The difference between chmod and chown command usage in Linux

Source: Internet
Author: User
Tags chmod readable file permissions

One, the use of chown and chmod commands


directive Name: chmod

Use Rights: All users

How to use: chmod [-CFVR] [--help] [--version] Mode file ...

Description: Linux/unix file access rights are divided into three levels: file owners, groups, others. Using chmod can

To control how the file is accessed by others.

Mode: Permission set string, the format is as follows: [Ugoa ...] [[+-=][RWXX] ...] [,...] where u represents the owner of the file, G means that the owner of the file belongs to the same group (group), o means other people, and a says all three are.

+ means to increase permissions,-to indicate cancellation rights, = to represent a unique set of permissions.
R means readable, W is writable, X is executable, x means only if the file is a subdirectory or the file has been set to executable.
-C: Display the change action if the file permissions have actually changed
-F: Do not display error messages if the file permissions cannot be changed
-V: Show details of permission changes
-r: The same permission changes are made to all files under the current directory and subdirectories (that is, to be changed one at a time)
–HELP: Show Auxiliary Instructions
–version: Display version

Example: Set the file file1.txt to be readable by all people:
chmod ugo+r File1.txt

Set the file file1.txt to be readable by all people:
chmod a+r File1.txt

The file file1.txt and File2.txt are set to the owner of the file and are writable by the same group as which they belong, but others are not writable:
chmod ug+w,o-w file1.txt File2.txt

Set ex1.py as only the owner of the file can perform:
chmod u+x ex1.py

All files and subdirectories under the current directory are set to anyone can read:
Chmod-r A+r *

In addition chmod can also use numbers to indicate permissions such as chmod 777 file
Syntax is: chmod ABC file

Each of these a,b,c is a number, representing the permissions of user, Group, and other respectively.

R=4,w=2,x=1
To rwx the property is 4+2+1=7;
To rw-the property is 4+2=6;
To r-x the property is 4+1=7.

Example:
chmod a=rwx file and chmod 777 file effects are the same

chmod ug=rwx,o=x file and chmod 771 file effects are the same

If you use chmod 4755 filename, you can make this program have root permissions

Directive Name: Chown

Use Rights: Root
Use mode: Chown [-CFHVR] [--help] [--version] user[:group] File ...
Description: Linux/unix is a multiple-person work system, all files are owned by the owner. Using Chown, the owner of the file can be changed. Generally speaking, this instruction is only used by the System Manager (root), the general user does not have the authority to change other people's file owners, and does not have the authority to change their own file owners to others. Only the System Manager (root) has such permissions.

User: New file owner user idgroup: The new owner of the file (group)-C: If the owner of the file has indeed changed, it will show the change action-F: If the file owner cannot be changed, do not display an error message-H: only for link Make the change, not the file that link actually points to
-V: Show details of owner changes
-R: The same owner changes to all files in the current directory and subdirectories (that is, to be changed one at a time)
–HELP: Show Auxiliary Instructions –version: Display version

Example:
To set the owner of the file file1.txt as the user of the Users group Jessie:
Chown Jessie:users File1.txt

Set all files and subdirectories under the current directory to users of the user group
Lamport:chown-r Lamport:users *

-RW ——-(600)-only the owner has read and write access.
-rw-r–r– (644)-only the owner has read and write access, while the group users and other users have only reading permission.
-rwx--(700)-only the owner has read, write, execute permission.
-rwxr-xr-x (755)-The owner has the right to read, write, execute, and the group of users and other users only read, execute permissions.
-rwx–x–x (711)-The owner has the right to read, write, execute, and the group of users and other users only execute permissions.
-rw-rw-rw-(666)-All users have file read and write permissions. This practice is not advisable.
-RWXRWXRWX (777)-All users have read, write, execute permissions. More undesirable approach.

