In Linux system, every file has their owner, group and read/write permissions. And these permissions will affect whether other users can edit or read these files.
Today I want to note how to use chmod command to change the file permissions, and what kind of file permissions are divided into.
Check the file permissions
Now, I use the following command to view the informations of my scripts:
ls -l
Output:
drwxr-xr-x 2 clay clay 64 Jan 9 15:29 test
-rw-r--r-- 1 clay clay 554 May 21 2021 python_resize.py
-rw-r--r-- 1 clay clay 346 Dec 31 23:47 random_tasks.py
-rw-r--r-- 1 clay clay 516 Apr 7 2021 c2h.shWe can see that there is a string of -rw-r--r-- link a password at the beginning, which actually represents the permissions of this file.
Permission Representation
And how to read the text like a password? Actually very easy.
There are 10 characters, and the beginning represents whether the file is a directory or not. If it is a directly, it will display d, if not, it will display -. Then there are the tree parts of owner, group, and other uses, and each part has three different permissions of rwx:
一共有 10 個字元,最開頭代表著這份檔案究竟是否為目錄,如果是目錄就顯示 d,如果否則顯示 - 。接著依序是擁有者、群組、其他使用者三個部分,每一個部分都存在著 rwx 三種不同的權限:
rmeans it can be read.wmeans it can be written.xmeans it is executable (this represents traversal permission to the directory, if not, you cannot browse this directory)
Likewise, if - is displayed, it means there is no such operation.
Back to the -rw-r--r-- expression, it means that this file is not a directory, owner can read and write this file, group and other users can only read.
Digital representation of permissions
| Permission Mask | R | W | X | Decimal Representation |
|---|---|---|---|---|
| — | 0 | 0 | 0 | 0 |
| –x | 0 | 0 | 0 | 1 |
| -w- | 0 | 1 | 0 | 2 |
| -wx | 0 | 1 | 1 | 3 |
| r– | 1 | 0 | 0 | 4 |
| r-x | 1 | 0 | 1 | 5 |
| rw- | 1 | 1 | 0 | 6 |
| rwx | 1 | 1 | 1 | 7 |
Before we introducing the chmod command, let’s take a look at the digital expression of file permission. We can treat rwx as a set of binary numbers, which 1 for allowed operations and 0 for disallowed.
After converting from binary to decimal, the highest number is 7 (in binary, 111 is fully open), we will need to use three sets of numbers to represent the owner, group and other users.
For example, the 777 permission, which is fully open, and many Linux predecessors have warned not to use it, represents the highest permission that anyone can read, write and execute, which is very dangerous.
And we can use the stat command to view the digital representation of the permissions of the current file. For example, like the c2h.sh script file with -rw-r--r-- permissions:
stat -c "%a" c2h.sh
Output:
644
Comparing to the table above, it does represent the owner’s read and write permissions, the group user’ and other users’ read-only permissions.
(Note: You can also confirm the file permissions in the details by using the stat file directly)
How to use chmod command
The above describes how to view the permissions of a file, let’s start to introduce how to use the chmod command to change the permissions of a file.
Before starting, I’m going to record 4 additional parameters and 3 operators:
u: file ownerg: user of the group the file belongs too: other usersa: all users
+: Assign selected permission to specific user-: Remove selected permission to specific user=: Set selected permission to specific user
Assign permission
If you cannot use the following command to change the permissions of the file, maybe you do not have the power to change the file, try adding the sudo command at the beginning to change the permissions as root.
First, if you want to give execute/traverse permission to all users, you can use:
首先,若是要將執行權限(遍歷權限)賦予所有使用者,可以使用:
chmod +x c2h.shor
chmod a+x c2h.sh
Both can work. The current permission is:
-rwxr-xr-xRemove permission
But suppose we regret it and want to revoke the permissions that other users can traverse, then it’s the - operator’s turn.
By the way, be careful not to remove the owner’s permissions as well, we have to set a separately to represent other users:
chmod o-x c2h.sh
Output:
-rwxr-xr--Set permission
Setting permissions is to directly specify the permissions that a specific user has. For example, we magically set the file permissions so that the owner and the users of the group have no permissions, but other users have all permissions:
chmod u= c2h.sh
chmod g= c2h.sh
chmod o=rwx c2h.sh
Output:
-------rwx
Amazing permissions!
Use digital representation to set permission
I recommend the permission setting method, we can directly use the number to specify the permission. As for what the numbers are? Naturally, it is the three numbers converted from the binary mentioned above.
The three numbers in order represent three groups: the owner, the group users, and other users.
Let’s say we want to change the permissions back to the original owner can read and write, and the other two users are only:
chmod 644 c2h.sh
Output:
-rw-r--r--
Although it may be a little late to add description, don’t forget that the chmod command does not return the displayed file permissions! The output permissions I have printed are also checked with ls -l.
The above is the introduction to the permission of the Linux system and the record of the chmod command.
References
- https://www.computerhope.com/unix/uchmod.htm
- https://www.pluralsight.com/blog/it-ops/linux-file-permissions