Brad Berg: New page: On Linux, there are three basic permissions that may be modified for a file: '''r''', '''w''', and '''x''', which stand for '''r'''ead, '''w'''rite, and e'''x'''ecute. For a given file, t...

2010-05-04T17:59:24Z

New page: On Linux, there are three basic permissions that may be modified for a file: '''r''', '''w''', and '''x''', which stand for '''r'''ead, '''w'''rite, and e'''x'''ecute. For a given file, t...

New page

On Linux, there are three basic permissions that may be modified for a file: '''r''', '''w''', and '''x''', which stand for '''r'''ead, '''w'''rite, and e'''x'''ecute. For a given file, the permissions may be different for three different classes of users, '''u''', '''g''', and '''o''', which stand for the '''u'''ser who owns the file, other members of the owner's '''g'''roup, and '''o'''ther users. Therefore there are a total of nine permission bits on each file. Each three-bit '''rwx''' code may be represented in binary as a number between 0 and 7:

{| border=1 | align=center | cellpadding=3px
|-
! # !! r !! w !! x !! Permission
|-
! 0
| 0 || 0 || 0 || No access
|-
! 1
| 0 || 0 || 1 || Execute only
|-
! 2
| 0 || 1 || 0 || Write only
|-
! 3
| 0 || 1 || 1 || Write and execute
|-
! 4
| 1 || 0 || 0 || Read only
|-
! 5
| 1 || 0 || 1 || Read and execute
|-
! 6
| 1 || 1 || 0 || Read and write
|-
! 7
| 1 || 1 || 1 || Read, write, and execute
|}

The entire set of permissions for a file or directory may therefore be compactly represented by a three-digit octal number. For example, <tt>754</tt> means that the owner may read, write, and execute the file, other members of the owner's group may read and execute it, and all others may only read.

=== Default permissions for new files ===

When a new file is created, it starts off having permissions <tt>666</tt> (read and write allowed for all users). For directories, the execute permission means that the user can access the directory, and so the initial permissions on a new directory are <tt>777</tt> (read, write, and access allowed for all users).

These initial permissions are modified by what's called the "umask" or "file mode creation mask". This is a nine-bit binary mask that is XOR'd with the initial permissions. By default, the umask is <tt>022</tt>, and therefore a new file will come out with permissions <tt>644</tt> = <tt>666 ^ 022</tt> (read and write for the owner, read only for all others).

Every member of our research group is a member of the <tt>graphics</tt> group on the CS department network. In order to facilitate code sharing and collaboration, we need to make sure that read and write permissions are set not just for the owner of a file, but for all members of the <tt>graphics</tt> group, too. This is easily accopmlished by setting the umask to <tt>002</tt> instead: <tt>666</tt> ^ <tt>002 = 664</tt> (read and write for the owner and members of the owner's group, read only for all others).

The <tt>umask</tt> command either views or sets the current value of the umask. The config file <tt>~/.environment</tt> is run every time you open a shell, and the default one created by the CS department for new users sets the umask to <tt>022</tt>. To set the umask to <tt>002</tt> at the beginning of every shell session, just edit your <tt>~/.environment</tt> file. Look for the line
<pre width="30%">umask 022</pre>
and change it to
<pre width="30%">umask 002</pre>

To make your change take effect immediately, execute the following command in all your open shells:
<pre width="30%">source ~/.environment</pre>
If that gives you an error, try the following instead:
<pre width="30%">. ~/.environment</pre>
You can check that it worked by running <tt>umask</tt>; the result should be <tt>002</tt>. From now on, any files you create from the command line will be writeable by the group.

=== Commands you should know for dealing with permissions ===
Type <code>man <command></code> at the command line to get information about any of the following:
* <tt>umask</tt> --- view or set the umask
* <tt>chmod</tt> --- change the permissions for a file or directory
* <tt>chown</tt> --- change the owner of a file or directory (only allowed if you are the owner)

Understanding File Permissions - Revision history

Brad Berg: New page: On Linux, there are three basic permissions that may be modified for a file: '''r''', '''w''', and '''x''', which stand for '''r'''ead, '''w'''rite, and e'''x'''ecute. For a given file, t...