Remember when we made a reference to the "shorthand" method of chmod? Here's another way to change permissions; it may seem a little complex at first - especially if math isn't your strong suit.
Let's go back to the original permissions for sneakers.txt.
-rw-rw-r-- 1 newuser newuser 150 Mar 19 08:08 sneakers.txt |
Each permission setting can be represented by a numerical value:
r = 4
w = 2
x = 1
- = 0
When these values are added together, the total is used to set specific permissions - more specific than changing permissions with the alphabetical "shorthand."
In sneakers.txt, then, here are the numerical permissions settings:
- (rw-) (rw-) (r--) | | | 4+2+0 4+2+0 4+0+0 |
The total for the user is six, the total for the group is six and the total for others is four. The permissions setting, then, is read as 664.
If we want to change sneakers.txt so those in our group didn't have write access, but could still read the file (as shown in Figure 13-20), we'll have to remove the access by subtracting 2 from that set of numbers.
The numerical values, then, would become six, four and four -- or 644.
So we can type:
chmod 644 sneakers.txt |
Let's check our changes by listing the file (ls -l sneakers.txt):
-rw-r--r-- 1 newuser newuser 150 Mar 19 08:08 sneakers.txt |
And there it is; now, neither the group nor others have write permission to sneakers.txt. To return the group's write access for the file, we can just add the value of w (2) to the second set of permissions.
chmod 664 sneakers.txt |
Beware 666 and 777 | |
---|---|
Biblical implications aside, setting permissions to 666 or 777 will allow everyone to read and write to a file or directory. Such settings as these could allow tampering with sensitive files, so in general, it's not a good idea to allow these settings. |
Here's a list of some common settings, numerical values and their meanings:
-rw------- (600) -- Only the user has read and write permissions.
-rw-r--r-- (644) -- Only user has read and write permissions; the group and others can read only.
-rwx------ (700) -- Only the user has read, write and execute permissions.
-rwxr-xr-x (755) -- The user has read, write and execute permissions; the group and others can only read and execute.
-rwx--x--x (711) -- The user has read, write and execute permissions; the group and others can only execute.
-rw-rw-rw- (666) -- Everyone can read and write to the file. Bad idea.
-rwxrwxrwx (777) -- Everyone can read, write and execute. Another bad idea.
Here are a couple common settings for directories:
drwx------ (700) -- Only the user can read, write in this directory.
drwxr-xr-x (755) -- Everyone can read the directory, but its contents can only be changed by the user.
Summary | |
---|---|
You can change permissions with the chmod command by using letters or numbers. Type chmod permissions file to change permissions of a file or directory. |
You've already come quite a distance in learning about your Red Hat Linux system -- from navigation to setting and changing permissions. Now, it's time to learn a little more about managing what you have on your system.