William James Hall Computer Services

Changing File Permissions

When you create files, you're the only one who can read them or alter them in any way. Occasionally, though, you'll need to let other people access the files in your account. Doing this can seem a bit confusing at first, but given a little practice is really rather easy.

The first thing you need to know is how to tell what a file or folder's permissions are set to. To do that, try the following:

	wjh ~> ls -l
	drwx------  2 jharvard       512 Aug  6 12:02 Mail
	drwxr-x--x  2 jharvard       512 May 10  1996 News
	drwxr-xr-x  2 jharvard       512 Aug  6 12:20 WWW
	drwxrwx--x  2 jharvard       512 Jan 11  1997 bin
	-rw-------  1 jharvard       794 Aug  6 09:50 dead.letter
	drwxrwxr-x  2 jharvard       512 Jul 16 17:26 lib
	-rw-r--r--  1 jharvard     11847 Jul 11 15:50 ps
	-rw-rw----  1 jharvard       246 Jun 20 14:50 wjhpub
	wjh ~>

What this does is give you a listing of your directory (ls), in "long" mode (-l). The column at the far right is the name of all the files/folders, and at the far left are the permissions ("perms"). Notice that there are 10 slots for the perms, each of which is either a character or a dash. Each one of these slots means something:

The 'd' in the first slot means the item is a directory, or folder. This is the only place where a 'd' will appear. If it's a dash, the item is a file.
Now notice that of the other nine slots, many of them look similar. These are the actual permissions for the item.

The way permission settings work is that each item has three triplet of three slots. The first set of three refers to the User; the second refers to the user's Group; the third refers to everyone else, or Other.

		User		Group		Other
		rwx		 rwx		 rwx

Each set has a combination of letter -- if the letter 'r' appears in a set, then that set of people can read a file; 'w' means write, and 'x' stands for execute. A dash in a particular slot means that set cannot do that action. So if a listing for an item looks like this:

	drwxr-xr-x  2 jharvard       512 Aug  6 12:20 WWW

it means that a) the item is a directory; b) User has read, write, and execute permissions; c) Group and Other can read and execute WWW, but can't write to it.

That's how to tell what an item's permissions are. To change them, you need to use the chmod command, which works like this: You can either add or subtract privileges for a set of people to a particular file or folder. So if you wanted to give the outside world read-access (say, for a web page or something of that sort), you would type

	wjh ~> chmod o+r

What this means is that the Other group (o) gains (+) read access (r) to the file. You could also give them write access by substituting a 'w' for the 'r,' or remove read access by changing the + to a -, or give it to yourself by typing 'u' instead of 'o'. You can combine as many of these changes as you want, as long as they're in the same direction (+ or -); that is, you can type "chmod uo+rw " to give the User and Other groups both read and write access. As a shortcut, if you want to include everything, use 'a' -- "chmod a+r " give everyone read access, User, Group, and Other.

Some examples:

a+r -- give everyone read-access.
u+x -- let the user run the program (if the file is a program).
o+w -- let outsiders write to the file/directory.
go-r -- don't let anyone except the user read the item.
a-wx -- don't let anyone write to or execute the program.

Keep in mind that these commands only add or remove permissions -- adding one thing won't remove anything else.