Working with files and directories

Changing file permissions

To change the permissions on a file, use the chmod(C) (change mode) command, which has two formats, ``symbolic'' and ``absolute'', as follows:

chmod who operator permission filename
chmod mode filename

Using the first, symbolic, format, the who field is one or more of the following characters:

a: all users; change all three sets of permissions at once
u: user; change the user, or owner, permissions
g: group; change the group members' permissions
o: others; change the other users' permissions

The operator field is one of the following symbols:

+: add a new permission
-: remove a new permission
=: set permissions while clearing (removing) all other permissions

The following sample usages of chmod show a number of symbolic permissions being set:

$ chmod g+w memo: adds write permission for group members on the file memo.
$ chmod o-wx memo: removes write and execute permission for others (users other than the owner or those in the file's group).
$ chmod o= memo: clears (removes) all permissions for other (setting a NULL permission clears any existing value).
$ chmod u=rx memo: sets read and execute for user, clearing (removing) write permission (which is not specified in the ``='' command.)
$ chmod a+w memo: adds write permission to the existing permissions for all categories of user.

You can also change permissions using their absolute numeric values, by giving a three-digit octal number to specify the permissions. This method is harder to use but less verbose.

Using octal numbers to set permissions

Permissions Octal number

--- 0

--x 1

-w- 2

-wx 3

r-- 4

r-x 5

rw- 6

rwx 7

Permission to execute a file is represented by a value of 1. Permission to write a file is represented by a value of 2. Permission to read a file is represented by a value of 4. These values are added together to produce the combinations in the table above.

Permissions	Octal number
---	0
--x	1
-w-	2
-wx	3
r--	4
r-x	5
rw-	6
rwx	7

Three octal numbers (numbers in the range 0 to 7) are used to represent the owner, group and other permissions respectively. Thus, by adding the permissions for a given category of user, you produce a digit; and by specifying three digits (one for each set of users) you can specify all the permissions on a file, as follows:

   $ l myfile
   -rw-r--r--   1 johnd techpubs    5061 Feb 10 15:01 myfile
   $ chmod 640 myfile
   $ l myfile
   -rw-r-----   1 johnd techpubs    5061 Feb 10 15:01 myfile

myfile originally possessed permissions 644. The ``6'' gives read and write permissions (2 plus 4) to users in the specified group, while the ``4'' gives read permissions only. ``0'' gives no permissions at all. The effect of executing chmod 640 on this file was to deny all permissions to users of group ``other''.

Next topic: Setting the default permissions for a new file
Previous topic: Access control for files and directories

© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005