Understanding file permissions and modifying them using chmod

Now that you have learnt what file permissions are, the next obvious part is to learn how to modify them. You have to use the chmod command to change the permissions of a file or directory. To run chmod on a file you should either own the file or you should be the superuser .

The way to use chmod is

$ chmod [newpermissions] [filenames]

Now comes a bit tricky part for beginners (more so for those who don’t have a mathematical background), but I shall try to explain the problem. For chmod the newpermissions have to set using an octal number rather than a decimal number. In case you understood the previous sentence, then you have no problems. If you didn’t then read the next paragraph.

Note : In case you don’t want to understand the octal system method there is a simpler method stated at the end of this article. But the octal number method is almost used by all (atleast by those who consider themselves to be powerusers)

I will not explain the concepts behind octal numbers. I shall only talk about the octal numbers that could be used with chmod. Below are the octal numbers representing different permissions

r, w, x Permissions
Binary
Octal

000
0
–x
001
1
-w-
010
2
-wx
011
3
r–
100
4
r-x
101
5
rw-
110
6
rwx
111
7

You have learnt that there are 9 bits associated with every file / directory (split into 3 parts) to decide the permissions. So in case you have the r,w,x permissions set for a file translate that to a 111 which you should further translate to the number 7 using the above table.

Suppose there is a file with the following permissions as shown in this sample ‘ ls ‘ output

frwxr-xr-x 4 david david 1240 Jan 15 08:12 viewresume


The existing permissions for the above file in octal numbers could be represented as follows

rwxr-xr-x
==> 111101101 ==> 755

That’s it!! I guess it wasn’t so tough after all. Use the above table and figure out the permissions for other files as well. Once you get used to these conversions, you would be able to do it in no time.

Now in case you want to change the permissions so that group members and others can neither read nor execute this file, you would require the new permissions to look something like the following

rwx—— ==> 111000000 ==> 700

So the exact command that you would be typing at the prompt would be

$ chmod 700 viewresume

Now check the permissions of the file once again with an ‘ ls ‘ command and you would see the changes that you just made.

For your quick reference here are a few standard numeric codes (that’s what it is called) that are often used..

Frequently used numeric parameters for chmod
755
The general preferred permissions for almost all the files on your disk
700
Extremely private data
500
Extremely private data that you would not like to accidentally modify. So write protect it
775
General files used when working as a Group (Others can only view/execute your files)
770
Important files used when working as a Group (Others cannot do anything with your files)
750
Allowing group to view your files but no write access (Others cannot do anything with your files)
777
Something you should never want to do 😉


There’s another method to change the permissions of files rather than using these octal numbers (in case you just didn’t get the hang of it). I prefer the octal number method. Others may prefer the following method

$ chmod g-r,g-x,o-r,o-x viewresume

The above command does exactly the same thing that ‘ chmod 700 ‘ command did. Yeah this one is lengthier but its simpler to understand. Its explained below in case you couldn’t figure it..

g-r g = group – (hyphen) = remove r = read permission
o-x o = other(world) – (hyphen) = remove x = execute permission


I guess you got the point.. the other 2 parameters (g-x,o-r) can also be expanded in the same way. Thus the above command asks Linux to remove the r and x permission for both the group members and others (rest of world).

Here is a quick reference if you prefer to use this method (its called the symbolic method)

Symbolic parameters for chmod
u
User (yourself)
g
Group (members of the same group)
o

Others (rest of world)

a
All of the above 3 (u,g and o)

Remove this permission

+

Add this permission

=

Set to this permission

r

Read access

w
Write access
x
Execute access.


Here is another example to make things more clear.

$ chmod g=rwx myprogram.c

The above command would give the group that the file belongs to, read-write-execute permissions irrespective of what the previous permissions were (for the file named myprogram.c)

I have discussed how to use chmod with parameters in numeric mode(755,700, etc.) in more detail than using it with parameters in the symbolic mode (u,g,o, etc.). This is because I have never used the symbolic mode of chmod. I had to refer to my books to get the technical details for this article. I have been using the octal numeric mode since the first time I used chmod.

 

Source : http://www.codecoffee.com/tipsforlinux/articles/032-2.html