3.4.2. The tools
3.4.2.1. The chmod command
A normal consequence of applying strict file permissions, and sometimes a nuisance, is that access rights will need to be changed for all kinds of reasons. We use the chmod command to do this, and eventually to chmod has become an almost acceptable English verb, meaning the changing of the access mode of a file. The chmod command can be used with alphanumeric or numeric options, whatever you like best.
The example below uses alphanumeric options in order to solve a problem that commonly occurs with new users:
asim:~> ./hello
bash: ./hello: bad interpreter: Permission denied
asim:~> cat hello
#!/bin/bash
echo "Hello, World"
asim:~> ls -l hello
-rw-rw-r-- 1 asim asim 32 Jan 15 16:29 hello
asim:~> chmod u+x hello
asim:~> ./hello
Hello, World
asim:~> ls -l hello
-rwxrw-r-- 1 asim asim 32 Jan 15 16:29 hello*
The + and - operators are used to grant or deny a given right to a given group. Combinations separated by commas are allowed. The Info and man pages contain useful examples. Here's another one, which makes the file from the previous example a private file to user asim :
asim:~> chmod u+rwx,go-rwx hello
asim:~> ls -l hello
-rwx------ 1 asim asim 32 Jan 15 16:29 hello*
The kind of problem resulting in an error message saying that permission is denied somewhere is usually a problem with access rights in most cases. Also, comments like, "It worked yesterday," and "When I run this as root it works," are most likely caused by the wrong file permissions.
When using chmod with numeric arguments, the values for each granted access right have to be counted together per group. Thus we get a 3-digit number, which is the symbolic value for the settings chmod has to make. The following table lists the most common combinations:
Table 3-9. File protection with chmod
Command
Meaning
chmod 400
file
To protect a file against accidental overwriting.
chmod 500
directory
To protect yourself from accidentally removing, renaming or moving files from this directory.
chmod 600
file
A private file only changeable by the user who entered this command.
chmod 644
file
A publicly readable file that can only be changed by the issuing user.
chmod 660
file
Users belonging to your group can change this file, others don't have any access to it at all.
chmod 700
file
Protects a file against any access from other users, while the issuing user still has full access.
chmod 755
directory
For files that should be readable and executable by others, but only changeable by the issuing user.
chmod 775
file
Standard file sharing mode for a group.
chmod 777
file
Everybody can do everything to this file.
If you enter a number with less than three digits as an argument to chmod , omitted characters are replaced with zeros starting from the left. There is actually a fourth digit on Linux systems, that precedes the first three and sets special access modes. Everything about these and many more are located in the Info pages.
3.4.2.2. Logging on to another group
When you type id on the command line, you get a list of all the groups that you can possibly belong
* License
