208-212.html

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<HTML>
<HEAD>
<TITLE>Linux Configuration and Installation:Basic Linux Tools</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->


<!--ISBN=1558285660//-->
<!--TITLE=Linux Configuration and Installation//-->
<!--AUTHOR=Patrick Volkerding//-->
<!--AUTHOR=Kevin Reichard//-->
<!--AUTHOR=Eric Foster//-->
<!--PUBLISHER=IDG Books Worldwide, Inc.//-->
<!--IMPRINT=M & T Books//-->
<!--CHAPTER=4//-->
<!--PAGES=208-212//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->

<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="206-208.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="212-215.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H4 ALIGN="LEFT"><A NAME="Heading12"></A><FONT COLOR="#000077">Changing Permissions</FONT></H4>
<P>The Linux command <B>chmod</B> changes file permissions. You may want to change permissions for some popular directories in order to avoid logging in as <B>root</B> to install or configure software.</P>
<BLOCKQUOTE>
<P><FONT SIZE="-1"><HR><B>NOTE:&nbsp;&nbsp;</B>Unless you have write permission for a file or directory, you can&#146;t change the permissions. Of course, this means that you need to be logged in as <B>root</B> in order to change permissions.<HR></FONT>
</BLOCKQUOTE>
<P>Permissions can be changed in <I>numeric</I> or <I>symbolic</I> form. Neither method is what could be called intuitive, so we&#146;ll spend some time explaining each of them.</P>
<P><FONT SIZE="+1"><B>The Numeric Method</B></FONT></P>
<P>The numeric method uses numbers to track permissions. Like the permissions listings earlier in this section, the numeric method divides permissions into threes, albeit in a different manner.
</P>
<P>The numeric method forces you to add three different sets of numbers in determining who has which permissions. The actual types of permissions (owner, group, world) haven&#146;t changed&#151;only the method of listing them.</P>
<P>You&#146;ll use <I>modes</I> to track permissions, as seen in Table 4.3.</P>
<CENTER>
<TABLE WIDTH="95%"><CAPTION><B>Table 4.3</B> Modes and Their Meanings
<TR>
<TH WIDTH="30%" ALIGN="LEFT">Mode
<TH WIDTH="70%" ALIGN="LEFT">Meaning
<TR>
<TH COLSPAN="2"><HR>
<TR>
<TD>400
<TD>Owner has read permission.
<TR>
<TD>200
<TD>Owner has write permission.
<TR>
<TD>100
<TD>Owner has execute permission.
<TR>
<TD>040
<TD>Group has read permission.
<TR>
<TD>020
<TD>Group has write permission.
<TR>
<TD>010
<TD>Group has execute permission.
<TR>
<TD>004
<TD>World has read permission.
<TR>
<TD>002
<TD>World has write permission.
<TR>
<TD>001
<TD>World has execute permission.
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
</CENTER>
<P>You must now translate these numbers into the numeric form by adding them together. For example, using the following directory listing:
</P>
<!-- CODE SNIP //-->
<PRE>
     -rwx&#151;x&#151;x  1 kevinr  group1     854 Apr  2 19:12 test
</PRE>
<!-- END CODE SNIP //-->
<P>we arrive at a numeric permission of 711:
</P>
<CENTER>
<TABLE WIDTH="60%"><TR>
<TD WIDTH="10%">400
<TD WIDTH="50%">Owner has read permission.
<TR>
<TD>200
<TD>Owner has write permission.
<TR>
<TD>100
<TD>Owner has execute permission.
<TR>
<TD>010
<TD>Group has execute permission.
<TR>
<TD>001
<TD>World has execute permission.
<TR>
<TD>&#151;&#151;
<TD>
<TR>
<TD>711
</TABLE>
</CENTER>
<P>A file or directory that&#146;s totally open to the world would have a permission of 777; a file or directory inaccessible to anyone would have a permission of 000.
</P>
<P>Changing the permissions entails combining the desired permissions with the <B>chmod</B> command. For example, to change the file permissions of the <B>test</B> command to make it totally accessible to all users, you&#146;d use the following command line:</P>
<!-- CODE SNIP //-->
<PRE>
     gilbert:/$ chmod 777 test
</PRE>
<!-- END CODE SNIP //-->
<P>To change the permissions so that only the owner of the file has the ability to totally access the file and at the same time permission is denied to every other user, you&#146;d use the following command line:
</P>
<!-- CODE SNIP //-->
<PRE>
     gilbert:/$ chmod 700 test
</PRE>
<!-- END CODE SNIP //-->
<P>To change the permissions so that the owner of the file has the ability to totally access the file, but other users and the group have the ability to read and execute (but not change) the file, you&#146;d use the following command line:
</P>
<!-- CODE SNIP //-->
<PRE>
     gilbert:/$ chmod 744 test
</PRE>
<!-- END CODE SNIP //-->
<P><FONT SIZE="+1"><B>The Symbolic Method</B></FONT></P>
<P>When using the numeric method, you don&#146;t need to know the existing permissions of the file, which means that you need enter only the desired permissions. The other main method of setting permissions, called the <I>symbolic</I> method, requires that you know the existing permissions, as you&#146;re setting new permissions relative to the existing permissions.</P>
<P>The symbolic method eschews numerals and uses letters instead. And it&#146;s very precise in adding or subtracting permissions relative to existing permissions. For example, the following command line gives execute permissions to the world (all users):</P>
<!-- CODE SNIP //-->
<PRE>
     gilbert:/$ chmod o&#43;x data
</PRE>
<!-- END CODE SNIP //-->
<P>Here, <I>o</I> refers to &#147;others&#148; (in <B>chmod</B> parlance, the world), <I>x</I> refers to execute permission, and the plus sign (<I>&#43;</I>) adds the execute permission to others. If a minus sign (<I>-</I>) were used, this command line would remove execute permission from others.</P>
<P>The symbolic method uses some quirky language, as you&#146;ve already seen with the reference to others. The owner of the file is referred to as the user, and setting permissions for the owner means using <I>u</I>:</P>
<!-- CODE SNIP //-->
<PRE>
     gilbert:/$ chmod u&#43;x data
</PRE>
<!-- END CODE SNIP //-->
<P>Setting the permission for the group is a matter of using <I>g</I>:</P>
<!-- CODE SNIP //-->
<PRE>
     gilbert:/$ chmod g&#43;x data
</PRE>
<!-- END CODE SNIP //-->
<P>These statements, of course, would be meaningless if the users already had the ability to execute the file.
</P>
<P>Table 4.4 lists the various symbols used with the <B>chmod</B> command.</P>
<CENTER>
<TABLE WIDTH="95%"><CAPTION><B>Table 4.4</B> Symbols Used with the Symbolic Method
<TR>
<TH WIDTH="30%" ALIGN="LEFT">Symbol
<TH WIDTH="70%" ALIGN="LEFT">Meaning
<TR>
<TH COLSPAN="2"><HR>
<TR>
<TD>u
<TD>User (owner of the file).
<TR>
<TD>g
<TD>Group.
<TR>
<TD>o
<TD>Other (the world).
<TR>
<TD>a
<TD>Everyone (the owner, the group, and the world).
<TR>
<TD>&#43;
<TD>Adds permission.
<TR>
<TD>-
<TD>Removes permission.
<TR>
<TD>r
<TD>Read permission.
<TR>
<TD>w
<TD>Write permission.
<TR>
<TD>x
<TD>Execute permission.
<TR>
<TD>t
<TD>Sets the &#147;sticky bit&#148; on a directory.
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
</CENTER>
<BLOCKQUOTE>
<P><FONT SIZE="-1"><HR><B>NOTE:&nbsp;&nbsp;</B>If you create your own shell scripts or use the Perl language, you&#146;ll need to set permissions to make your scripts usable.<HR></FONT>
</BLOCKQUOTE>
<P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="206-208.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="212-215.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>


</td>
</tr>
</table>
<!-- begin footer information -->



</body></html>