-->
Previous Table of Contents Next


The chmod command changes the permissions of file1 as requested, leaving the user permissions alone. Since file2 didn’t have read or write permissions to start with, the command didn’t change the permissions at all. The command did run properly, however.


Note:  
Anyone who has permission to read a file can also copy that file. When a file gets copied, the copy is owned by the person doing the copying. He or she can then change ownership and permissions, edit the file, and so on.


Warning:  
Don’t assume that a no-write permission makes a file safe!

Removing write permission from a file doesn’t prevent the file from being deleted. It does prevent it from being accidentally deleted because Linux asks whether you want to override the file permissions. You have to answer y or the file is not deleted.


The other way to change permissions is to use an absolute setting. In this method, you specify exactly which permissions you want the user, group, and other permissions to be. This is done through a set of octal numbers which, perversely, are the opposite of those you saw in the umask command. The values allowed are

0 or ---: no permissions
1 or --x: execute
2 or -w-: write-only
3 or -wx: write and execute
4 or r--: read-only
5 or r-x: read and execute
6 or rw-: read and write
7 or rwx: read, write, and execute

You must specify which of these eight numbers applies for user, group, and other. For example, to set a file to the default permissions of read and write for user, read-only for group and other, use the setting 644. Here are a few examples of using chmod with octal absolute settings:


darkstar:~$ ls -l myfile

-rw-r--r--   1 fido    users       114 Dec 7 14:31 myfile

darkstar:~$ chmod 345 myfile

darkstar:~$ ls -l myfile

--wxr--r-x   1 fido    users       114 Dec 7 14:31 myfile

darkstar:~$ chmod 701 myfile

darkstar:~$ ls -l myfile

-rwx-----x   1 root    users       114 Dec 7 14:31 myfile

This method of using octal numbers has the advantage of specifying the permissions in an absolute, rather than relative, fashion. Also, it’s easier to tell someone “Change permissions on the file to 755,” than to say “Change permissions on the file to read-write-execute, read-execute, read-execute.”

The primary problem with octal addressing is that it’s difficult to learn all the combinations unless you do it often. And, if all you want to do is add a single permission, such as execute for user or write for group, you still have to figure out all the values instead of using simpler symbolic notation.

The method you use with chmod tends to depend on your experience with Linux. As you use the system more, you’ll find you start using octal addressing more often but still revert to symbolic every now and then for simple changes.

Changing Directory Permissions

You change directory permissions with chmod exactly the same way you do with files. Linux treats directories exactly the same as files, so the approach makes sense. Remember that if a directory doesn’t have execute permissions, you can’t cd to it, so giving or removing execute permission on a directory can have important implications for users.


Warning:  
Any user who has write permission in a directory can delete files in that directory, whether or not that user owns or has write privileges to those files.

Most directories, therefore, have permissions set to drwxr-xr-x. This ensures that only the directory’s owner can create or delete files in that directory.

It is especially dangerous to give write permission to all users for directories!


You can change directory permissions with octal or symbolic modes, as the following examples show:


$ mkdir bigdir

$ ls -l

total 2

drwxr-xr-x   2 tparker group      512 May 9 12:10 bigdir

$ chmod go+w bigdir

$ ls -l

total 2

drwxrwxrwx   2 tparker group      512 May 9 12:10 bigdir

$ chmod 755 bigdir

$ ls -l

total 2

drwxr-xr-x   2 tparker group      512 May 9 12:10 bigdir

Use whichever method you find the most convenient.


Tip:  
If you’re familiar with the binary system, think of rwx as a three-digit binary number to make calculating absolute addressing values easier. If permission is allowed, the corresponding digit is 1. If permission is denied, the digit is 0. So r-x would be the binary number 101, which is 4+0+1, or 5. --x would be 001, which is 0+0+1, which is 1, and so on.

Summary

You should now be more comfortable changing file and directory permissions, as well as the owner and group. As we mentioned at the start of this chapter, this is the subject that confuses most Linux users; we hope that by going slowly you’ve grasped the ideas behind these commands. You can now move on to the next few chapters, which talk about shells and shell utilities in more detail. For more information, see the following chapters:

The Bourne Again Shell, your default interface to Linux, is discussed in Chapter 11, “bash.”
The built-in shell programming commands for extending the power of your interface are examined in Chapter 14, “Shell Programming.”
Text editors to create a file is described in Chapter 16, “Text Editors: vi and emacs.”
The X interface is discussed in Chapter 22, “Installing and Configuring XFree86.”


Previous Table of Contents Next