The owner can read and write the directory; all other users can only read the contents of the directory. A directory such as this would most likely contain files that have "world read" permissions. When a file is created, the permission flags are set according to the file mode creation mask, which can be set using the umask command. The file mode creation mask sometimes referred to as "the umask" is a three-digit octal value whose nine bits correspond to fields of the permission flags.
The resulting permissions are calculated via the bitwise AND of the unary complement of the argument using bitwise NOT and the default permissions specified by the shell typically for files and for directories. Common useful values are:. This is read after. The chmod "change mode" command is used to change the permission flags on existing files. It can be applied recursively using the -R option. It can be invoked with either octal values representing the permission flags, or with symbolic representations of the flags.
The octal values have the following meaning:. In the above example, the umask for user elvis results in a file that is read-write for the user, with no other permissions. The chmod command specifies read-write-execute permissions for the user, and read-execute permissions for group and other. Classes are formed by combining one or more of the following letters:. There are two basic ways of using chmod to change file permissions: The symbolic method and the absolute form.
The first and probably easiest way is the relative or symbolic method, which lets you specify permissions with single letter abbreviations. A chmod command using this method consists of at least three parts from the following lists:.
For example, to add permission for everyone to read a file in the current directory named myfile , at the Unix prompt, enter:. If you omit the access class, it's assumed to be all, so you could also enter the previous example as:. You can also specify multiple classes and types with a single command.
For example, to remove read and write permission for group and other users leaving only yourself with read and write permission on a file named myfile , you would enter:. You can also specify that different permissions be added and removed in the same command.
For example, to remove write permission and add execute for all users on myfile , you would enter:. In each of these examples, the access types that aren't specified are unchanged. The previous command, for example, doesn't change any existing settings specifying whether users besides yourself may have read r access to myfile.
The chmod command also operates on directories. For example, to remove write permission for other users on a subdirectory named mydir , you would enter:. To change permissions recursively in all subdirectories below the specified directory, add the -R option; for example, to grant execution permissions for other users to a directory mydir and all the subdirectories it contains, you would enter:. Be careful when setting the permissions of directories, particularly your home directory; you don't want to lock yourself out by removing your own access.
Unless you give permission for other group members to edit or change a file, they cannot make modifications. The letter " d " instead of a " - " in the 2nd example indicates the entry is a directory. The first three positions after the " - " or " d " designate owner's permissions. The r indicates the owner can r ead the file.
The w indicates the owner can w rite to the file. The x indicates the owner can e x ecute the file. The second three positions designate permissions for the group. For example, -rwxr-xr-- represents that the group has read r and execute x permission, but no write permission. The last group of three characters represents the permissions for everyone else. For example, -rwxr-xr-- represents that there is read r only permission. The permissions of a file are the first line of defense in the security of a Unix system.
Directory access modes are listed and organized in the same manner as any other file. Access to a directory means that the user can read the contents. The user can look at the filenames inside the directory. A user must have execute access to the bin directory in order to execute the ls or the cd command.
To change the file or the directory permissions, you use the chmod change mode command. There are two ways to use chmod — the symbolic mode and the absolute mode. The easiest way for a beginner to modify file or directory permissions is to use the symbolic mode.
0コメント