Original URL: http://www.cnblogs.com/peida/archive/2012/11/29/2794010.html
The chmod command is used to change access rights for Linux system files or directories. Use it to control access to files or directories. There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.
Each file and directory in a Linux system has access permissions, which are used to determine who can access and manipulate files and directories.
Access to a file or directory is divided into read-only, write-only, and executable three types. As an example of a file, a read-only permission means that only the content is allowed to be read, and any changes to it are forbidden. Executable permission means that the file is allowed to be executed as a program. When a file is created, the file owner automatically has read, write, and execute permissions on the file to facilitate the reading and modification of the file. Users can also set access rights to any combination they want, as needed.
There are three different types of users who can access files or directories: The file owner, the same group of users, and other users. The owner is typically the creator of the file. The owner can allow the same group of users access to the file, as well as the access rights of the file to other users on the system. In this case, every user in the system can access the files or directories that the user owns.
Each file or directory has three groups of access rights, each group is represented by three bits, respectively, the read, write, and execute permissions of the file owner, the read, write, and execute permissions of the user belonging to the primary group, and the read, write, and execute permissions of other users in the system. When you use the LS-L command to display the details of a file or directory, the leftmost column is the file's access rights. For example:
Command:
Ls-al
Output:
[Email protected] test]# Ll-al
Total 316lrwxrwxrwx 1 root root 11-22 06:58 Linklog.log-Log2012.log
-rw-r--r--1 root root 302108 11-13 06:03 log2012.log
-rw-r--r--1 root root 11-13 06:03 Log2013.log
-rw-r--r--1 root root 0 11-13 06:03 log2014.log
-rw-r--r--1 root root 0 11-13 06:06 log2015.log
-rw-r--r--1 root root 0 11-16 14:41 log2016.log
-rw-r--r--1 root root 0 11-16 14:43 log2017.log
We take Log2012.log as an example:
-rw-r--r--1 root root 296K 11-13 06:03 log2012.log
The first column has 10 locations, and the first character specifies the file type. In the usual sense, a directory is also a file. If the first character is a horizontal line, it represents a non-directory file. If it is D, the representation is a directory. From the second character to the tenth, a total of 9 characters, a group of 3 characters, respectively, representing 3 groups of users of the file or directory permissions. The permission character is represented by a horizontal line for an empty license, R for Read only, W for write, and X for executable.
For example:
-rw-r--r--
Indicates that the Log2012.log is an ordinary file, the owner of the Log2012.log has read and write permissions, and the Log2012.log owner is the same group as the user only, and the other user only has Read permission.
After determining the access rights of a file, users can use the chmod command provided by the Linux system to reset different access rights. You can also use the Chown command to change the owner of a file or directory. Use the CHGRP command to change the user group for a file or directory.
The chmod command is very important for changing the access rights of a file or directory. Users use it to control access to files or directories. The details of the chmod command are as follows.
1. Command format:
chmod [-CFVR] [--help] [--version] Mode file
2. Command function:
Used to change the access rights of a file or directory, using it to control access to a file or directory.
3. Command parameters:
Necessary parameters:
-C When a change occurs, the report processes the information
-F error Message not output
-R handles all files in the specified directory and its subdirectories
-V Run-time display verbose processing information
Select parameters:
--reference=< directory or File > set to have the same permissions as the specified directory or file
--version displaying version information
< permissions >+< permissions settings > Allow directories or files within a permission scope to have the specified permissions
< permission scope >-< permission settings > Delete permission scope of directory or file specified permission
< permission range >=< permissions settings > Set permissions for a directory or a file in a permission range for a specified value
Permission range:
U: The current user of the directory or file
G: The current group of directories or files
O: Users or groups other than the current user or group of directories or files
A: All Users and Groups
Permission code:
R: Read permission, denoted by the number 4
W: Write permission, denoted by the number 2
X: Execute permission, denoted by the number 1
-: Delete permission, denoted by the number 0
S: Special Permissions
There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.
1). Text Setting Method:
chmod [who] [+ | - | =] [mode] File name
2). Digital Setting method
We must first understand the meaning of the attributes represented by numbers: 0 means no permissions, 1 means executable permissions, 2 is writable, 4 is read, and then it is added. So the format of the numeric attribute should be 3 octal numbers from 0 to 7, in the Order of (U) (g) (O).
