[Home]  [Links]  [grouch] 


Permissions

Check those file and directory permissions. In the examples below, <filename> is any legitimate file or directory name.

ls -l <filename> will tell you something like -rwxr-xr-x

Those are (r)ead, (w)rite, e(x)ecute permissions for user, group, others. So in this case, the user has rwx permissions, group has r-x permissions, and others have r-x permissions. 'User' is the owner of the file, 'group' includes anyone belonging to the group that owns the file, and 'others' is everyone else.

chown <username>.<groupname> <filename>

sets the ownership of a file or directory.

chmod u+r <filename>

grants (+) the (u)ser (r)ead permission for <filename>.

chmod g+r <filename>

grants (+) everyone in the (g)roup (r)ead permission for <filename>.

chmod o-r <filename>

removes (-) (r)ead permission from all (o)thers for <filename>.

Put them together,

chmod ug+r,o-r <filename>

does the same thing.

Suppose you have a group 'thugs' who want a directory for saving documents outlining their plans to take over the city. The head thug, 'pinky', will own and control the directory.

mkdir /home/thugs
chown pinky.thugs /home/thugs
chmod ug+rwx,o-rwx /home/thugs

Creates the directory, sets the user owning the directory as pinky, sets the group owning the directory as thugs, grants pinky and fellow thugs read, write and execute (or search) permissions on /home/thugs, and revokes read, write and execute permissions from all others. Except root, of course.

You can trim that command down even further if you consider those permissions as bit markers. Think of r=4, w=2 and x=1. Want all permissions? That's 7. Read and write? That's 6. Simple.

Since you have to set permissions for user, group and others, that takes three digits. 777 gives everybody everything. 666 gives read and write to everybody. 755 sets the permissions as follows: u+rwx,g+rx-w,o+rx-w.

So the thugs directory above could be set with

chmod 770 /home/thugs

Use whichever is easiest to remember.