Linux chmod command for changing File Permissions

Source: Internet
Author: User

In linux, the chmod command for changing file permissions 1. chmod is the command for changing file permissions in linux. Common Commands include: (1) sudo chmod u + x (2) sudo chmod g + x (3) sudo chmod o + x where u, g, and o represent user, group, and others respectively. "+" indicates granting permissions, x (executable) indicates the executable right. 2. What does sudo chmod 777 mean: three digits represent the permissions of user, group, and others, including readable (r), writable (w), and executable (x) the permissions are represented by numbers 4, 2, and 1, respectively. Number 7 is the sum of permissions 4, 2, and 1, and 777 represents that user, group, and others have readable (r) the highest permission is the write (w) and executable (x) permissions. Use the chmod command to change the file mode. Syntax to use symbols to change the file mode chmod [-R] [-h] [-f] [[u] [g] [o] | [a] {-| + | =} [r] [w] [x] [X] [s] [t]} {File... | Directory ...} use a number to change the File mode chmod [-R] [-h] [-f] PermissionCode {File... | Directory ...} description: The chmod command modifies the mode bit and the extended access control table (ACL) of the specified file or directory ). It can be defined by symbols or numbers (in full mode ). When you encounter a symbolic link without specifying the-h flag, the chmod command changes the file or directory to which the link points, rather than the link itself. If the-h flag is specified, the chmod command prevents this method from being changed. If the-h flag and-R flag are specified, the chmod command recursively drops the specified directory in descending order, and does not change the file or directory to which the link points when a symbolic link is encountered. Flag-f disables all error reports (except for invalid permissions and usage statements ). -H. Do not change the way the symbolic link points to a file or directory. Note: Because the mode bit cannot be set on the symbolic link, this behavior is slightly different from the-h flag on the chgrp and chown commands. -R only recursively descending directories, as specified in mode File... | Directory. -R flag changes the path of each directory matching the specified mode and all files. See example 6. When a symbolic link points to a directory, you can change the file path of the directory without traversing the directory. You must specify three flag sets. Note: Do not use spaces to separate the labels. The First Flag sets the owner of the u file. The group and extended ACL entries inherent in the g file group. O all other entries. User a, group, and all other entries. The a flag has the same effect as the specified ugo flag. If these flags are not specified, the default value is the flags and the file creation mask (umask) is applied ). The second flag sets whether to remove, apply, or set the permission:-remove the specified permission. + Permission specified by the application. = Clear the selected permission field and set it to the specified permission. If no = is specified, the chmod command removes all permissions from the selected field. The third flag sets the permission to be removed, applied, or set: r read permission. W write permission. X indicates the execution permission of the file and the search permission of the directory. X if at least one user, group, or other execution bit is set for the current (unmodified) mode bit, the execution file is licensed. If the File parameter is specified and no execution bit is set in the current mode bit, the X flag is ignored. Permission to search for directories. S. If the u flag is specified or hidden, set the user identity permission during execution. If g flag is specified or hidden, set the group identity permission during execution. T indicates that only the file owner can link or unlink the files in the specified directory. For files, it sets the save-text attribute. The number or full-mode chmod command also allows you to use octal notation for this method. Number is a summary of one or more of the following values: 4000 sets the user ID during execution. 2000 set the group ID for execution. 1000 set the link permission for the directory or set the save-text attribute for the file. 0400 allow the owner to read. 0200 allow the owner to write data. 0100 allow the owner to perform or search. 0040 allow group read. 0020 allow group writing. 0010 allow group execution or search. 0004 allow others to read. 0002 allow others to write data. 0001 allow others to perform or search. Note: 1. Disable any extended ACL in numeric mode. For more information, see "Access Control List" in "AIX 5L V5.2 System User Guide: operating systems and devices. 2. Changing access permissions with symbols also affects extended ACL entries. The Group entries in the same ACL as all groups in the file reject any permission removed from the method. For more information, see "Access Control List. 3. You can specify multiple symbols separated by commas. Perform operations from left to right. 4. When the group identity permission for execution is removed from the directory, you must use a symbol to specify this method or use a 4-character octal character, and the line spacing is zero (for example, 0755 ). Secure Access Control: this program should be installed as a normal user program in the "trusted computing base. Only the file owner or root user can change the file mode. Exit status the command returns the following export value: 0. The command has been successfully executed and all request changes have been executed.> 0 error. Example 1. Add the permission type to several files: chmod g + w chap1 chap2. Add the write permission of the group members to the files chap1 and chap2. 2. you need to immediately make several permission changes: chmod go-w + x mydir, which rejects the permission of members and others to create or delete files in mydir (go-w, and allow the group members and others to search for mydir or use it in the path name (go + x. This is equivalent to the command sequence: chmod g-w mydirchmod o-w mydirchmod g + x mydirchmod o + x mydir 3. you must only allow the owner to use the shell step as the command: chmod u = rwx, go = cmd this authorization file (u = rwx) owner read, write, and execute permission. It also denies the group and other people's permission to access cmd in any way (go =. If you have the permission to execute the cmd shell command file, you can run it by entering the following command: cmd Note: depending on the PATH shell variable, you may need to specify the full PATH of the cmd file. 4. Use the Set-ID method: when running the command chmod ug + s cmd, the valid user ID and group ID are Set to those who own the cmd file. Only change the valid identifier associated with the sub-process that runs the cmd command. The valid identifier of the shell session is retained. This feature allows you to access restricted files. Assume that the cmd program enables the "Set-User-ID" method and is owned by a User named dbms. In fact, user dbms is not a single person, but may be associated with the database management system. User betty has no permission to access any dbms data file. However, she has the permission to execute the cmd command. When she does this, her valid user identity is temporarily changed to dbms, so the cmd program can access the data files owned by the user dbms. In this way, user betty can use the cmd command to access data files, but she does not want to destroy them in other places while using the standard shell command. 5. Use the full format of the chmod command: chmod 644 text, which sets the owner's read and write permission, and sets the read-only mode for the group and other users. This also removes all extended ACLs that may be associated with files. 6. recursively descending directories and changing the file and directory permissions that give the tree structure :. /dir1/dir2/file1. /dir1/dir2/file2. /dir1/file1 enter the command sequence: chmod-R 777 f * which will change. /dir1/file1 permission. But for the following tree structure :. /dir1/fdir2/file1. /dir1/fdir2/file2. the/dir1/file3 command sequence: chmod-R 777 f * will change the permission for the following :. /dir1/fdir2. /dir1/fdir2/file1. /dir1/fdir2/file2. the/dir1/file3 file/usr/bin/chmod contains the chmod command.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.