| Getting Started with Linux - Lesson 14 |
|---|
'chmod' explained
chmod is the program that is used to change file permissions
on a Linux system. As we mentioned, others cannot modify your personal
user files but you may not want other people to even read these files.
You can use this command to take away the possibility of others prying
into your private stuff.
The syntax (parts separated by brackets) for using this command is the following:
chmod [a/o/g/u] [+ or -] (plus or minus sign) [r/w/x]
Let's analyze the syntax:
- The symbols in the first brackets refer to the four concepts of
users that Linux has.
- a=all, all users
- o=others, (other people)
- g=group, the members of your group
- u=user, (this means you)
- The symbol + adds permissions and the symbol - takes them
away. As we say in the Linux world chmod giveth, chmod taketh away
- Your actual rights to files - r=read rights, w=write rights
(pardon the homophonic redundancy!) and x=executable rights
Practical examples of chmod
As we mentioned before, you may want to restrict rights to read
a file. You would simply type:
chmod og-r my_world_domination_plan.txt
Now nobody can read your plans to take over the world except you. Best to
keep those secret anyway.
We also talked earlier about those files that you may have copied from
a Windows partition or a floppy formatted for Windows. Even if they're not
executable files, they'll show up as such (-rwxr-xr-x). You can change them
to their correct permissions, getting rid of the executable status with:
chmod a-x the_file
Remember that if you copied them as 'root', you will have to use chmod as
root to do this. You could even go one step further and change the ownership
of the file to the user you desire. You may want to change root ownership
to yourself (your user name). We'll go into this in the next part of the lesson.
Using chmod with number values
The permissions in Linux also can also be changed with number values. An
accomplished Linux/Unix user will probably use this system more. When you're
beginning with Linux, the method we described before will probably be
clearer to you. Without going into tedious technical detail, we'll describe the
chmod number system to you and look at two of the most common examples.
As I said before, we have three sections to permissions; those of the
owner of the file followed by those of the group and then the permissions of
others. So if you use numbers with 'chmod', there will be three numbers
following the command. One number corresponds to each group. Here's an example of a chmod command with numbers:
chmod 644 grocery_list.txt
If you had used 'pico' to write up a grocery list for your trip to the
supermarket today, Linux would have given you 644 permission by default.
That means, read and write permissions for the owner but no write permissions for the
group and for others. So the number 6 means read and write permissions for you, the number 4 means read permissions for the group and the last number, 4
means read permissions for others. Now the question is: Why these numbers?
Why not other numbers, like the number 8 or 12 or even 1345? Let's explain
this.
The three types of permissions correspond to three numbers. Read permission
is given a value of 4. Think of it as the most important permission.
(if you can't read a file, then what else can you do with it?) Write permission
is given a value of 2. Execute permission is given a value of 1.
Here's what it would look like:
| User (or the owner) |
Group |
Others |
| read-write-execute |
read-write-execute |
read-write-execute |
| 4-2-1 |
4-2-1 |
4-2-1 |
It's really just a question of simple arithmetic. In our example of
chmod 644 grocery_list.txt, we've added the 4 for read permission and
to the 2 for write permission for the owner to get 6. We've just given the
group and others read permission, so there's nothing to add in these two
groups. Just give it a 4 in each case. Presto! 644.
Some practical examples with numbers
Let's take another look at my file that has my plans for dominating the
world (my_world_domination_plan.txt). I had taken away the read permissions for
everybody except myself using +/- letter method.
(chmod og-r my_world_domination_plan.txt)
Now let's do the same with the numbers.
chmod 600 my_world_domination_plan.txt
As you can see I have read and write permissions for me (4 read + 2 write
equals 6) and 0 permissions for everybody else. The Zero value means
7 (maximum permission value) minus 4 minus 2 minus 1 equals 0.
Real world examples with 'chmod'
I'd like to talk about a real world practical example for doing this.
There is a command mode program called 'fetchmail' for getting your
e-mail. It's a very good program if you're using your computer as
different users for various jobs. It will send mail to the different users
based on e-mail addresses. The different addresses are stored in a file
that you create called '.fetchmailrc'
This file also includes the user name and password for retrieving mail
from each address. We've got a possible security hole here, particularly
if you're networked. This file shouldn't be read by everybody. When you
create your .fetchmailrc file, you must then use
chmod 600/chmod og-r on the file to solve the security issue. In fact,
'fetchmail' won't run if you don't. It will complain about the file's
permissions.
Let's look at another "real world" example. As the internet becomes
more popular, websites need to be more user friendly and interactive.
It's becoming more and more common to use scripts to improve the quality of a
website's offerings. If you used a language like perl to write
the scripts and you hosted your website with a company that runs Linux
on their servers (we would hope that you would do this!), you would
probably be given permission to use these scripts on your website. You
would then have to give the scripts read and execute permissions so
that the your visitors could use them. After you uploaded a script
to your website, you would then issue this command:
chmod 755 my_awesome_script
and the script would become "executable" (and readable) for the outside
world. (7 - 4 read, 2 write 1 executable for you, 4 read and 1 executable for
group and others). You could also use chmod og+rx my_awesome_script
The script is then "converted" into a "program" so to speak. You have also
converted yourself into a "web developer" with the right to hang your
shingle on the door.
chmod is one of those commands that are used most by system administrators.
In our Linux system administration course, we'll go into this command in
more detail. In this lesson we've shown you just a few practical examples to
get your feet wet with this very important command.
[Previous] [Next]
| 
![[ Register ]](/images/navbar/register.gif){kind=small}
![[ Applications ]](/images/navbar/applications.gif){kind=small}
![[ Documentation ]](/images/navbar/documentation.gif){kind=small}
![[ Distributions ]](/images/navbar/distributions.gif){kind=small}
![[ Download Info ]](/images/navbar/download.gif){kind=small}
![[ General Info ]](/images/navbar/geninfo.gif){kind=small}
![[ Book Store ]](/images/navbar/bookstore.gif){kind=small}
![[ Courses ]](/images/navbar/courses.gif){kind=small}
![[ News ]](/images/navbar/news.gif){kind=small}
![[ People ]](/images/navbar/people.gif){kind=small}
![[ Hardware ]](/images/navbar/hardware.gif){kind=small}
![[ Vendors ]](/images/navbar/vendors.gif){kind=small}
![[ Projects ]](/images/navbar/projects.gif){kind=small}
![[ Events ]](/images/navbar/events.gif){kind=small}
![[ User Groups ]](/images/navbar/usergroups.gif){kind=small}
![[ User Area ]](/images/navbar/user_area.gif){kind=small}
![[ About Us ]](/images/navbar/aboutus.gif){kind=small}
![[ Home Page ]](/images/navbar/homepage.gif){kind=small}
![[ Advertise ]](/images/navbar/advertise.gif){kind=small}
