ls command, you
may see lines similar to the following:-rw-r--r-- 1 root root 5360 Jul 26 17:31 somefile01.txt -rw------- 1 root root 1704 Jul 26 17:31 another002.pdf
What do the first ten chracters in each line mean? In the line
-rw-r--r-- 1 root root, the first dash character indicates the
file has no special permissions on it. If the entry was a directory rather
than a file you would see a d instead of a dash. E.g.:
# ls -ld /var/www/html drwxr-xr-x. 2 joe www-data 23 Mar 12 11:08 /var/www/html
The next 3 characters "rw-" on the first example indicate that the owner of the file can read and write to the file, but the file is not executable, i.e., it is not a program that you could run. If it was also executable, you would see "rwx" rather than "rw-".
The next 3 characters, "r--" indicate that any other accounts in the
group for
this file, which is "root", only have read access; since there
are dashes where the "w" and "x" could appear, that indicates those
permissions aren't granted to the file for the group. Each group has
a unique group
identifier that is found in /etc/group.
The following "r--" indicates that "others", i.e., accounts that
aren't the owner and which aren't in the group that has access to this
file have only read access. When you see "root root", The first "root"
is the account that owns the file. The second "root" shows the group that
applies to the file. The group doesn't necessarily have to be the same as
the owner; they could be different. E.g., there could be a group named
"test" that has root and the account jdoe in it. But in this case,
the root account is likely the only account in the root group. You
can see the groups on the system by issuing the command cat
/etc/group You could set the permissions for another002.pdf to be
the same as somefile01.txt with chmod 644 another002.pdf
or chmod g+r,o+r another002.pdf. In the latter example you
are adding read access for the group and read access for others, i.e.,
all accounts on the system.
For references, see
Understanding Linux File Permissions and
Linux
Tutorial - 8. Permissions, which will explain why chmod 644
another002.pdf also works. But, basically you can think of the
3 positions in each grouping having a numeric value of 4 for the first
position, 2 for the second position and 1 for the third position. So, if
the permission is "rw-", you would have a total of 6. If it is "r--" you
have a value of 4. If it was "rwx", you would have a total of 7. Those
numbers apply to each grouping. So using 644 means that you have 6 for
the owner (rw-), 4 for the group (r--) and 4 for all other accounts
on the system (r--). But you can always use the chmod g+r,o+r
another002.pdf format and not worry about how to set permissions
numerically. For that format, using a plus sign adds the permission and
using a minus sign removes the permission.
If you have a program, such as a
Python script, which you wish to make
executable, i.e., be
able to run it from a shell prompt, you can add "execute" permissions to the
file. E.g., suppose I have a Python script named testing.py.
The file has the following lines in it:
#!/usr/bin/python print "hello world"
The file has the following default permissions:
$ ls -l testing.py -rw-rw-r--. 1 joe joe 39 Nov 1 12:02 testing.py
I can run the script using python testing.py, but, because
it isn't marked as executable, I can not run it by just typing
./testing.py at the command line interface (CLI) - the
./ prior to the file name tells the system that I want to
run a file in the current working directory.
$ python testing.py hello world $ ./testing.py -bash: ./testing.py: Permission denied
But I can run it by just typing ./testing.py, if I add
execute permissions to the file.
$ ls -l testing.py -rw-rw-r--. 1 jim jim 38 Nov 1 12:13 testing.py $ chmod u+x testing.py $ ./testing.py hello world $
If I wish to allow all accounts on the system to be able to run the script, I can use the command shown below:
$ chmod u+x,g+x,o+x testing.py $ ls -l testing.py -rwxrwxr-x. 1 joe joe 38 Nov 1 12:13 testing.py
Created: Sunday November 1, 2015