- [Voiceover] Let's take a look at file permissions. When we use a dash l with the ls command, if we look on the left-hand side, we see letters like r, w, and x, and there's three groups of those and those are giving file permissions to those files. Let's take a closer look at that. We have three groups of three. The first group of three is for the user, second group of three is for group, and other is for anyone who's not the user and not in the group and, for each of those three, we can provide permissions for reading, writing, and executing.
So, if we turn on the write bit for the group, then the group will be able to write to that file. If we turn on the read bit for other, then people who are not the user or in the group will still be able to read the file. And execute is for things like shell scripts that'll allow the file to be executed. There's numbers below and they're not as tricky as you might think they are. There's a pattern to it. If we look at other, we see one, two, and four.
What this allows us to do is some simple math, so if we have execute and it has the value of one and we have write and it has the value of two, if we want to mark something both write and executable, then we can simply combine them, two plus one to get three, and we can simply use the number three to mean write and execute. If we move over to the left to the group, we're going to do the same thing, except we're gonna be in the tens, and, if we move one more to the left, we'll be in the hundreds.
So, if we combine all of this together, we can give a three digit number to provide the permissions. Let's go back and try that. Back here at the command line, let's go ahead and create a file to work with, so I'm going to echo sleep five to myfile.shell and, if we do a directory listing, we can see that it's read and write for the owner, read only for the group, and read only for other.
If we skip one column and move over to the next two, we see root and root. The first one is the user, the next column is the group. So, let's say we wanna make this file owned by a different user, we would use chown to user, since that's our username, for myfile. Now you can see the user has been changed. Now we wanna be able to execute that, so let's clear our screen and let's take a look at just our file.
What I'd like to do is make it executable by the user, so I change the mode, I want the user to have execution rights on myfile. Now if we look at that again, compare the two, we can see that we've added the x. If I wanna take away reading permission for other, I say for other, remove read permission and now let's compare again and we can see that the read permission has been removed.
Besides changing the user, you can also change the group and if we look at the file now, you can see that the user group has been changed. Let's put it back to root and let's use a shortcut. If you say chown but you use a colon, you can change both owner and the group at the same time. And let's talk about the math we did before.
We had four for read, two for write, and one for execute. So, let's take a look at our shell file here. Root should be able to execute this, so let's go ahead and give that a try. It's being executed in the sleep five, and we're back to our command line. Now let's talk about using the math to make changes to the file permissions. If I say change the mode to seven-six-one on myfile and we look at the listing, we can see that the read, write, and execute added equals seven, the four and the two for the read and write on the group equals six, and we have execute set on other, which is just the one.
We've looked at modifying permissions for user, group, and other. There's one additional group that you can use and that is all and that will modify the group, the user, and other, at the same time. Let me give you an example. If we look at our file that we've been workin' with here, we can see that we left it at seven, six, one, so there's execute permissions for the user and for other.
If I use same the same chmod but this time I use a for all and remove the execute bit and then we do a listing of our file, we can see that it's removed the execution bit from all those groups and if we add it back and do a listing, we can see that they now all have the execute bit.
- What is SUSE Linux Enterprise?
- Installing SLES
- Linux file types
- Working at the command line
- Managing processes
- Working with background processes
- Managing users and groups
- Changing file permissions
- Configuring network interfaces
- Displaying hardware information
- Managing drivers