|
Octal mode provides a quick numeric
means of changing permissions for all categories of users
simultaneously while still allowing each set of permissions to be
different. This mode is also referred to as absolute since the
permissions you apply will explicitly replace the existing ones.
As previously discussed, there are three sets of permissions, one
set for each category of users (User, Group, and Other). There are
three possible permissions for each set (r, w and x): Each set of
permissions for a category of users can be assigned a numeric
value (from 0 to 7) depending on which permissions are allowed.
The mode is referred to as octal since there are eight possible values
for each set of permissions.
By associating each of the three positions (permission types) with a power of
two, we can represent
each one of them with a number. By adding up the numbers we can
get a total that represent all three permissions for that category
of user (User, Group, and Other). Figure
shows how this is accomplished using the first set of permissions
(user) as an example. In this example, the user has Read (r), Write
(w) and Execute (x) permissions. If the permission is allowed, we
count the value in the total; if not, then it is not counted.
As can be seen in Figure ,
each set of three permissions can be represented by one number from 0 to 7
by adding up the values of the three positions. After adding the
position values, associate/assign that value with the category of user
(user/group/other). So, a 7 would be associated with the user group as
shown in Figure . Next, you could move on to
'group,' add up its
values and assign that number to 'group' and then finally on to 'other'
and assign that number to 'other.' Once you are completed with all
three categories of users (User, Group, and Other), you have a three-digit
number representing the permissions for all three categories of users.
The command format for the octal method
of changing permission is similar to the symbolic method. However, it
is not necessary to specify the category of users since the position
of each number represents the category. Figure
shows the value of each permission separately and the values of all
possible sets or combinations of the three permissions. The octal_mode
is made up of three numbers, each of which is the sum of the three
permissions for one of the user categories (User, Group, and Other).
Octal values are combined to identify the octal_mode that is used with
the chmod
command.
|
Command Format: |
| chmod
octal_mode filename OR |
| chmod –R
octal_mode directoryname |
Some examples of the combined octal values for all three categories
are shown in Figure .
The first Octal value defines the user (owner) permissions, the second
defines the group, and the last position defines others. Default
permissions on files have an octal value of 644, and default
permissions on directories have an octal value of 755. Most scripts
and executable files have an octal value of 555.
Note - When using octal mode
with the chmod
command, you must list all three numbers, one for each
category: user, group, and others.
Figure
illustrates several examples using the
chmod
command to change
permissions with octal mode. In the first example, the existing Read
and Write (4 + 2 + 0 = 6) permissions are replaced by the Read and
Execute permission (4 + 0 + 1 = 5). In the second example, the two
number 7s represent all permissions for User and Group (4 + 2 + 1) and
the number 5 represents Read and Execute for Others (4 + 0 + 1), which
remains unchanged. In the last example, the Group permissions of Read,
Write and Execute (4 + 2 + 1 = 7) are replaced with Read and Execute
(4 + 1 = 5)
The –R option recursively changes
permissions on directories and all files. This is a quick way to
change the permissions on all files in a directory at once.
There are two other useful commands
related to changing permissions: The change ownership command used to
change the ownership of a file to a new owner (chown
[-R] ) and the change group
command use to change group ownership of a file to a new group (chgrp
[-R]). See the man pages for
usage and examples of these commands.
Figure
is a short conversion exercise that will allow you to convert file
permissions into octal mode.
 |
 |
Lab
Activity
(Adobe
Acrobat Reader, 59 kB) |
| |
Changing
Permissions from the Command Line
In
this lab, you will analyze and change UNIX file
system security permissions using command line
utilities. |
|
|
|
|