In Linux, objects such as files or folder or processes generally belong to the user who created or initiated them. The group which is associated with a file or a folder depends on the primary group the user belongs to when creating the object. When you create a new file or directory, initial access permissions for this object are set according to a predefined scheme. For further details refer to Section 7.3, File Access Permissions.
As the owner of a file or directory (and, of course, as root), you can change the access permissions to this object.
To change object attributes like access permissions of a file or folder, use the chmod command followed by the following parameters:
the users for which to change the permissions,
the type of access permission you want to remove, set or add and
the files or folders for which you want to change permissions separated by spaces.
The users for which you can change file access permissions fall into the following categories: the owner of the file (user, u), the group that own the file (group, g) and the other users (others, o). You can add, remove or set one or more of the following permissions: read, write or execute.
As root, you can also change the ownership of a file: with the command chown (change owner) you can transfer ownership to a new user.
The following example shows the output of an ls -l command in a shell.
Example 8-1 Access Permissions For Files and Folders
-rw-r----- 1 tux users 0 2006-06-23 16:08 checklist.txt -rw-r--r-- 1 tux users 53279 2006-06-21 13:16 gnome_quick.xml -rw-rw---- 1 tux users 0 2006-06-23 16:08 index.htm -rw-r--r-- 1 tux users 70733 2006-06-21 09:35 kde-start.xml -rw-r--r-- 1 tux users 47896 2006-06-21 09:46 kde_quick.xml drwxr-xr-x 2 tux users 48 2006-06-23 16:09 local -r-xr-xr-x 1 tux users 624398 2006-06-23 15:43 tux.jpg
In the example above, user tux owns the file kde-start.xml and has read and write access to the file but cannot execute it. The users group can read the file but cannot write or execute it. The same holds true for the other users as shown by the third block of characters.
Suppose you are tux and want to modify the access permissions to your files:
If you want to grant the users group also write access to kde-start.xml, enter
chmod g+w kde-start.xml
To grant the users group and other users write access to kde-start.xml, enter
chmod go+w kde-start.xml
To remove write access for all users, enter
chmod -w kde-start.xml
If you do not specify any kind of users, the changes apply to all users— the owner of the file, the owning group and the others. Now even the owner tux does not have write access to the file without first reestablishing write permissions.
To prohibit the usersgroup and others to change into the directory local, enter
chmod go-x local
To grant others write permissions for two files, for kde_quick.xml and gnome_quick.xml, enter
chmod o+w kde_quick.xml gnome_quick.xml
Suppose you are tux and want to transfer the ownership of the file kde_quick.xml to an other user, named wilber. In this case, proceed as follows:
Enter the username and password for root.
Enter
chown wilber kde_quick.xml
Check what happened with
ls -l kde_quick.xml
You should get the following output:
-rw-r--r-- 1 wilber users 47896 2006-06-21 09:46 kde_quick.xml
If the ownership is set according to your wishes, switch back to your normal user account.