SkyPoint
Communications is a full service Internet Service Provider.
Unix Permissions
NOTE: This Tip Sheet
assumes that the reader has a copy of a telnet application like EWAN or NCSA
Telnet, and is familiar with its use. If you do not have a telnet application,
you can get one several ways. If you are a SkyPoint Macintosh user you can
download the standard SkyPoint software package, which includes NCSA Telnet.
Windows 95 users have a telnet window already installed. Otherwise, all platform
users can access www.shareware.com
on the Web, do a search for telnet applications, and download one for free.
What Are Permissions?
Permissions dictate who
may enter, read from, write to, or run a file in a directory. They also determine
who may read, write, or run (execute) an individual file. Each of these functions
can be set separately. UNIX categorizes possible users into three types -
the owner of the file (user), members of the owner's group (group), and the
rest of the world (other). When deciding who you want to have a particular
type of access to a file or directory, you will have to make a decision for
each of these three categories.
How Do I Know
What Permissions Are On A File Or Directory?
To see the permission
on every file and subdirectory in your current directory, type ls -l and hit
the return key. You will see a list like the one below.
The file, link, or directory
name is shown at the far right of each line. The permission for that entry
is shown at the far left field of each line. The second field from the left
shows the owner, here user "aquila," and the third field from the left shows
the owner's group, here "skyshell."
Look at the permissions
field carefully. To read the code, divide the field into four parts: the first
letter, then three sets of 3 letters. The first letter can be a "-", "l",
or "d". The groupings of three can only show "r", "w", "x", and "-". For example,
the "rhostinfo" permissions would be divided into:
- | rw- | r-- | r--
The first part, the single
letter or dash, signifies what the named entry is. For example, if it had
a "d" in it, it would mean that the entry was a directory. In the above example
there is only a "-", meaning that this is a regular file.
The leftmost grouping
of three shows the owner's permission. In your home directory, you are the
owner. Here, the file's owner can read (r) and write (w) this file. Writing
includes the ability to delete. The "-" shows that the file can not be executed
by the owner, as it is placed in the spot reserved for the "x" permission.
The second set of three
shows the group's permission. In the above example, the group is "skyshell."
Skyshell is the group that most of SkyPoint's users belong to. The second
set of three therefore applies to anyone in the skyshell group, which is an
awful lot of people. Here, the read (r) permission is turned on, but the write
(w) and execute (x) permissions are off. That means that anyone in that group
could read or copy the file, but could not delete, change, or run it.
The third, rightmost
set are the set of permissions for the rest of the world (other). Here, they
are the same as for the group.
How Do I Change
The Permissions? - chmod
Usage: chmod [option/operation/mode]
[filename]
| Option
(permission type): |
u =user
(owner)
g =group
o =other |
| Operation: |
+ =add permission
- =remove permission
= = assign permission and remove permission from all other fields |
| Mode:
|
r =read
w =write
x =execute |
The easiest way to explain
how to use chmod is to give an example and let you see how it works. Let's
do a few examples:
Example 1:
-rw-r--r-- 1 aquila skyshell
1756 Apr 2 13:13 rhostinfo
Let's say that we want
the owner (u) of this file to be able to execute this file (if it was executable)
as well as reading and writing to it, we want the group (g) to be able to
read it only, and we don't want the rest of the world (o) to have any access
to it at all. Here's the command we would use to make those changes:
chmod u+x,o-r rhostinfo
Notice that we have added
(+) the execute (x) permission to the owner (u), left the group (g) untouched
by not mentioning it in the command, and removed (-) the read (r) permission
from the rest of the world (o). You should also note that the command does
not have a space after the comma - this is very important, because if you
had a space after the comma the command would not work. The permissions on
rhostinfo, if we did an ls -l rhostinfo, would be:
-rwxr----- 1 aquila
skyshell 1756 Apr 2 13:13 rhostinfo
Example 2:
-rwxr----- 1 aquila
skyshell 2505 May 4 1996 test*
In this example, we will
pretend that test is an executable file. We want the owner (u) to be able
to read (r), write (w), and execute (x) the file. We also want the group (g)
and the rest of the world (o) to be able to read (r) and execute (x) the file
but not change or delete it (w). First we note that the permissions for the
owner are correct, but we need to change the permissions for the group and
the rest of the world. Here are two ways to do this:
chmod u=rwx,g=rx,o=rx
test
chmod g+x,o+x test
Notice that in the first
method, you would specify exactly what you wanted the permissions to be. When
using the assign (=) operation, anything that is not specified as on is automatically
turned off. In the second method, you would use the add (+) and remove (-)
operators to change only what you specified you wanted changed.
We suggest you take some
time to practice the chmod command to become familiar with it. Do not worry
about "breaking" something or not being able to undo your changes to a file
owned by you. You will be able to fix any error you make when you change a
permission on one of your files.
