One of the many reasons for the strength of Linux security is permissions. Permissions allow users to read, write, or execute a file. Without the correct permissions a user may not be able to alter a file. In this Linux Command Line article you are going to learn the ins and outs of chmod.
How chmod works
Chmod works by changing the mode of parameters on files and directories. If you look at an extended listing of a file you will see something like this:
-rw-r--r-- 1 jlwallen jlwallen 4096 2008-11-14 12:56 test1
Here is a breakdown of what you are seeing:
- -rw-r--r-- : These are the actual permissions of the file (more on this in a moment).
- 1 : The number of links.
- jlwallen : The owner of the file.
- jlwallen: The group the file belongs to.
- 4096: The size of the file (in bytes).
- 2008-11-14 12:56: Time and date the file was created.
- test1: The file name.
For chmod purposes, the most important section is the first - the permissions settings. The -rw-r--r-- listing is broken down into three sections: -rw, r--, and r--. These sections are for: user, group, and other. Here's what the "bits" mean:
- r - read
- w -write
- x - execute
So for a user to have rwx permissions for a file it would look like: -rwx------. What that also shows us is that group and other have no permissions for a file.
Now for the important part. How do you change the permissions of a file. That is where the chmod comes in.
First, you have to actually have permission to change permission of a file. That means the file has to belong to you. So if you are user maryjane and you want to change the permissions of a file belonging to jlwallen, you will be out of luck (unless you know the password for either jlwallen or the root user). But if you are the owner of the file you can change the permission.
Say you want to create a bash script (we'll call it script to do something and you have to make it executable. To do this, add the executable permission chmod u+x script. That will add only the executable permission to the file.
If you want to add write permission you would issue the command chmod u+w script.
To grant read permisison you would issue the command chmod u+r script.
In order to give all three permissions use the command chmod u+rwx script. You can also remove permissions the same way - only you exchange ~ezentity_quot+ezentity_quot~ with "-".
What about directories
Let's say you want to change the permission of a directory, as well as all of its contents, to give a group read and write permission. To do this, add the -R (for "recursive") argument to the command. In our example we'll use the directory TEST. To change TEST and its contents you would issue a command like: chmod -R g+rw TEST. This would only alter the group permissions of the directory and its contents.
If you are administering a Linux machine, one day you will have to change the permissions of a file or directory. It's a necessary task that should become second nature. With this article you should now have a basic understanding of how chmod works to alter the permissions of a file.