Have you ever entered “ls –l” into a UNIX command line and seen something like this?
|–rwxrwxrwx||1||bob||Group1||27||Jan 3 09:20||awk_script|
|drwxr–r–||347||john||Group1||347||Jul 23 14:41||data|
|lrwx——||995||mike||Group1||995||Nov 28 00:41||nunyabiz|
Do you wonder what the “drwxr–r– “ means or why you can’t edit, open, or even read some files or directories? Well, fear not. I’m here to walk you through this maze of characters so you don’t panic like I did the first time I was confronted with these symbols.
Determining the type of file or directory
Let’s use the above example for this exercise. Starting with the first column (the one that has “–rwxrwxrwx” in it), we read from left to right.
The first character, in this case “–“, tells the type of file or directory.
|b||Block special file|
|c||Character special file|
|m||File migrated (possibly to a supercomputer or designated workstation)|
To keep from confusing your files and directories, always name your directories in ALL CAPS.
Reading, writing, and executing
The next nine characters (rwxrwxrwx) reveal the file or directory’s permissions. The permissions are divided into three sets of three—one set for each of the three UNIX permission types: owner, group, and others. The permissions read, write, and execute correspond to the letters r, w, and x in the following way:
If a “–” is in the place of the r, w, or x, that permission is denied. For example, “rw-“ in the first set of three characters means that the owner can read and write to the file but cannot execute the file; “r-x” means the owner can read and execute the file but cannot write to it. The following three characters mean the same except they apply to the “group,” while the last three characters apply to “others.”
Links, owner, size, date, and filename
Column two shows the number of files symbolically linked to the listed item. (For example, “nunyabiz” has 995 links to it.) If the displayed item is not a file but a directory, this column shows how many subdirectories the listed directory contains (you can see that the directory “data” has 347 subdirectories including itself). Column three displays the file or directory’s owner denoted by your login ID (mike, bob, etc.). Column four lists the entry’s group. Column five shows the size of the file or directory in bytes. Column six consists of the date and time the file or directory was modified or created. Finally, column seven shows the file or directory name listed in alphabetical order.
Using what you’ve just learned
You should now be able to accurately read the information from the “awk_script” listing in the first paragraph. You can see that it is an ordinary file with the following permissions:
|r||Owner can read the file|
|w||Owner can write to the file|
|x||Owner can execute the file|
|r||Group can read the file|
|w||Group can write to the file|
|x||Group can execute the file|
|r||Others can read the file|
|w||Others can write to the file|
|x||Others can execute the file|
Now, look at the listing for “data” (drwxr–r–). This is a (d) directory where the owner can (rwx) read, write, and execute the directory. The group and others can only (r–) read the directory without the ability to write or execute (–). Finally, look at the “nunyabiz” listing. It is a symbolic link (denoted by the “l”) that only the owner can (rwx) read, write, or execute. No one else has any permissions, as shown by the (——).
Changing permissions using “chmod”
Now all of this information is useless to you unless you know how to change it for your particular purpose. The command to address this issue is “chmod”. There is more than one way to change permissions, but I prefer the OCTAL code method. This method can be memorized easily using the following table. Each permission (nine total) is given a numeric value as shown in Table A.
I remember these numbers by remembering that the owner is the most important person to have permissions, followed next by the owner’s group, and finally others have the least importance with respect to my files. Hence, the most important gets the largest numbers in the hundreds position (400, 200, 100), group gets the next highest in the tens position (40, 20, 10), and finally others have the smallest values in the ones position (4, 2, 1).
To differentiate between read, write, and execute, I just remember it’s most important to be able to read the file; therefore, that yields the largest number in the group (400, 40, 4). Next in importance is to be able to write to the file, so this permission gets the middle value available (200, 20, 2). Finally, executing the file is of least importance; this number is the smallest in the group (100, 10, 1).
Now all you have to do is think of what permissions you want, add the values associated with the permissions, and type chmod followed by the total and file or directory name. The following command grants all permissions to the file, file123:
chmod 777 file123
Here are some example permission strings and the total values associated with them. Remember: owner, group, and others.
|rw–rw–rw–||666 (400 + 200 + 40 + 20 + 4 + 2 = 666)|
|rwxr–r–||744 (400 + 200 + 100 + 40 + 4 = 744)|
|rwxr–xr–x||755 (400 + 200 + 100 + 40 + 10 + 4 + 1 = 755)|
I understand this may appear complex at first, but I am confident that if you read this carefully, you will catch on quickly and remember how to set the permissions on your files and directories.
Now it’s your turn to grade us. What do you think of Mike’s explanation of the UNIX file and directory permissions? Will the information be useful for you? Post a comment or e-mail Mike Hayes and let us know what you think.