chmod command

The chmod command changes the access mode of one file or multiple files.

Syntax

The syntax for the chmod command is:
chmod [option] mode files

Options

OptionDescription
-RDescend directory arguments recursively while setting modes.
-fSuppress error messages if command fails.

Mode

ModeDescription
Whou=user, g=group, o=other, a=all (default)
Opcode+ means add permission
- means remove permission
= means assign permission and remove the permission of unspecified fields
Permissionr=Read, w=write, x=Execute, s=set uid bit, t=sticky bit
u=user, g=group, o=other, l=mandatory locking

Symbolic examples

Add write permission (w) to the group's(g) access modes of a directory, allowing users in the same group to add files:
$ ls -ld shared_dir # show access modes before chmod
drwxr-xr-x   2 teamleader  usguys 96 Apr 8 12:53 shared_dir
$ chmod  g+w shared_dir
$ ls -ld shared_dir  # show access modes after chmod
drwxrwxr-x   2 teamleader  usguys 96 Apr 8 12:53 shared_dir
Remove write permissions (w) for all classes (a), preventing anyone from writing to the file:
$ ls -l ourBestReferenceFile
-rw-rw-r--   2 teamleader  usguys 96 Apr 8 12:53 ourBestReferenceFile
$ chmod a-w ourBestReferenceFile
$ ls -l ourBestReferenceFile
-r--r--r--   2 teamleader  usguys 96 Apr 8 12:53 ourBestReferenceFile
Set the permissions for the user and the group (ug) to read and execute (rx) only (no write permission) on referenceLib, preventing anyone to add files.
$ ls -ld referenceLib
drwxr-----   2 teamleader  usguys 96 Apr 8 12:53 referenceLib
$ chmod ug=rx referenceLib
$ ls -ld referenceLib
dr-xr-x---   2 teamleader  usguys 96 Apr 8 12:53 referenceLib

 Numerical permissions
The chmod numerical format accepts up to four octal digits. The three rightmost digits refer to permissions for the file user, the group, and others. The optional leading digit, when 4 digits are given, specifies the special setuidsetgid, and sticky flags.
Each digit of the three rightmost digits represent a binary value, which it's bits control the read, write and execute respectively, where 1 means allow and 0 means don't. This is similar to the octal notation, but represented in decimal numbers.
#PermissionrwxBinary
7read, write and executerwx111
6read and writerw-110
5read and executer-x101
4read onlyr--100
3write and execute-wx011
2write only-w-010
1execute only--x001
0none---000
For example, 754 would allow:
read, write, and execute for the user, as the binary value of 7 is 111, meaning all bits are on.
read and execute for the Group, as the binary value of 5 is 101, meaning read and execute are on but write is off.
read only for Others, as the binary value of 4 is 100, meaning that only read is on.

Numeric example

Change permissions to permit members of the programmers group to update a file.
$ ls -l sharedFile
-rw-r--r--  1 jsmith programmers 57 Jul  3 10:13  sharedFile
$ chmod 664 sharedFile
$ ls -l sharedFile
-rw-rw-r--  1 jsmith programmers 57 Jul  3 10:13  sharedFile

