chmod [options] who operator permission file-list (symbolic)
chmod [options] mode file-list (absolute)
chmod [options] ––reference=rfile file-list (referential)
The chmod utility changes the ways in which a file can be accessed by the owner of the file, the group to which the file belongs, and/or all other users. Only the owner of a file or Superuser can change the access mode, or permissions, of a file. You can specify the new access mode absolutely, symbolically, or referentially.
Arguments
Arguments specify which files are to have their modes changed in what ways.
Symbolic
You can specify multiple sets of symbolic modes (who operator permission) by separating each set from the next with a comma.
The chmod utility changes the access permission for the class of users specified by who. The class of users is designated by one or more of the letters specified in the who column of Table V-4.
| who | User class | Meaning |
|---|---|---|
| u | User | Owner of the file |
| g | Group | Group to which the owner belongs |
| o | Other | All other users |
| a | All | Can be used in place of ugo |
Table V-5 lists the symbolic mode operators.
| operator | Meaning |
|---|---|
| + | Adds permission for the specified user class |
| – | Removes permission for the specified user class |
| = | Sets permission for the specified user class—resets all other permissions for that user class |
The access permission is specified by one or more of the letters listed in Table V-6.
| permission | Meaning |
|---|---|
| r | Sets read permission |
| w | Sets write permission |
| x | Sets execute permission |
| s | Sets user ID or group ID (depending on the who argument) to that of the owner of the file while the file is being executed (For more information see page 94.) |
| t | Sets the sticky bit (Only Superuser can set the sticky bit, and it can be used only with u; see page 903.) |
| X | Makes the file executable only if it is a directory or if another user class has execute permission |
| u | Sets specified permissions to those of the owner |
| g | Sets specified permissions to those of the group |
| o | Sets specified permissions to those of others |
Absolute
You can use an octal number to specify the access mode. Construct the number by ORing the appropriate values from Table V-7. To OR two octal numbers from this table, just add them. (Refer to Table V-8 for examples.)
| mode | Meaning |
|---|---|
| 4000 | Sets user ID when the program is executed (page 94) |
| 2000 | Sets group ID when the program is executed (page 94) |
| 1000 | Sticky bit (page 903) |
| 0400 | Owner can read the file |
| 0200 | Owner can write to the file |
| 0100 | Owner can execute the file |
| 0040 | Group can read the file |
| 0020 | Group can write to the file |
| 0010 | Group can execute the file |
| 0004 | Others can read the file |
| 0002 | Others can write to the file |
| 0001 | Others can execute the file |
| Mode | Meaning |
|---|---|
| 0777 | Owner, group, and others can read, write, and execute file |
| 0755 | Owner can read, write, and execute file; group and others can read and execute file |
| 0711 | Owner can read, write, and execute file; group and others can execute file |
| 0644 | Owner can read and write file; group and others can read file |
| 0640 | Owner can read and write file, group can read file, and others cannot access file |
Table V-8 lists some typical modes.
Options
| ––changes | –c | Displays a message giving the new permissions for each file whose mode is changed. |
| ––quiet or ––silent | –f | Prevents the display of warning messages about files whose permissions prevent chmod from changing the permissions of the file. |
| ––recursive | –R | Recursively descends a directory specified in file-list and changes the permissions on all files in the directory hierarchy. |
––reference=rfile
| Changes the permissions of the files in file-list to that of rfile. | ||
| ––verbose | –v | Displays for each file a message saying that its permissions were changed (even if they were not changed) and specifying the permissions. Use ––changes to display messages only when permissions are actually changed. |
Notes
When you are using symbolic arguments, you can omit the permission from the command line only when the operator is =. This omission takes away all permissions. See the second example in the next section.
Examples
The following examples show how to use the chmod utility to change the permissions of the file named temp. The initial access mode of temp is shown by ls (see "Discussion" on page 710 for information about the ls display):
$ ls -l temp
-rw-rw-r-- 1 alex pubs 57 Jul 12 16:47 temp
When you do not follow an equal sign with a permission, chmod removes all permissions for the specified user class. The following command removes all access permissions for the group and all other users so that only the owner has access to the file:
$ chmod go= temp
$ ls -l temp
-rw------- 1 alex pubs 57 Jul 12 16:47 temp
The next command changes the access modes for all users (owner, group, and others) to read and write. Now anyone can read from or write to the file.
$ chmod a=rw temp
$ ls -l temp
-rw-rw-rw- 1 alex pubs 57 Jul 12 16:47 temp
Using an absolute argument, a=rw becomes 666. The next command performs the same function as the previous one:
$ chmod 666 temp
The next command removes write access permission for other users. As a result members of the pubs group can still read from and write to the file, but other users can only read from the file:
$ chmod o-w temp
$ ls -l temp
-rw-rw-r-- 1 alex pubs 57 Jul 12 16:47 temp
The following command yields the same result, using an absolute argument:
$ chmod 664 temp
The next command adds execute access permission for all users:
$ chmod a+x temp
$ ls -l temp
-rwxrwxr-x 1 alex pubs 57 Jul 12 16:47 temp
If temp is a shell script or other executable file, all users can now execute it. (You need read and execute access to execute a shell script but only execute access to execute a binary file.) The absolute command that yields the same result is
$ chmod 775 temp
The final command uses symbolic arguments to achieve the same result as the preceding one. It sets permissions to read, write, and execute for the owner, and to read and write for the group and other users. A comma separates the sets of symbolic modes.
$ chmod u=rwx,go=rw temp
No comments:
Post a Comment