| Erik's linux page: Linux information for beginners and advanced users | ||
|---|---|---|
| Prev | Chapter 2. Some general words about Linux, mostly for new users. | Next |
Dealing with user rights in the filesystem.
Linux, like any advanced operating system, has a access control system for the file system. That means, not all users can do what they want with a specific file. Every file has a owner, a group owner, each with their respective right to do certain things on that file, and rights for the rest of the world. If you do a normal ls -l in some directory, you'll get something like this.
-rw-r--r-- 1 erik erik 444 Feb 14 22:24 Makefile -rw-r--r-- 1 erik erik 3507 Feb 14 17:44 erik.html |
The rights for this file.
-rw-r--r-- describes the rights the owner, group and everyone else has on this file. As you can see, there is 10 characters, the first one tells the type of the file, if it's a directory there is a 'd' instead of a '-', there is a few other types, but this is what you need to know right now. After the classifying character, there is three groups of characters, each of them with three characters in them. They describe the rights for the owner, the group and everyone, one character group for each of them. The basic rights are Read Write Execute. So, the string rwx says right to read, write and execute the file. If you have execution right on a directory, you may cd into it. Anyway, a string like the one in the example -rw-r--r-- means that the owner of this file has read and write rights, the group has only read and the so has the rest of the systems users. Of course, root can do whatever with the file too, since root is God in the UNIX world (Root really can do everything, like deleting your /bin directory, ask me, I know... ). The other fields in the listing says how many links to this file there are, who is the owner, what group it is in, the file size and date and the filename.
What is a group ?
Perhaps I should explain that too.. As you probably know, you have a username, and most of your rights depend on that username. Sometimes it's practical to have common rights for some users, per example 5 people developing the same program should have read/write permissions to the source code, but everybody else shouldn't. The sysadmin of the system may setup a special group for those programmers, and then they can happily share their files.
Changing the rights for a file...
So, now when you know what the cryptic fields mean, you'd probably like to change them, wouldn't you ? The magic command is chmod with the correct parameters given. There is two ways to tell chmod what rights you want for a particular file (or a bunch of files specified with a wildcard);
...The character way or...
If you prefer this way, you tell chmod what you want by combining characters, basically u, g, o and a is used, they tell chmod for whom you want to change rights, u for user, g for group, o for others and a for all. You combine that character with another character specifying what right to change, r, w and x most commonly used. r for read, w for write and x for execute. As an example, if you want to add execute rights for the user owning the file named file1 you execute chmod u+x file1. Removing the groups write rights on the same file would be chmod g-w file1. Really logical, isn't it? Make a dummy file and experiment, and read the man page man chmod.
...The numerical way
This is the way I use, since I've grown up with it ;). You tell chmod what you want by giving it numbers, one for each of user, group and others. You calculate the numbers by looking at the read, write and execute flags as binary bits. rwx would be a 7 if you look at an enabled r as a 4, an enabled w as a 2 and an enabled x as a 1. rw- is 6, since 4 (enabled r) + 2 (enabled w) + 0 (disabled x) = 6. You get it ? Not ? Use the character way :) Anyway, if you combine one number for the user, one for the group and one for others, you'll get three numbers. So, for rwxr-xr-x you'd do chmod 755. There's probably about a million better ways to describe this, but..