Ownership & Permissions Guide
daniel —Thu, 02/15/2007 - 9:00pm
Ownership & Permissions Guide
Written by Ty ( ty@linuxlookup.com )
v1.0, July 4, 2000
________________________________________________________________________
TABLE OF CONTENTS
1. Introduction
1.1 Copyright & Disclaimer
1.2 Synopsis
2. The Chmod Command
2.1 What is Chmod?
2.2 Permissions & Values
2.3 Chmod Usage
3. The Chown Command
3.1 What is Chown?
3.2 Chown Usage
________________________________________________________________________
1. Introduction
1.1 Copyright & Disclaimer
This document is copyright © by Ty ( ty@linuxlookup.com ). You are
encouraged to redistribute it. However you may not modify this document,
if you intend to redistribute it in any manner.
This document is available for free, and, while I have done the best I can
to make it accurate and up to date, I take no responsibility for any
problems you may encounter resulting from the use of this document.
1.2 Synopsis
I've witness countless new users complaining about inoperative programs/
items due to a bad permission set on their part. Hopefully this will
enlighten some of our inexperienced viewers.
Two programs essential in the command-line arsenal help change file
permissions and ownership. They are chmod and chown. Chmod lets you
change the access permissions to individual files, directories & devices.
Chown (change ownership) lets you change a file(s) to another owner.
________________________________________________________________________
2. The Chmod Command
2.1 What is Chmod?
Chmod is used to change the access permissions of a named file,
directory, device or program. These permissions can be set to three
different classes, user, group, and the world. Each of these classes of
user (owner, group and world) can have permission to read, write or
execute the file, depending on your preference.
2.2 Permissions & Values
Before I get into details regarding usage of the chmod command, first let
me explain something about file permissions which is essential.
In Linux, every file and directory has three(3) sets of access permissions.
Those applied to the owner of the file, those applied to the group the file
has, and those of all users on the system.
You can see these permissions when you do an ls -l.
The output will look like:
[ty@linuxlookup /ty]$ ls -l
total 16
drwx------ 2 ty ty 4096 Jun 9 00:01 mail
-rw------- 1 ty ty 557 Jul 4 12:22 mbox
drwx------ 2 ty ty 4096 Apr 5 20:55 nsmail
drwx---r-x 4 ty ty 4096 Jun 11 21:34 public_html
What does all this mean? Well let me break it down for you.
This first column of the listing is the permissions of the file.
drwx---r-x The first character represents the type of file.
The 'd' means directory.
drwx---r-x The next nine(9) characters are the file permissions.
The first three(3) characters represent the permissions held by
the file's owner (ty), the second three(3) are for the group the
files are in and the last three(3) are the world permissions.
The following letters are used to represent those permissions:
Letter Meaning
r Read
w Write
x Execute
Each permission has a corresponding value. Seen here:
Read = 4
Write = 2
Execute = 1
When you combine attributes, you add their value.
Permission Values Meaning
--- 0 No permissions
r-- 4 Read only
rw- 6 Read and Write
rwx 7 Read, Write and Execute
r-x 5 Read and Execute
--x 1 Execute
Sure other combinations exist, but this is all you'll need (I hope).
When you combine these values, you get three numbers that make up the files
the files permissions. Here are some examples:
Permissions Values Meaning
-rw------- 600 The owner has read and write permissions. Nobody else has privileges.
This is what you'll want to set for the majority of your files.
-rw-r--r-- 644 The owner has read and write permissions.
The group and world has read only permissions. Use this when you're
sure you want to let others read this file.
-rw-rw-rw- 666 *THIS IS BAD* Everybody has read and write permissions.
You don't want people to be allowed to change your files.
-rwx------ 700 The owner has read, write and execute permissions.
This is what you'd use for programs you'll want to run.
-rwxr-xr-x 755 The owner has read, write, and execute permissions.
The group and rest of the world have read and execute.
-rwxrwxrwx 777 *THIS IS BAD* Everyone has read, write and execute permissions.
Allowing people to edit your files is just asking for trouble.
-rwx--x--x 711 The owner has read, write, and execute permissions.
The group and the rest of the world have execute only permissions.
This is perfect for letting others run programs, but not copy.
drwx------ 700 This is a directory. Only the owner can read and write to it.
(Note: All directories must have an executable bit set)
drwxr-xr-x 755 This directory can be changed only by the owner, but everyone else can
view it's contents.
drwx--x--x 711 This is perfect for when you need to keep a directory world readable,
but you don't want people being able to view it's content. Only if they
know the file name they're looking for will they be allowed to read it.
2.3 Chmod Usage
Now that I've shown you some of the permissions, learning chmod is
easy. To change the permissions on a file, log in as root and then enter
the following:
[root@linuxlookup /root]# chmod permissions filename
Where permissions is a numeric value (three(3) digits which can be seen
above) and file is the name of the file for which you want to affect.
For example, to set the ty.html file to be read and writeable by the owner,
but only want to allow the group and world read access, the command
would be:
[root@linuxlookup /root]# chmod 644 ty.html
To recursively change the permissions on all the files in a specific
directory, use the -R option in the command. For example, to make all the
files on /home/ty/html set to the permission 755, you would:
[root@linuxlookup /root]# chmod -R 755 /home/ty/html
________________________________________________________________________
3. The Chown Command
3.1 What is Chown?
Chown is pretty straightforward. It allows you to change ownership. It's
also used in conjunction with Chmod, as you should know by the time
you're done reading this guide.
3.2 Chown Usage
To change the owner of a file, you must use the chown command. Log in
as root and enter the following:
[root@linuxlookup /root]# chown ownername filename
Where ownername is the login name of the user you want to change the
file's owner setting to, and filename is the name of the file for which you
want the owner changed.
For example, if you wanted to change the owner for the file index.html to
ty, you would use chown as follows:
[root@linuxlookup /root]# chown ty index.html
To change the owner of a directory and all its subdirectories and files, you
can use the chown command with the -R option. For example, to change
the owner on all the files in the my-stuff directory to ty, you would use:
[root@linuxlookup /root]# chown -R ty my-stuff
Another option of chown allows you to change the group of a file by:
[root@linuxlookup /root]# chown user.group filename
Example:
[root@linuxlookup /root]# chown root.root public_html/
- Log in to post comments