CS 497C – Introduction to UNIX Lecture 15: - File Attributes Chin-Chih Chang chang@cs.twsu.edu chmod: Changing File Permissions * The chmod (change mode) command sets a file’s permissions (read, write, and execute) for all three categories of users (owner, group, and others). command operation file chmod u+x note category permission * The command contains three components: - Category of user (owner (u), group (g), others (o), or all (a)) chmod: Changing File Permissions - Operation to be performed (add (+), remove (-), or assign (=) a permission) - Permission type (read, write, or execute) * To add the executable permission to a file for the user (u), use: $ chmod u+x small; ls –l small * To remove all permissions from this file for the user, you have to use: $ chmod u-rwx small; ls –l small * You can’t read, write, and execute this file. chmod: Changing File Permissions * This file is also write-protected. * To add the read permission to a file for all users and the write permission for the user, use: $ chmod a+r,u+w small; ls –l small * You can assign the permission with the = operator. * You can assign the read permission for all users in this way: chmod: Changing File Permissions $ chmod ugo=r small $ chmod a=r small $ chmod =r small * The short notation uses octal numbers. Each type of permissions is assigned a number as shown: - Read permission – 4 - Write permission – 2 - Execute permission – 1 chmod: Changing File Permissions * When one category has multiple permissions, the respective numbers are added. * For instance, if the owner has read and write permissions, the permissions for this category are represented by the number 6 (4+2). chmod: Changing File Permissions * When this exercise is repeated for the other categories, you have a three-character octal number following this sequence: user, group, and others. * It’s possible to apply the chmod command recursively to all files and subdirectories with the –R (recursive) option. Directory Permissions * Read permission for a directory means that ls can read the list of filenames stored in that directory. * Write permission for a directory implies that you are permitted to create or remove a filenames in it. * Execution privilege of a directory means that a user can pass through the directory in searching for subdirectories. umask: Default File Permissions * The default permissions are inherited by files and directories created by all users: rw-rw-rw- (octal 666) for regular files rwxrwxrwx (octal 777) for directories * However, these are not the permissions you see. This default is transformed by subtracting the user mask from it to remove one or more permissions. * This mask is evaluated by using umask: $ umask * umask: Default File Permissions $ umask 77 * This is an octal number, and subtracting this value from the file default yields 666 – 077 = 600. * This represents the default permissions (rw-------) when you create a file. * The default directory permissions are set (rwx------) when a directory is created. File Ownership * The third and fourth fields of the (ls –l) listing show a file’s owner and group owner. * By default, the owner of a file is its creator. * Consider this listing: -rw-rw-r-- 1 julie grader 20 Sep 27 23:40 project * Only julie can change the file’s attributes. File Ownership * If julie is the file creator, the default group of julie is assigned. * The system uses the numbers to understand the permissions. The UID (user-id) is stored in /etc/passwd. The GUID (group-id) is stored in both /etc/passwd and /etc/group. * Here’s a typical entry from /etc/passwd, often called the ‘password’ file: juliet:x:508:100:Juliet Andrews:/home/julie:/bin/csh File Ownership * This is a line of seven fields showing the username in the first field. juliet has 968 as the UID and 100 as the GUID. * The name of this group-id can be found in /etc/group: grader:*:125:juliet * The first column shows the group name and the third column has the numeric group-id (the GUID). File Ownership * The GUID shown in /etc/passwd is the primary group. /etc/group shows the usernames for secondary groups. * You can use the ls –n (numeric) command to display numbers instead of names. * Sometimes, you’ll see a set of numbers rather than the names of the owner and group owner in the ownership fields of the listing: File Ownership * The GUID shown in /etc/passwd is the primary group. /etc/group shows the usernames for secondary groups. * Problems of this sort are often encountered when files are transferred from another system. * If there’s file owned by juliet in romeo’s directory. This can happen for a number of reasons: File Ownership * The GUID shown in /etc/passwd is the primary group. /etc/group shows the usernames for secondary groups. * Problems of this sort are often encountered when files are transferred from another system. * If there’s file owned by juliet in romeo’s directory. This can happen for a number of reasons: File Ownership * The directory was world-writable so juliet created a file in this directory. * remeo copies a file from juliet’s dirctory with cp –p (preserve) – the command that preserve a file’s attributes. * The file was transferred from a different system when remeo has the same UID that juliet has in this machine. Chown and chgrp: Changing File Ownership * There are two commands meant to manipulate the ownership of a file or directory – chown and chgrp. * They can be used only by the owner of the file. Here’s the syntax for both: chown options new_user file(s) chgrp options new_group file(s) Chown and chgrp: Changing File Ownership * chown (change ownership) takes the new user’s user-id as argument followed by one or more files to change the file ownership. * The chgrp (change group) command changes the group owner of a file. * Both chown and chgrp also work with the –R option to perform their operations in a recursive manner. * The super user can change every file attribute.