Before diving into chmod, let’s understand what file permissions in Linux mean. Linux uses a system of file permissions to control who can read, write, or execute a file or directory. These permissions are divided into three main categories:
- Owner (User): The person who owns the file or directory.
- Group: A group of users that can share the file.
- Others: All other users who are not the owner or part of the group.
- Read (r): Permission to view the content of a file.
- Write (w): Permission to modify or delete the file.
- Execute (x): Permission to run the file as a program or script.
chmod [options] mode file
- mode specifies the permissions you want to set.
- file refers to the name of the file or directory you want to modify.
Symbolic Mode
In symbolic mode, we use characters to represent the different types of users and permissions:
u: Owner (user)
g: Group
o: Others
a: All (owner, group, and others)
Permissions are represented by:
r: Read
w: Write
x: Execute
You can modify the permissions using + (add), - (remove), and = (set exactly).
Examples:
chmod u+x file.txt: Add execute permission for the owner.
chmod g-w file.txt: Remove write permission for the group.
chmod o=r file.txt: Set read-only permission for others.
Numeric Mode
In numeric mode, permissions are represented by numbers. Each permission is given a numeric value:
r (read) = 4
w (write) = 2
x (execute) = 1
No permission = 0
Each category (Owner, Group, and Others) gets a number, and these values are combined to form a three-digit number. Here’s how:
- Owner permissions are set by the first digit.
- Group permissions are set by the second digit.
- Others permissions are set by the third digit.
use:
chmod 740 file.txt
Common chmod Examples:
Let’s look at some common chmod scenarios and how you can apply them:
1. Setting Full Permissions for the Owner (Read, Write, Execute)
To allow the file owner full control (read, write, execute), but restrict permissions for the group and others:
chmod 700 file.txt
This means:
Owner: Read, Write, Execute (7)
Group: No permissions (0)
Others: No permissions (0)
2. Making a File Read-Only for Everyone
To make a file readable by everyone but not writable or executable, use:
chmod 444 file.txt
This means:
Owner: Read-only (4)
Group: Read-only (4)
Others: Read-only (4)
3. Allowing Everyone to Read, Write, and Execute a File
To give read, write, and execute permissions to everyone (Owner, Group, and Others), use:
chmod 777 file.txt
This means:
Owner: Read, Write, Execute (7)
Group: Read, Write, Execute (7)
Others: Read, Write, Execute (7)
Warning: Granting full permissions (777) to files, especially sensitive ones, can create security vulnerabilities. It’s best to use this sparingly and only on files that require full access.
4. Granting Execute Permission to a Script for the Owner
If you want to make a script executable by the owner, use:
chmod u+x script.sh
This adds the execute permission to the owner of the file.
5. Revoking Write Permission from Group
To remove write permission for the group but leave the read and execute permissions intact:
chmod g-w file.txt
Special Permissions:
In addition to the regular read, write, and execute permissions, there are a few special permissions in Linux that can be set using chmod:
- Setuid: When set on an executable file, the process runs with the permissions of the file owner. (Numeric value: 4)
- Setgid: When set on a directory, new files created within inherit the group of the directory. (Numeric value: 2)
- Sticky Bit: Often used on directories, it allows only the owner of a file within a directory to delete or rename that file. (Numeric value: 1)
chmod 4755 script.sh
This would set the setuid permission along with standard read, write, and execute permissions.
No comments:
Post a Comment