file, you can use the CHMOD command provided by Linux to reset different access permissions. You can also use the CHOWN command to change the owner of a file or directory. Use the chgrp command to change the user group of a file or directory.

The following describes these commands.

Chmod command

The chmod command is very important for changing the access permissions of files or directories. You can use it to control access to files or directories.

This command can be used in two ways. One is the text setting method that contains letters and operator expressions, and the other is the number setting method that contains numbers.

1. text setting method

Chmod [who] [+ |-| =] [mode] File Name limit

The meaning of each option in the command is:

The operator who is one of the following letters or their combination:

U indicates "user", that is, the owner of a file or directory.

G indicates "group users", that is, all users with the same group ID as the file owner.

O indicates "Other (Others) Users ".

A Indicates "All (all) Users ". It is the default value of the system.

The operation symbol can be:

+ Add a permission.

-Cancel a permission.

= Grant the given permission and cancel all other permissions (if any ).

Set the permissions indicated by mode to any combination of the following letters:

R readable.

W writable.

X executable.

X adds the X attribute only when the target file is executable to some users or the target file is a directory.

S sets the owner or group ID of the process to the file owner during file execution. In the format of "U + S" to set the user ID of the file, and "G + S" to set the group ID.

T save the program text to the swap device.

U has the same permissions as the file owner.

G. users in the same group have the same permissions as file owners.

O has the same permissions as other users.

File Name: list of files separated by spaces to change permissions. Wildcards are supported.

Multiple permission methods can be provided in a command line, separated by commas. Example: chmod g + R, O + r example

Grant the same group and other users the permission to read the file example.

2. Number setting method

First, we must understand the meaning of the property represented by numbers: 0 indicates no permission, 1 indicates executable permission, 2 indicates writable permission, 4 indicates readable permission, and then add it. Therefore, the format of the numeric attribute should be three Octal numbers from 0 to 7. The order is (u) (g) (o ).

For example, if you want the owner of a file to have the "read/write" permission, you need to set 4 (readable) + 2 (writable) to 6 (read/write ).

The number setting method is generally in the following format:

Chmod [mode] File Name success

Example:

(1) text setting method:

Example 1: $ chmod A + x sort

That is, set the property of the file sort:

File owner (u) adds execution permission

Add execution permission for users in the same group as the file owner (g)

Other users (o) add execution Permissions

Example 2: $ chmod ug + W, o-x text

That is, set the text attribute of the file:

Add write permission to file owner (u)

Add write permission for users in the same group as the file owner (g)

Other users (o) delete execution Permissions

Example 3: $ chmod U + s a. Out

Assume that the permission for a. out after chmod is executed is (you can use the LS-l a. out command to view the permission ):

-RWS -- X 1 inin users 7192 Nov 4 14:22 A. Out

In addition, this execution file uses a text file shiyan1.c with the "-RW -------" access permission, that is, only the owner of the file has the read and write permissions.

When other users execute. when the program is out, his identity is changed to inin (because the s option is used in the CHMOD command) for the moment ), therefore, he can read the shiyan1.c file (although this file is set to be inaccessible to others), which is the function of S.

Therefore, in the entire system, especially the root itself, it is best not to set too many files of this type (unless necessary) to ensure system security, avoid system intrusion due to bugs in some programs.

Example 4: $ chmod A-x mm.txt

$ Chmod-x mm.txt

$ Chmod Ugo-x mm.txt

The preceding three commands Delete the execution permission of the mm.txt file, and set the object to all users.

(2) number setting method:

Example 1: $ chmod 644 mm.txt

$ LS-l

Set the attributes of the file mm.txt:

-RW-r -- 1 inin users 1155 Nov 5 mm.txt

File owner (u) inin has read and write permissions

Users in the same group as the file owner (g) have read permission

Others (o) have read permission

Example 2: $ chmod 750 wch.txt

$ LS-l

-Rwxr-x --- 1 inin users 44137 Nov 12 9:22 wchtxt

That is, set the properties of the wchtxt file:

File owner (u) inin readable/writable/executable

Readable/executable permission of persons in the same group as the file owner

Others (o) do not have any Permissions

Chgrp command

Function: Change the group to which a file or directory belongs.

Syntax: chgrp [Option] group filename limit

This command changes the user group to which the specified file belongs. The Group can be either the user group ID or the group name of the user group in the/etc/group file. A file name is a list of files separated by spaces to change the group. Wildcards are supported. If the user is not the owner or super user of the file, the file group cannot be changed.

The options of this command are as follows:

-R recursively changes the group of all subdirectories and files in a specified directory.

Example 1: $ chgrp-r book/opt/local/book

Change the owner group of all files in/opt/local/book/and its subdirectories to book.

CHOWN command

Function: Modify the owner and group of a file or directory. This command is also very common. For example, if the root user copies a file to Xu, the root user should set the owner of the file to Xu to allow Xu to access the file. Otherwise, user Xu cannot access this file.

Syntax: chown [Option] user or group file

Note: chown will change the owner of a specified file to a specified user or group. Users can be user names or user IDs. A group can be a group name or group ID. Files are separated by spaces to change the permission list. Wildcards are supported.

The options of this command are as follows:

-R recursively changes the owner of all subdirectories and files under a specified directory.

-V: displays the work done by the CHOWN command.

Example 1: Change the owner of the Shiyan. c file to Wang.

$ Chown Wang Shiyan. c

Example 2: Change the owner of the directory/his and all files and subdirectories to Wang and the group to users.

$ Chown-r Wang. Users/his

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.