Command line examples

CommandExplanation
chmod a+r publicComments.txtadds read permission for all classes (i.e. user, group and others)
chmod +r publicComments.txtadds read permission for all classes depending on umask
chmod a-x publicComments.txtremoves execute permission for all classes
chmod a+rx viewer.shadds read and execute permissions for all classes
chmod u=rw,g=r,o= internalPlan.txtsets read and write permission for user, sets read for group, and denies access for others
chmod -R u+w,go-w docsadds write permission to the directory docs and all its contents (i.e. Recursively) for owner, and removes write permission for group and others
chmod ug=rw groupAgreements.txtsets read and write permissions for user and group
chmod 664 global.txtsets read and write permissions for user and group, and provides read to others.
chmod 0744 myCV.txtsets read, write, and execute permissions for user, and sets read permission for group and others (the 0 specifies no special modes)
chmod 1755 findReslts.shsets sticky bit, sets read, write, and execute permissions for owner, and sets read and execute permissions for group and others (this suggests that the script be retained in memory)
chmod 4755 setCtrls.shsets UID, sets read, write, and execute permissions for owner, and sets read and execute permissions for group and others
chmod 2755 setCtrls.shsets GID, sets read, write, and execute permissions for user, and sets read and execute permissions for group and others
chmod -R u+rwX,g-rwx,o-rx personalStuffRecursively (i.e. on all files and directories in personalStuff) adds read, write, and special execution permissions for user, removes read, write, and execution permissions for group, and removes read and execution permissions for others
chmod -R a-x+X publicDocsRecursively (i.e. on all files and directories in publicDocs) removes execute permission for all classes and adds special execution permission for all classes

- rw- rw- r--  mik  mik    assgn1_client.c
- rw- rw- r--  mik  mik    assgn1_server.c
d rwx rwx r-x  mik  mik    EXAM
- rw- rw- r--  mik  mik    raw.c
- rwx r-x r-x  mik  mik    header.sh
... so on...
  • The very first column represents the type of the file i.e. is it a normal file or a
    directory where d represents a directory and – represents a normal file.
  • The first set three letters after the file type tell what the Owner of the file, have permissions to do. For example: In assgn1_client.c, has owner’s permission as rw-, which means the owner mik can only read(r) and write(w) the file but cannot execute(x).
  • Note: The 3rd and 4th columns represents the name of the owner of the file and the group to which the owner belongs respectively.
  • The next three letters after the user’s permission are the group’s permissions.
    For example: header.sh has group permissions as r-x, which means Other people in the mik group can not write(w) the header.sh script but can only read(r) or execute(x) it.
  • Note that when a directory has the x set, this takes the special meaning of “permitted to search this directory”.
  • The last three letters in the permissions column tell us what the “others” may do. The general practice is to protect the files from external access so that others can’t write any files or directories. They may read(r) or execute(x) it. For example: The assgn1_client.c has others permission as r- – which means it can only be read by other(external) access but cannot be written or executed by them.

Comments

Post a Comment

Popular posts from this blog

gsutil Vs Storage Transfer Service Vs Transfer Appliance

When transferring data from an on-premiss location, use gsutil When transferring data from another cloud storage provider, use storage transfer service gsutil is a Python application that lets you access Cloud Storage from the command line. You can use gsutil to do a wide range of bucket and object management tasks, including: Creating and deleting buckets. Uploading, downloading, and deleting objects. Listing buckets and objects. Moving, copying, and renaming objects. Editing object and bucket ACLs. gsutil performs all operations, including uploads and downloads, using HTTPS and transport-layer security (TLS). For a complete list of guides to completing tasks with gsutil, see  Cloud Storage How-to Guides . Storage Transfer Service is a product that enables you to: Move or backup data to a Cloud Storage bucket either from other cloud storage providers or from your  on-premises  storage. Move data from one Cloud Storage bucket to another, so that it is available to differe...
Read more

SQL basic interview question

Image
Question #1) What is SQL? Structured Query Language is a database tool which is used to create and access database to support software application. Question #2) What are tables in SQL? The table is a collection of record and its information at a single view. Question #3) What are different types of statements supported by SQL? There are 3 types of SQL statements 1) DDL (Data Definition Language):  It is used to define the database structure such as tables. It includes three statements such as Create, Alter, and Drop. Some of the DDL Commands are listed below CREATE : It is used for creating the table. 1 CREATE   TABLE  table_name 2 column_name1 data_type( size ), 3 column_name2 data_type( size ), 4 column_name3 data_type( size ), ALTER:  The ALTER table is used for modifying the existing table object in the database. ALTER TABLE table_name ADD column_name datatype OR ALTER TABLE table_name DROP ...
Read more