For example, if you want the owner of a file to have "read/write" Two permissions, you need to have 4 (readable) +2 (writable) =6 (read/write).
The general form of the digital setting method is:
chmod [mode] file name
The numbers correspond to characters as follows:
R=4,w=2,x=1
To rwx the property, 4+2+1=7
To rw-the attribute then 4+2=6;
To r-x the property, 4+1=7.
4. Usage examples:
Example 1: Add file All user groups executable permissions
Command:
chmod a+x Log2012.log
Output:
[Email protected] test]# Ls-al Log2012.log
-rw-r--r--1 root root 302108 11-13 06:03 log2012.log
[Email protected] test]# chmod a+x log2012.log
[Email protected] test]# Ls-al Log2012.log
-rwxr-xr-x 1 root root 302108 11-13 06:03 log2012.log
[Email protected] test]#
Description
That is, the properties of the set file Log2012.log are: the file owner (U) increases the execution permissions, and the file belongs to the same group of users (g) To increase the execution permissions; other users (o) Increase execution permissions.
Example 2: Modify different user permissions at the same time
Command:
chmod ug+w,o-x Log2012.log
Output:
[Email protected] test]# Ls-al Log2012.log
-rwxr-xr-x 1 root root 302108 11-13 06:03 log2012.log
[Email protected] test]# chmod ug+w,o-x log2012.log
[Email protected] test]# Ls-al Log2012.log
-rwxrwxr--1 root root 302108 11-13 06:03 log2012.log
Description
That is, the property of the file text is: the file owner (U) to increase the Write permission, and the file belongs to the same group of users (g) To increase the Write permission; other users (o) Remove Execute permissions
Example 3: Delete file permissions
Command:
chmod a-x Log2012.log
Output:
[Email protected] test]# Ls-al Log2012.log
-rwxrwxr--1 root root 302108 11-13 06:03 log2012.log
[Email protected] test]# chmod a-x log2012.log
[Email protected] test]# Ls-al Log2012.log
-rw-rw-r--1 root root 302108 11-13 06:03 log2012.log
Description
Remove executable permissions for all users
Example 4: Setting permissions with "="
Command:
chmod u=x Log2012.log
Output:
[Email protected] test]# Ls-al Log2012.log
-rw-rw-r--1 root root 302108 11-13 06:03 log2012.log
[Email protected] test]# chmod u=x log2012.log
[Email protected] test]# Ls-al Log2012.log
---xrw-r--1 root root 302108 11-13 06:03 log2012.log
Description
Revoke all of the original permissions, and then have the owner have readable permissions
Example 5: Add permissions to all files in a directory and its subdirectories
Command:
Chmod-r u+x test4
Output:
[Email protected] test]# CD test4
[Email protected] test4]# Ls-al
Total 312drwxrwxr-x 2 root root 4096 11-13 05:50.
Drwxr-xr-x 5 root root 4096 11-22 06:58..
-rw-r--r--1 root root 302108 11-12 22:54 log2012.log
-rw-r--r--1 root root 11-12 22:54 Log2013.log
-rw-r--r--1 root root 0 11-12 22:54 log2014.log
[Email protected] test4]# CD.
[Email protected] test]# chmod-r u+x test4
[Email protected] test]# CD test4
[Email protected] test4]# Ls-al
Total 312drwxrwxr-x 2 root root 4096 11-13 05:50.
Drwxr-xr-x 5 root root 4096 11-22 06:58..
-rwxr--r--1 root root 302108 11-12 22:54 log2012.log
-rwxr--r--1 root root 11-12 22:54 Log2013.log
-rwxr--r--1 root root 0 11-12 22:54 log2014.log
Description
Recursively assign permissions to all files and subdirectories under the Test4 directory
Some other examples:
1).
Command:
chmod 751 File
Description
Assign read, write, execute (7) permissions to the owner of file, assign Read, execute (5) permissions to the group where the file resides, and assign permissions to other users to execute (1)
2).
Command:
chmod u=rwx,g=rx,o=x File
Description
Another form of the above example
3).
Command
chmod =r File
Description
Assign Read permissions to all users
3).
Command:
chmod 444 File
Description
Example above
4).
Command:
chmod a-wx,a+r File
Description
Example above
"Go" one Linux command per day: Linux chmod command