Agenda Access Permissions File / Directory Permissions Chmod

Home , Cut (Unix)

Agenda Access Permissions

The Linux File System (chapter 4 in text) £ Limiting unauthorized access to your

Setting Access Permissions directories and files is a very important

¡ concern for ALL Linux (Unix) users.

Directory vs File Permissions £

¡ chmod Utility Consequences of Unauthorized Access: ¤

¢ Symbolic Method Copying your assignments (cheating) ¤

¢ Absolute Method Using your account for illegal activity ¡ umask Utility ¤ Using your account to send obscene messages

¤ Tampering with files

chmod Command

File / Directory Permissions (Relative Method) £ The Linux (Unix) OS can allow the user to Used to change the access permissions specify read, write and execute permissions of a file or directory to the user, group or all others (UGO) for files. Format: £ A user can also specify read, write and execute permissions for a directory. The chmod [option] [who] [operation] [permission] file chmod [option] [permission] file−list execute permission for a directory allows the

person to view files in that directory ¢ who relates to user (u) , group (g) or all others (o) ¢ operation relates to adding (+), removing (−) or setting (=) permissions ¢ permissions are read (r), write (w) and execute (x) chmod Command chmod Command (Relative Method) (Absolute Method)

Examples: Note: you can You can use the chmod command with octal ¤ Add Permission use wildcard number to represent (in binary) a permission chmod g+rw file.name symbols (eg *) (1) or removal of a permission (0) for the file chmod o+x file.name to match or directory ¤ Remove Permission particular files chmod g−w file.name

This is referred to as an Absolute command, ¥

chmod a−w file.name (removes write for ugo) ¦

¤ Set Permission and many prefer this short−cut method to changing file / directory permissions chmod o=rx file.name

chmod go=rx filename

Relationship of a Binary to an Octal Number Binary to Octal Notice the Pattern: Relationship: § Largest 3 digit binary is 111 Octal Binary

§ 0 000 1 octal digit will represent a 3 digit Therefore: 1 001 binary number 2 01O0ctal number 755 is equal to: § Highest Octal digit is 7 3 0111 1 1 1 0 1 1 0 1 in binary 4 100 This can be related to the

§ 5 101 Therefore: 1112 = 78 permissions: 6 110 7 11r1 w x r − x r − x chmod − Example Practical Applications of

(Absolute Method) chmod Command £ Applying octal values of rwx use the absolute Pass−Through Permissions

chmod command: ¤ Pass−Through Permissions allow users to pass− through the home directories and other subdirectories until they reach a directory that chmod 777 filename − r w x r w x r w x provides read and execute permissions to read

chmod 755 filename − r w x r − x r − x files. (pass−through permissions drwx−−x−−x) ¤ chmod 711 filename − r w x − − x − − x To deny any access other than yourself, you can remove pass−through permissions of your home chmod 644 filename − r w − r − − r − − directory (drwx−−−−−−)

Practical Applications of

chmod Command Creating a Mask £ £ Linking & Sharing Files Are you tired of continually changing access

¤ Set up directory and file permissions to allow permissions for newly−created files or users to modify a file or set up permissions of file directories? to allow user to view, but not modify a file. £ The umask command automatically sets the

£ Webpages file permissions upon creation of the file. ¤ Allow or deny other access to files. For example, £ This process is useful, since user may

use chmod command to allow group & others read © ¨ sometimes forget to change the permissions and execute permissions to pass−through your directories. of newly−created files or when they transfer files via the FTP application umask Command Setting Directory Mask

Used to automatically establish file To change directory mask: permission upon creation ¤ Determine octal number that would set directory permission

¤ Subtract octal number 777 from octal number Format: determined above to get result ¤ issue the command : umask [mask] umask [octal number] where mask represents a 3−digit octal number

regarding UGO and permissions to be assigned.

¨ © ¤ Note: The rules vary between setting file masks Note: should also be able to use relative method and directory masks with umask command − may be easier

Setting Directory Mask Setting File Mask

Example: To change directory mask:

To set mask for newly−created directories Determine binary number that would set to: directory permission r w x r − − r − − Subtract above binary number from Determine octal number 110110110 and convert result to octal

1 1 1 1 0 0 1 0 0 = 744 number to determine umask value

Subtract 777 from 744 = 033 issue the command : Issue command umask 033 umask [octal number] Issue command umask to verify change Setting File Mask − Example1 Setting File Mask − Example2

Example: Example: ¤ ¤ To set mask for newly−created files to: To set mask for newly−created files to:

r w − r − − r − − r w x r − − r − − ¤ ¤ Convert to binary Convert to binary

110100100 111100100 ¤ ¤ Subtract above from 110110110 Subtract above from 110110110 110110110 110110110 − 110100100 − 111100100 Cannot subtract 1 from 0

= 000010010 (which is 022) = 000010010 (which is 022 octal) ¤ ¤ issue umask 022 (enter umask to verify) issue umask 022 (enter umask to verify)