Introduction
Account Policies
Problem Solving
Instructor Help
General help by subject
Hypertext and the web
Remote access
Contact NWE Help
Main help page
NWE Help: Others: Shell: Files: chmod
NWE Home :: Help :: Others :: Shell :: Files
The cryptic looking string at the far left of a long directory listing are actually quite important, and chmod is there to help you manage them.
|
Note: If you don't understand the basics of permissions, please read our page for changing permissions with the file manager before continuing with chmod. Using chmod improperly can be dangerous! |
Under Unix, every file or directory has three sets of attributes known as permissions. Chmod can apply changes to either of these three sets, or all of them:
| set (and abbreviation) | class |
|---|---|
| user (u) | the user who owns the file or directory -- also known as the owner |
| group (g) | a group of users (defined by the system administrators) |
| others (o) | all the other users on the system (everyone not in the file or directory's group) |
| all (a) | the user, group, and others combined |
Using the chmod command, the owner of a given file or directory can set three types of permissions for each class of user. These types are often called bits because they are either on or off. Permission bits have slightly different meanins for files and directories:
| type (and abbreviation) | for files | for directories |
|---|---|---|
| read (r) | Allows file to be read, viewed, and copied | Allows directory contents to be listed, and files in the directory to be copied |
| write (w) | Allows file to be modified | Allows new files to be created in the directory |
| execute (x) | If file is a program, allows that program to be executed | Allows contents of directory to be accessed |
Here is the entire left side of the directory listing for a sample directory, dissected to illustrate the various permissions and classes of users. (You get this sort of list by typing ls -l.)
This graphic is color coded. Data that is not relevant to permissions is grayed out.
+--- the first slot displays special information | "-" if the item is a file | "d" if the item is a directory | "l" if the item is a link | | +--- these three slots show the permissions for | | the users in the item's group | | | | +--- the item's group v vvv v -rw------- 1 mjm spinners 46580 Feb 10 18:18 nwefixthis -rw-r--r-- 1 dilger spinners 483648 Feb 12 12:25 pcyc.tar drwxr-xr-x 16 dilger instr 1024 Feb 09 20:22 perl/ ^^^ ^^^ ^ ^ | | +---- the user who owns +--- the item | | the item name | | | +----- these three slots show the permissons | for other users | +--- these three slots show the permissions for the user |
Most times you use chmod you will want to specify the permissions for all three classes of users: u for user (yourself), g for group, o for other users), or a for all users.
The basic command line is constructed in this fashion:
chmod [u g o and/or a][+ - or =][r w and/or x] itemname
Here are some examples and explanations of what they do:
| example command | explanation | example of use |
|---|---|---|
| chmod u=rw,g=r,o=r index.html | Make the file archive.html read and write for yourself, and read only for other users. | Most Web pages. |
| chmod u=rw,g=,o= mygrades.sdw | Make the file mygrades.sdw read and write for yourself only. | Any file which needs to be private. |
| chmod u=rw,g=rw,o=r shared.html | Make the file shared.html readable and writeable for you and your group, but read only for others. | A file which others in your class (or other group) should edit, like a group assignment. |
| chmod a=r archive.html | Make the file archive.html read-only for all users, including yourself. | Files you don't want to edit or delete. |
| chmod u=rwx,g=x,o=x mydir/ | Set the directory mydir so you can list its contents, create new files in it, and access files in it. Users in your group, and all other users, can access files in mydir/ but can't read its directory listing or make new files there. | Most of your directories. |
| chmod u=rwx,g=,o= grades/ | Set the directory grades so you can list its contents, create new files in it, and access files in it. No other permissions are granted. | Any directory which needs to be private. |
| chmod u=rwx,g=rx,o=rx texts/ | Set the directory texts so you can list its contents, create new files in it, and access files in it. Allow group and other users to read the directory listing and access files in the directory | Any directory which contains shareable files. |
Using the chmod command with plus or minus (+/-) will add or remove permissions for one class without affecting others. For example, if you type chmod g+w index.html group write permission is added to whatever permissions already exist. However, it's easier to just specify the permissions for each class of users.
Note that the only way that any user other than the file's owner can write to a file is if the permissions are set correctly. For collaborative work, that means that the file must be group-writeable, which is why it is imperative that collaborating students issue the following command for every file they create:
chmod g+w filename
Ask our system administrators for a quick permissions audit if you're unsure that you're doing it correctly. They can also set up groups for you which enable student, teacher, and other sorts of collaboration with the appropriate level of access.
Finally, there are numeric ways of dealing with permissions, and other useful things like sticky bit that we have not covered here. The chmod man page can help you learn about those items.