To manage file permissions from the command line is pretty easy when you know the command necessary to execute your instructions. The command used to change permissions from the command line is the chmod command, which stands for “change mode.” The chmod command accepts sets of permissions to be assigned as instructions followed by the file or directory to set those permissions. The permissions can be issued symbolically or numerically. You are free to choose the method which is convenient for you.
They are also other options available while setting permissions on files and directories. The –R option will set recursive permissions to files in an entire directory tree. It can also be useful when setting permissions symbolically using the X flag. When X flag is appended to the chmod command, it gives execute permission to directories so that its content can be access without affecting the permissions of the files that reside in that directory.
This article will put you through on the different ways to set permissions and how to change file and directory ownership.
HOW TO USE SYMBOLIC METHOD TO CHANGE PERMISSIONS
The symbolic method of changing permission uses letters to represent the different categories of owners. u for users; g for group; o for others and a for all. After that, follows the mathematical symbol +, -, = (add, remove and set precisely to override the existing permissions). The permissions to set which is represented by r, w, x (read, write, and execute permission)
The syntax goes as ;
When using the symbolic method to change permissions, you do not need to set new permission on files or directories when a modification is required. You can use the mathematical operators to adjust your permissions. The + sign will add
permissions you specified to the file or directory; the – sign will subtract permissions from the file or directory while the = sign will replace the entire permissions to a new one specified.
The below command just added, removed, and set new permissions using the symbolic method of setting permissions.
HOW TO USE THE NUMERIC METHOD TO SET PERMISSIONS
When representing permissions with the numeric method, the permissions are represented by three digits, which stands as the access level: user, group, and others with the permissions as read=4, write=2, and execute=1. A single octal digit can represent numbers from 0-7. This octal digit represents the possibilities which the permissions will occur.
The syntax is as follows:
The possibilities occur in the following format starting from 0 which means no permission is set
Let me break down this logic to your understanding because I know it will be challenging to grab the concept behind this, but first, let me build up a possibility table for you to study. This will help you grab the explanation.
Ok, that’s the possibility of occurrence on the table, the basic understanding of this is to know the numbers that represent read, write and execute, forget how the system group them based on ownership. Knowing those number will help you determine the permissions to set on any file.
For instance, you need to set read and execute permission to a file. You can get the value for read and get the value for execute, add both numbers together and you will get your permission set
Also, know that when you set 0 to be the permission, it means you have set no permission for the user group and others, and it will be represented on the file information as “—.“
Remember that the first dash (-) sign you see on the set of permissions means permission information is for a file and not a directory. In the command above, the user set the read and execute permission for users, read and write permission for the group, write and execute permission for others.
The numeric method is more complicated compared to the symbolic method, but most advanced system administrators chose to use the numeric method over symbolic method since they are shorter to type and pronounce.
HOW TO CHANGE FILE/DIRECTORY OWNERSHIP
Every user belongs to a group by default when the user was created, and every file created by a user is owned by a group which is the primary group of the user. Ownership of files may need to be changed to grant access to that file.
To change ownership of a file, we use the chown command. chown command can also be used with the –R option to grant access to the entire files in the
directory tree recursively
It can also be used to change group ownership by preceding the name of the group
with a colon and as well change both the owner and group at the same time.
The below command demonstrates how file ownership and group ownerships are
changed
The first command changed the file owner to the specified name. The second command recursively changed the owner of the entire directory tree. The third command changes the group ownership, and the fouth changed both the group and the owner of the directory.
TIPS
The chgrp command can also be used to change file and directory ownership
You can send cat /etc/group on the command line to view the group you belong to. It contains all the groups in the system
You can send the command groups on the command line to see the group you belong to. You can also send group username to view the group of another user
One group cannot belong to another group, and two groups can’t own a file, but multiple users can own a file
Using the X flag with the –R recursive option will add execute permission only if the file is a directory or already has an execute permission set for the user, group or others
REFERENCES
RedHat System Administration I Course
Chown man page
Chmod man page