Difference between revisions of "Chmod"
Jump to navigation
Jump to search
(Created page with "== General == Chmod is the system call used to change the access permissions for files and directories. It is also capable of changing additional permissions or special modes...") |
m |
||
| (21 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
| − | == General == | + | [[Category:Basics]] |
| + | == General == | ||
Chmod is the system call used to change the access permissions for files and directories. It is also capable of changing additional permissions or special modes. The current status can be checked with "ls -l". | Chmod is the system call used to change the access permissions for files and directories. It is also capable of changing additional permissions or special modes. The current status can be checked with "ls -l". | ||
| Line 6: | Line 7: | ||
== Command Syntax == | == Command Syntax == | ||
The general syntax of the Chmod call is | The general syntax of the Chmod call is | ||
| + | $ chmod [options] mode[,mode] file1 [file2 ...] | ||
| − | + | {| class="wikitable" style="width: 60%;" | |
| − | |||
| − | {| class="wikitable" style="width: | ||
||| '''Options''' | ||| '''Options''' | ||
|- | |- | ||
| − | | - | + | | -R || Recursive, i.e. include objects in subdirectories |
|- | |- | ||
| − | | -f || | + | | -f || suppress most error messages |
|- | |- | ||
| -v || verbose, show objects changed (unchanged objects are not shown) | | -v || verbose, show objects changed (unchanged objects are not shown) | ||
| Line 23: | Line 23: | ||
The main part of the chmod calls are the octal modes. | The main part of the chmod calls are the octal modes. | ||
| − | + | Structure: | |
| + | |||
| + | <math>\underbrace{d}_\mathrm{type}\ \underbrace{rwx}_\mathrm{owner}\ \underbrace{rw-}_\mathrm{group}\ \underbrace{r--}_\mathrm{other}</math> | ||
| + | |||
| + | with | ||
{| class="wikitable" style="width: 30%;" | {| class="wikitable" style="width: 30%;" | ||
| − | ||| ''' | + | ||| '''Each triad''' |
|- | |- | ||
| − | | first | + | | first character || r: readable |
|- | |- | ||
| − | | second | + | | second character || w: writable |
|- | |- | ||
| − | |third | + | | third character || x: executable |
|} | |} | ||
| + | The very first character (in front of the first triad) shows the type of the file and cannot be changed with chmod. | ||
{| class="wikitable" style="width: 30%;" | {| class="wikitable" style="width: 30%;" | ||
| − | ||| ''' | + | ||| '''Common file types''' |
|- | |- | ||
| − | | | + | | d || a directory |
|- | |- | ||
| − | | | + | | - || a file (e.g. executable, document, picture, etc.) |
|- | |- | ||
| − | | | + | | l || a link |
| − | |||
| − | |||
| − | |||
| − | |||
|} | |} | ||
| Line 74: | Line 75: | ||
For example, the call | For example, the call | ||
| + | <syntaxhighlight lang="bash"> | ||
$ chmod 777 file1 | $ chmod 777 file1 | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | enables reading, writing and executing for the owner, the group and all other users (use with care!). | ||
| + | |||
| + | Valid values for the optional first digit (sticky bit) are: | ||
| + | |||
| + | {| class="wikitable" style="width: 40%;" | ||
| + | | '''Decimal''' || '''Permission''' | ||
| + | |- | ||
| + | | 0 || none | ||
| + | |- | ||
| + | | 1 || only the owner is allowed to delete and rename files in the directory | ||
| + | |- | ||
| + | | 2 || setgid: give permissions to delete and rename files to group | ||
| + | |- | ||
| + | | 4 || setuid: give permissions to delete and rename files to user | ||
| + | |} | ||
| − | + | == Symbolic Permissions == | |
| + | Another way to use chmod is the symbolic mode. The permissions are specified by a string using this structure: | ||
| + | <code>chmod [references][operator][modes]</code> | ||
| + | |||
| + | {| class="wikitable" style="width: 50%;" | ||
| + | | '''Symbol''' || '''Explanation''' | ||
| + | |- | ||
| + | | u || user: owner of the file/directory | ||
| + | |- | ||
| + | | g || group: members of a group a file/directory belongs to | ||
| + | |- | ||
| + | |o || other: users that are not part of the group and not the owner | ||
| + | |- | ||
| + | | a || all: all three classes above (affects all triads) | ||
| + | |} | ||
| + | |||
| + | {| class="wikitable" style="width: 50%;" | ||
| + | | '''Operator''' || '''Explanation''' | ||
| + | |- | ||
| + | | + || adds permissions on its right side to the classes on its left side | ||
| + | |- | ||
| + | | - || removes specified permissions from the given classes | ||
| + | |- | ||
| + | | = || sets the permissions exactly as specified | ||
| + | |} | ||
| + | |||