The following are two common settings for a directory:
drwx--(700) – only the owner can read and write in the directory.
Drwxr-xr-x (755) – All users can read the directory, but only owners can change the contents of the catalog

SUID's representative number is 4, like 4755, the result is-rwsr-xr-x.
Sgid's representative number is 2, like 6755, the result is-rwsr-sr-x.
Sticky Digit is 1, for example, 7755 is the result of-rwsr-sr-t
(Of course 7755 this chmod setting doesn't make much sense, here's just a demo)

Chown command

Use changes the owner or group associated with the file.
Grammar
Chown[-F] [-h] [-R] Owner [: Group] {File ... | Directory ...}
Chown-r [-f] [-h|-l|-P] Owner [: Group] {File ... | Directory ...}

Describe
The chown command changes the owner of the file specified by the files parameter to the user specified by the owner parameter. The value of the Owner parameter can be a user identity or a login name that can be found in the/etc/passwd file. You can also optionally specify a group. The value of the group parameter can be the group identity or group name that can be found in the/etc/group file.
Only the root user can change the owner of the file. You can change the group of files only if you are root or if you own the file. If you own a file but are not a root user, you can only change the group to a group for which you are a member.
Although the-H,-l, and-p flags are mutually exclusive, specifying more than one is not considered an error. The last flag specified determines the operation that the command draft will demonstrate.

Sign
-F disables all error messages except the usage message.
-H changes ownership of the symbolic link encountered, not the ownership of the file or directory that the symbolic link points to. When you encounter a symbolic link and you do not specify the-H flag, the Chown command changes the ownership of the file or directory that the link points to, not the link itself. If you specify
-R flag, the Chown command recursively descending the specified directory.
-H If you specify the-r option, and the symbolic link for the file referencing the type directory is specified on the command line, the chown variable changes the user identity (and group identity, if specified) of the directory referenced by the symbol and all files in the file hierarchy under that directory.
-L If the-r option is specified, and the symbol for a file referencing a type directory is specified on the command line or during traversal of a file hierarchy, the chown command changes the user identity (and group identity, if specified) of the directory referenced by the symbolic link, and all files in the file hierarchy under that directory.
-P If the-r option is specified and the symbolic link is specified on the command line or encountered during traversal of the file hierarchy, if the system supports the operation, the chown command changes the owner identity (and group identity, if specified) for the symbolic link. The Chown command does not perform symbolic links to any other part of the file hierarchy.
-R Recursive descending directory to change ownership of each file. When a symbolic link is encountered and the link points to a directory, change the ownership of the directory without further traversing the directory. However, if the-H,-H,-l OR-P flags are not specified, the group ownership of the directory changes without further traversing the directory when the symbolic link is encountered and the link is pointed to the directory.

Security

Access control: This program should be installed as a normal user program in the trusted computing base.
Exit status
This command returns the following export values:
The 0 command was executed successfully and all requested changes have been performed.
>0 an error occurred.
Example
1. To change the owner of the file program.c:
Chown Jim Program.c
PROGRAM.C's user access rights are now applied to Jim. As an owner, Jim can use the chmod command to allow or deny other users access to PROGRAM.C.

2. To change the owner and group of all files in the directory/tmp/src to the user John and group build:
Chown-r JOHN:BUILD/TMP/SRC

File

/usr/bin/chown chown Command
/etc/group files that contain group identities
/etc/passwd files that contain user identities

Two, the difference between chown and chmod command

Chown Modify user and user group properties for files and folders
1, to modify the owner of the file hh.c. Change to Sakia for this user all
Chown Sakia hh.c
This applies the HH.C user access rights to the Sakia as the owner

2, change the directory/tmp/sco the owner and group of this directory to Sakia and group net
Chown-r Sakia:net/tmp/sco

chmod modify file and folder read and write execution properties
1, the Hh.c file can be modified to write-readable executable
chmod 777 HH.C
To modify all file attributes in a directory to be writable and read executable
chmod 777 *.*
You can replace the folder name with the suffix name.
Similarly, if you want to modify the properties of all HTM files
chmod 777 *.htm

2, modify the directory/tmp/sco to writable readable executable
chmod 777/tmp/sco
To modify all folder properties under a directory to be writable read executable
chmod 777 *
Replace the folder name with *
To modify all files and folders under/tmp/sco and their subfolder properties are writable-readable executable
Chmod-r 777/tmp/sco
writable w=4
readable r=2
Executable x=1
777 is full permissions. You can freely combine permissions on users and groups as needed.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.