|If you are using FTP software, there is usually a menu option or button that says “Change Permissions,” click this option. You have choices of R(read), W(write), and X(execute)*.If you are using a command line utility such as PuTTy, you need to use the “chmod” command.
If you want to give read permissions, use the command:
chmod 744 yourfile
to give execute permissions*, use the command:
chmod 755 yourfile
to give read/write permissions, use the command:
chmod 766 yourfile
to give all permissions, use the command:
chmod 777 yourfile
*If you are changing permissions for scripts in Perl/CGI, you need to make sure they have execute permissions.
There are 3 levels of security for a file :
Read Permission : Permission to read a file (r)
Write Permission : Permission to edit a file (w)
Execute Permission : Permission to execute a file if it is executable (x)
and 3 different levels for a directory :
Enter Permission : Permission to Enter into the Directory
Show Entry : Permission to see the contents of the Directory
Write Entry : Permission to make a new file or subdirectory in the Directory
For granting the above permissions, users are divided into 3 different sets
User : The owner of the file/directory – mostly the person who created the file/directory
Group : Linux users can be divided in groups and one user can be a member of more than one group.
A Group denotes all users who are members of group(s) to which the owner of a file/directory belongs
Others : All users not in the group(s) of the owner.
For eg :
A user level r/w/x permission means only the owner can read, write and execute the file
A group level r/w/x permission means only the members of group(s) to which the owner belongs can read, write and execute the file
An other level r/w/x permission means Everyone can read/write/execute the file.
chmod -R/c/f/v [u / g / o / a] [+ / – / =] [rwxXstugo..]
for eg. if u want to give all users in the group of the owner just read permission to a file called foo.txt, the command is
chmod g+r /home/aarjav/foo.txt
here g stands for group, + stands for giving permission (as against – for taking permission away), r stands for read permission.
so g+r means ?give group read permission?. All users for the owners group now have read permission to foo.txt
Now if they misbehave and u want to take their read permission away. The command is the same as above, just substituting the + sign with a minus sign
chmod g-r /home/aarjav/foo.txt
As shown the general format of the command is
chmod -R/c/f/v [u / g / o / a] [+ / – / =] [rwxXstugo]
u : user
(X, s, t, u, g and o are not required for common tasks)
the initial options -R/c/f/v are explained as follows :
-c : Displays names of only those files whose permissions are being changed
( –changes can also be used instead of -c )
-f : Suppresses display of error messages when a file?s permissions cannot be changed
( –silent of –quiet can also be used instead of -f )
-R: Recursively changes the permission of all files in all subdirectories of the directory whose
permissions are being changed
( –recursive can also be used )
-v : Displays results of all permission changes
( –verbose can also be used )
The chown command is used to change the user and/or group which owns one or more files or directories. Its general format is :
chown [-Rcfv] [username][:.][groupname] foo.txt
The flags used above are same as those used in the chmod command . The following are the different ways in which this command can be used :
The chgrp command
The chgrp command is used to change the group ownership of one or more files or directories. Its general syntax is :
chgrp [-Rcfv] groupname foo.txt
The flags used here are also the same as those in the chmod command. The changes in ownership are applied to the groupname and the filename specified.
The first column shows current permissions; it has ten slots. The first slot represents the type of file. The remaining nine slots are actually three sets of permissions for three different categories of users.
Those three sets are the owner of the file, the group in which the file belongs, and “others,” meaning other users on the system.
The first item, which specifies the file type, can show one of the following:
Beyond the first item, in each of the following three sets, you will see one of the following:
When you see a dash in owner, group, or others, it means that particular permission has not been granted. Look again at the first column of sneakers.txt and identify its permissions.
The file’s owner (in this case, sam) has permission to read and write to the file. The group, sam, has permission to read and write to sneakers.txt, as well. It is not a program, so neither the owner or the group has permission to execute it.
Use the chmod command to change permissions. This example shows how to change the permissions on sneakers.txt with the chmod command.
The original file looks like this, with its initial permissions settings:
If you are the owner of the file or are logged into the root account you can change any permissions for the owner, group, and others.
Right now, the owner and group can read and write to the file. Anyone outside of the group can only read the file (r--).
In the following example, you want to allow everyone to write to the file, so they can read it, write notes in it, and save it. That means you will have to change the “others” section of the file permissions.
Take a look at the file first. At the shell prompt, type:
The previous command displays this file information:
Now, type the following:
The o+w command tells the system you want to give others write permission to the file sneakers.txt. To check the results, list the file’s details again. Now, the file looks like this:
Now, everyone can read and write to the file.
To remove read and write permissions from sneakers.txt use the chmod command to take away both the read and write permissions.
By typing go-rw, you are telling the system to remove read and write permissions for the group and for others from the file sneakers.txt.
The result will look like this:
Think of these settings as a kind of shorthand when you want to change permissions with chmod, because all you really have to do is remember a few symbols and letters with thechmod command.
Here is a list of what the shorthand represents:
Want to test your permissions skills? Remove all permissions from sneakers.txt — for everyone.
Now, see if you can read the file with the command cat sneakers.txt, which should return the following:
Removing all permissions, including your own, successfully locked the file. But since the file belongs to you, you can always change its permissions back with the following command:
Use the command cat sneakers.txt to verify that you, the file owner, can read the file again.
Here are some common examples of settings that can be used with chmod:
By adding the -R option, you can change permissions for entire directory trees.
Because you can not really “execute” a directory as you would an application, when you add or remove execute permission for a directory, you are really allowing (or denying) permission to search through that directory.
If you do not allow others to have execute permission to tigger, it will not matter who has read or write access. No one will be able to get into the directory unless they know the exact file name.
For example, type:
to remove everyone’s execute permissions.
Here is what happens now when you try to cd to into tigger:
Next, restore your own and your group’s access:
Now, if you check your work with ls -l you will see that only others will be denied access to the tigger directory.
Remember the reference to the shorthand method of chmod? Here is another way to change permissions, although it may seem a little complex at first.
Go back to the original permissions for sneakers.txt:
Each permission setting can be represented by a numerical value:
When these values are added together, the total is used to set specific permissions. For example, if you want read and write permissions, you would have a value of 6; 4 (read) + 2 (write) = 6.
For sneakers.txt, here are the numerical permissions settings:
The total for the user is six, the total for the group is six, and the total for others is four. The permissions setting is read as 664.
If you want to change sneakers.txt so those in your group will not have write access, but can still read the file, remove the access by subtracting two (2) from that set of numbers.
The numerical values, then, would become six, four, and four (644).
To implement these new settings, type:
Now verify the changes by listing the file. Type:
The output should be:
Now, neither the group nor others have write permission to sneakers.txt. To return the group’s write access for the file, add the value of w (2) to the second set of permissions.
Here is a list of some common settings, numerical values and their meanings:
Here are some common settings for directories: