-
PermissionsDevOps/CommandLine 2020. 1. 13. 10:28
1. Overview
- chmod - modify file access rights
- su - temporarily become the superuser
- sudo - temporarily become the superuser
- chown - change file ownership
- chgrp - change a file's group ownership
2. Description
2.1 View permissions on a file
[me@linuxbox me]$ ls -l /bin/bash -rwxr-xr-x 1 root root 316848 Feb 27 2000 /bin/bash- The file "/bin/bash" is owned by user "root"
- The superuser has the right to read, write, and execute this file
- The file is owned by the group "root"
- Members of the group "root" can also read and execute this file
- Everybody else can read and execute this file
rwx rwx rwx = 111 111 111 rw- rw- rw- = 110 110 110 rwx --- --- = 111 000 000 and so on... rwx = 111 in binary = 7 rw- = 110 in binary = 6 r-x = 101 in binary = 5 r-- = 100 in binary = 4
2.2 chmod
The chmod command is used to change the permissions of a file or directory. To use it, you specify the desired permission settings and the file or files that you wish to modify. There are two ways to specify permissions which are octal notation method and symbolic notation method.
2.2.1 Symbolic notation method
options Definition u owner g group o other a all(same as ugo) x execute w write r read + add permission - remove permission = set permission chmod a-w file (removes all writing permissions) chmod o+x file (sets execute permissions for other (public permissions)) chmod u=rx file (Give the owner rx permissions, not w) chmod go-rwx file (Deny rwx permission for group, others) chmod g+w file (Give write permission to the group) chmod a+x file1 file2 (Give execute permission to everybody) chmod g+rx,o+x file (OK to combine like this with a comma) u = user that owns the file g = group that owns the file o = other (everyone else) a = all (everybody) r = read aces to the file w = write access x = execute (run) access2.2.2 Octal notation method
options Definition #-- owner -#- group --# other 1 execute 2 write 4 read 2.3 Directory Permissions
- r - Allows the contents of the directory to be listed if the x attribute is also set.
- w - Allows files within the directory to be created, deleted, or renamed if the x attribute is also set.
- x - Allows a directory to be entered (i.e. cd dir).
Value Meaning 777 (rwxrwxrwx) No restrictions on permissions. Anybody may list files, create new files in the directory and delete files in the directory. Generally not a good setting. 755 (rwxr-xr-x) The directory owner has full access. All others may list the directory, but cannot create files nor delete them. This setting is common for directories that you wish to share with other users. 700 (rwx------) The directory owner has full access. Nobody else has any rights. This setting is useful for directories that only the owner may use and must be kept private from others. 2.4 Switch to Superuser
[me@linuxbox me]$ su Password: [root@linuxbox me]#2.5 Employ Superuser privilege
[me@linuxbox me]$ sudo some_command Password: [me@linuxbox me]$3. Changing Ownership
3.1 Changing User Ownership
A file's owner can be changed using the chown command. For example, to change the foobar file's owner to tux:
user@host:/home/user$ sudo chown tux foobar3.2 Changing Group Ownership
To change the foobar file's group to penguins, you could use either chgrp or chown with special syntax:
user@host:/home/user$ sudo chgrp penguins foobar user@host:/home/user$ sudo chown :penguins foobar3.3 Changing User and Group Ownership
To change the foobar file's owner to tux and the group to penguins with a single command, the syntax would be:
user@host:/home/user$ sudo chown tux:penguins foobar4. Reference
https://en.wikipedia.org/wiki/Chmod
http://linuxcommand.org/lc3_lts0090.php
https://help.ubuntu.com/community/FilePermissions
https://askubuntu.com/questions/303593/how-can-i-chmod-777-all-subfolders-of-var-www
'DevOps > CommandLine' 카테고리의 다른 글
User Management (0) 2020.01.13