| + | For the modes, see [[Chmod#Octal_modes|above]]. | ||
| + | |||
| + | ===Examples=== | ||
| + | |||
| + | Give execute permissions to users, groups and others: | ||
| + | <syntaxhighlight lang="bash"> | ||
| + | chmod a+x file1 | ||
| + | </syntaxhighlight> | ||
| + | Remove read and write permissions from others and the group: | ||
| + | <syntaxhighlight lang="bash"> | ||
| + | chmod go-rw file1 | ||
| + | </syntaxhighlight> | ||
| + | Set user and group permissions to "rw-": | ||
| + | <syntaxhighlight lang="bash"> | ||
| + | chmod ug=rw file1 | ||
| + | </syntaxhighlight> | ||
== Commonly used calls == | == Commonly used calls == | ||
A few example calls that are commonly used: | A few example calls that are commonly used: | ||
| − | {| class="wikitable" style="width: | + | {| class="wikitable" style="width: 50%;" |
| '''Command''' || '''Explanation''' | | '''Command''' || '''Explanation''' | ||
|- | |- | ||
| Line 89: | Line 149: | ||
|- | |- | ||
| chmod 777 file1 || sets read, write and execute for everyone. | | chmod 777 file1 || sets read, write and execute for everyone. | ||
| + | |- | ||
| + | | chmod 600 file1 || sets read and write permissions only for the user (typical permissions for private SSH key). | ||
|} | |} | ||
Latest revision as of 15:53, 3 September 2019
General
Chmod is the system call used to change the access permissions for files and directories. It is also capable of changing additional permissions or special modes. The current status can be checked with "ls -l".
Command Syntax
The general syntax of the Chmod call is
$ chmod [options] mode[,mode] file1 [file2 ...]
| Options | |
| -R | Recursive, i.e. include objects in subdirectories |
| -f | suppress most error messages |
| -v | verbose, show objects changed (unchanged objects are not shown) |
Octal modes
The main part of the chmod calls are the octal modes.
Structure:
with
| Each triad | |
| first character | r: readable |
| second character | w: writable |
| third character | x: executable |
The very first character (in front of the first triad) shows the type of the file and cannot be changed with chmod.
| Common file types | |
| d | a directory |
| - | a file (e.g. executable, document, picture, etc.) |
| l | a link |
Numerical Permissions
The file permissions can also be represented in decimal numbers in the chmod call. Up to 4 digits can be set where the leading digit is optional and used to specify the special setuid, setgid, and sticky flags. The remaining 3 digits represent the read, write and execute permissions.
| Decimal | Permission | rwx | Binary |
| 7 | read, write and execute | rwx | 111 |
| 6 | read and write | rw- | 110 |
| 5 | read and execute | r-x | 101 |
| 4 | read only | r-- | 100 |
| 3 | write and execute | -wx | 011 |
| 2 | write only | -w- | 010 |
| 1 | execute only | --x | 001 |
| 0 | none | --- | 000 |
For example, the call
$ chmod 777 file1
enables reading, writing and executing for the owner, the group and all other users (use with care!).
Valid values for the optional first digit (sticky bit) are:
| Decimal | Permission |
| 0 | none |
| 1 | only the owner is allowed to delete and rename files in the directory |
| 2 | setgid: give permissions to delete and rename files to group |
| 4 | setuid: give permissions to delete and rename files to user |
Symbolic Permissions
Another way to use chmod is the symbolic mode. The permissions are specified by a string using this structure:
chmod [references][operator][modes]
| Symbol | Explanation |
| u | user: owner of the file/directory |
| g | group: members of a group a file/directory belongs to |
| o | other: users that are not part of the group and not the owner |
| a | all: all three classes above (affects all triads) |
| Operator | Explanation |
| + | adds permissions on its right side to the classes on its left side |
| - | removes specified permissions from the given classes |
| = | sets the permissions exactly as specified |
For the modes, see above.
Examples
Give execute permissions to users, groups and others:
chmod a+x file1
Remove read and write permissions from others and the group:
chmod go-rw file1
Set user and group permissions to "rw-":
chmod ug=rw file1
Commonly used calls
A few example calls that are commonly used:
| Command | Explanation |
| chmod 664 file1 | sets read and write permissions for owner and group, and provides read to others. |
| chmod 744 file1 | sets read, write and execute for the owner and read only for the group and all others. |
| chmod 777 file1 | sets read, write and execute for everyone. |
| chmod 600 file1 | sets read and write permissions only for the user (typical permissions for private SSH key). |