Unix edit file permissions

These permissions are categorized into three groups who have or do not have the permissions:. The three by three array above shows the basis for describing the set of nine permissions. Note that each permission has a numeric value associated with it:. If a permission is denied, then its value is always zero. In the example above, all permissions have been granted.

For each category of user owner, group member, or other these three permission values potentially add up to seven. If we deny one or more type of permission, then that value 4, 2, or 1 is subtracted from the value for that category of user.

These changes are shown in the array below:. The total value is now rather than Note that whatever combination of permissions we create, the numbers will always be a unique representation of that combination, as shown in the following chart:. Just as each column designates a specific combination of permissions, so the total value represents a specific combination of permissions associated with user types since the order is always given as: owner group other.

Thus, from any three digit total value, you can deduce each of the nine possible permissions. Remember that this total value is always given in the order: owner group others. When you wish to set the mode of a file set the permissions you use the UNIX command chmod at the system prompt. As you become familiar with the chmod command, try using the -v option for a verbose response as in the following example:.

This command designates that the file named myfile. The octal values have the following meaning:. In the above example, the umask for user elvis results in a file that is read-write for the user, with no other permissions. The chmod command specifies read-write-execute permissions for the user, and read-execute permissions for group and other.

Classes are formed by combining one or more of the following letters:. The modes specify which permissions are to be added to or removed from the specified classes.

There are three primary values which correspond to the basic permissions, and two less frequently-used values that are useful in specific circumstances:. Using the above definitions, the previous octal notation example can be done symbolically:. Every user on a Unix system is a member of one or more Unix groups, including their primary or default group.

Every file or directory on the system has an owner and an associated group. When a user creates a file, the file's associated group will be the user's default group. The user owner has the ability to change the associated group to any of the groups to which the user belongs. Unix groups can be defined that allow users to share data with other users who belong to the same group.

Group names are limited to eight characters. A user's default group is the same as their username. NERSC users usually belong to several other groups, including groups associated with specific research projects. Associated with this the repo is the Unix group "bigsci". The user elvis would then be a member of two file groups, elvis and bigsci. Because a NERSC user can be a member of more than one research project, such a user would be a member of more than one repo-associated Unix groups.

Continuing with the example above, if user elvis wants to collaborate with another user "jimi", but does not want other members of bigsci to be able to see the data, the PI for Big Science could create a new group for example, "ejdata", for elvis and jimi's data. All the permissions mentioned above are also assigned based on the Owner and the Groups. The value of the user can be either the name of a user on the system or the user id uid of a user on the system.

The chgrp command changes the group ownership of a file. The value of group can be the name of a group on the system or the group ID GID of a group on the system. Often when a command is executed, it will have to be executed with special privileges in order to accomplish its task. As a regular user, you do not have read or write access to this file for security reasons, but when you change your password, you need to have the write permission to this file. When you execute a program that has the SUID bit enabled, you inherit the permissions of that program's owner.

Programs that do not have the SUID bit set are run with the permissions of the user who started the program. This is the case with SGID as well. Normally, programs execute with your group permissions, but instead your group will be changed just for this program to the group owner of the program.

Shows that the SUID bit is set and that the command is owned by the root. A capital letter S in the execute position instead of a lowercase s indicates that the execute bit is not set. Eduonix Learning Solutions. Frahaan Hussain. Pradeep D.