The chmod command is used to change the access permission of a file or directory in the Linux system. Use it to control access to files or directories. This command can be used in two ways. One is a literal setting method that contains letters and operator expressions. The other is the number setting method with numbers.
Every file and directory in Linux has access permissions that determine who can access and manipulate files and directories and how.
The access permission for a file or directory is read-only, write only, and executable. Take a file as an example, the read-only permission means that only the contents of the file can be read, but no modification is allowed. Executable permission allows the file to be executed as a program. When a file is created, the file owner automatically has the read, write, and execute permissions on the file for easy reading and modification. Users can also set access to any combination they want as needed.
There are three different types of users who can access files or directories: file owners, group users, and other users. The owner is typically the creator of the file. The owner can grant the same group of users access to the file, and can grant access to the file to other users in the system. In this case, every user on the system can access files or directories owned by that user.
Each file or directory has three groups of access permissions. Each group is the read, write, and execute permissions of the file owner. Read, write, and execute permissions of users in the same group as the owner; Read, write, and execute permissions of other users in the system. When the ls -l command is used to display details about a file or directory, the leftmost column is the access permission for the file.
The command format
> chmod [-cfvR] [--help] [--version] mode file...
Copy the codeThe mode parameter
[ugoa…] [[+-=][rwxX]…] [,…]. Or digital permission 777,755
uIndicates the owner of the file,gRepresents belonging to the same group as the owner of the file,oFor someone else, a means all three.+Indicates adding permission.-Cancel the permission.=Indicates the unique setting permission.rMeans readable,wStands for writable,xMeans executable,XIndicates only if the file is a subdirectory or the file has been set to be executable.
Commonly used parameters
- -c: The file action is displayed only if the file permission has been changed
- -f: Do not display error messages if the file permission cannot be changed
- -v: displays detailed information about permission changes
- -r: Perform the same permission change for all files and subdirectories in the current directory (that is, change them one by one recursively)
- –help: Displays auxiliary instructions
- –version: Displays the version
Symbolic patterns
Chmod who operator Permission file For example, run the chmod u+x rumenz.txt command
Who (User type)
| who | The user types | instructions |
|---|---|---|
| u | user | File owner |
| g | group | Group to which the file owner belongs |
| o | others | All other users |
| a | all | Used user, equivalent to UGO |
Operator (symbol schema table)
| Operator | instructions |
|---|---|
| + | Adds permissions to the specified user type |
| – | Removes permissions for the specified user type |
| = | Set the Settings of the specified user permissions, that is, reset all permissions of the user type |
Permission (permission)
| model | The name | instructions |
|---|---|---|
| r | read | Set it to read permission |
| w | write | Set it to write permission |
| x | Execute permissions | Set the permission to executable |
| X | Special execution permission | File permissions are set to executable only if the file is a directory file or if other types of users have executable permissions |
| s | setuid/gid | When a file is executed, the setuid or setgid permission of the file is set according to the user type specified by the who parameter |
| t | Sticky bit | Set the paste bit. Only the superuser can set this bit and only the file owner U can use this bit |
Numeric permissions (octal)
The chmod command can specify permissions using octal numbers. The permission bits of a file or directory are controlled by nine permission bits, which are read, write, and execute bits for the file owner (User), read, write, and execute bits for the User Group (Group), and read, write, and execute bits for Other users (Other). Historically, file permissions were placed in a bitmask with the specified bit set to 1 to indicate that a class had a corresponding priority.
| # | permissions | rwx | binary |
|---|---|---|---|
| 7 | Read + write + execute | rwx | 111 |
| 6 | Read + write | rw- | 110 |
| 5 | Read + execution | r-x | 101 |
| 4 | read-only | r– | 100 |
| 3 | Write + execution | -wx | 011 |
| 2 | Just write | -w- | 010 |
| 1 | Only perform | –x | 001 |
| 0 | There is no | — | 000 |
Common digital permissions
- 400-r ——– The owner can read and no one else can do anything;
- 644-RW-r –r– All owners can read, but only the owner can edit;
- 660-rw-rw —- Both the owner and group users can read and write, and other users cannot perform any operations.
- 664-RW-rw-r — readable by all, but editable only by owner and group users;
- 700-rwx —— The owner can read, write, and execute, and other users cannot do anything;
- 744-rwxr –r– all can read, but only the owner can edit and execute;
- 755-rwxr-xr-x All can read and execute, but only the owner can edit;
- 777 – RWXRWXRWX Anyone can read, write, and execute (this setting is usually not a good idea).
Chmod instance
| The command | instructions |
|---|---|
| chmod a+r file | Grant read permission to all users of file |
| chmod a-x file | Delete the execute permission of all users of file |
| chmod a+rw file | Grant read and write permission to all users of file |
| chmod +rwx file | Grant read/write execute permission to all users of file |
| chmod u=rw,go= file | Set read and write permissions on the owner of the file, and clear all permissions of the user group and other users on the file (space indicates no permissions) |
| chmod -R u+r,go-r docs | Add read permissions to users for the directory docs and all files in its subdirectory hierarchy, and remove read permissions for user groups and other users |
| chmod 664 file | Set read and write permissions for file owners and user groups, and set read permissions for other users |
| chmod 0755 file | That’s the same thing as u= RWX (4+2+1),go=rx(4+1&4+1). 0 has no special mode. |
| chmod 4755 file | Rx (4+1&4+1); rx(4+1&4+1); |
| find path/ -type d -exec chmod a-x {} \; | Delete executable permission for all users of path/ and all its directories (excluding files), using ‘-type f’ to match files |
| find path/ -type d -exec chmod a+x {} \; | Allows all users to browse through or through the directory path/ |
Original link :rumenz.com/rumenbiji/l… Wechat official account: entry station