Raspberry Pi_Eng_13.2.2 Changing Permissions on File


Published Book on Amazon


All of IOT Starting with the Latest Raspberry Pi from Beginner to Advanced – Volume 1
All of IOT Starting with the Latest Raspberry Pi from Beginner to Advanced – Volume 2


출판된 한글판 도서


최신 라즈베리파이(Raspberry Pi)로 시작하는 사물인터넷(IOT)의 모든 것 – 초보에서 고급까지 (상)
최신 라즈베리파이(Raspberry Pi)로 시작하는 사물인터넷(IOT)의 모든 것 – 초보에서 고급까지 (하)


Original Book Contents


13.2.2  Changing Permissions on File

 

13.2.2.1    Changing Permission with "chmod" Command

 

To change processing permissions on a file, use the "chmod" command. This command specifies user scope, operation type, and permission type.

 

[Command Format]

chmod  [OPTION]...  MODE[,MODE]... FILE...

 

[Command Overview]

   This changes the permission on a file.

   User privilege          -- Super user.

 

[Detail Description]

   This command adjusts the processing permission by changing the file mode bit for a specific file.

   You can use symbolic representation and numeric representation to define the contents of a privilege.

 

[Main Option]

--help

display this help and exit

-R, --recursive

operate on files and directories recursively

When working on a directory, all of the directorys and files under the directory are changed at once

 


 

13.2.2.2    Changing Permission by Symbol Representation

 

This command must specify user scope, operation type, and permission type. It can be specified in the following symbolic representation format:

 

item

parameter

meaning

description

user scope

u

owner

owner user

g

group

owner group

o

other

other user

a

all

all user

operation type

+

grand

add permission

-

deprive

delete permission

=

only

set execlusive permission

permission type

r

read

read

w

write

write

x

execute

execute

 

   User scope of permission change

It means the range of users whose permissions are changed for a specific file. In other words, when specifying permission for a file, it specifies which permission should be changed among permissions that are classified as owner user, owner group, and other users. Here, paramenter "a" changes permissions for all users, ie, owner user, owner group and other users at the same time.

 

When you issue a command, you can specify multiple symbols that specify the scope of this user at the same time, allowing you to change multiple user permissions at once. That is, "ug" changes the permission of the owner user and owner group, and "uo" changes the permission of the owner user and other users. Also, "ugo" means owner user, owner group, and other users, and has the same effect as "a".

 

   Operation type of permission change

Here, it specifies whether to grant additional authority or deprive existing authority. "+" has the function to grant new permissions, and "-" has the function to remove existing permissions. "=" performs a little special function, which removes all but the authority specified in this operation. For example, if you grant "write" permission with "=" in this operation, "read" and "execute" permissions will be lost. When executing a command, you can specify only one type of operation.

 

   Permission type of of permission change

This specifies what permissions you want to change. You can select and specify the permission to change for the file from among "read", "write", and "execute" permission.

 

When you execute a command, you can specify more than one symbol that corresponds to the permission type at the same time so that you can change multiple permissions at once, or you can specify no symbol, if necessary. In other words, "rw" means to process both "read" and "write" privilege simultaneously, and " " means not to specify any privilege.

 

[Used Example]

Before you start work, if you look at the detailed information about the directory you are working on, it looks like this. Please check the permissions for "user_guide01.txt" here.

 

pi@raspberrypi ~ $ ls ./testdata -l

total 16

drwxr-xr-x 2 root root 4096 Mar 24 02:26 manual01

drwxr-xr-x 2 pi   pi   4096 Mar 24 02:26 manual02

-rw-r--r-- 1 pi   pi     18 Mar 24 02:10 user_guide01.txt

-rw-r--r-- 1 pi   pi     18 Mar 24 02:10 user_guide02.txt

 

First, we will remove all permissions for "user_guide01.txt". We can use the symbol "a" to work on range of all users. We can use "a-rwx" to remove all privileges, but will use "a =" here. If you view the details of the file again after the operation is completed, you can see that all permissions to "user_guide01.txt" are removed.

 

pi@raspberrypi ~ $ sudo chmod a= ./testdata/user_guide01.txt

 

pi@raspberrypi ~ $ ls ./testdata -l

total 16

drwxr-xr-x 2 root root 4096 Mar 24 02:26 manual01

drwxr-xr-x 2 pi   pi   4096 Mar 24 02:26 manual02

---------- 1 pi   pi     18 Mar 24 02:10 user_guide01.txt

-rw-r--r-- 1 pi   pi     18 Mar 24 02:10 user_guide02.txt

 

Next, we will grant "read", "write", and "execute" permissions to both the owner user and owner group for the same file "user_guide01.txt". To work on owne user and owner group, use the symbol "ug". To grant all permissions, do the following works by using "rwx". If you check the details of the file again after the operation is completed, you can see that the permission for the file "user_guide01.txt" has been changed as follows.

 

pi@raspberrypi ~ $ sudo chmod ug+rwx ./testdata/user_guide01.txt

 

pi@raspberrypi ~ $ ls ./testdata -l

total 16

drwxr-xr-x 2 root root 4096 Mar 24 02:26 manual01

drwxr-xr-x 2 pi   pi   4096 Mar 24 02:26 manual02

-rwxrwx--- 1 pi   pi     18 Mar 24 02:10 user_guide01.txt

-rw-r--r-- 1 pi   pi     18 Mar 24 02:10 user_guide02.txt


 

13.2.2.3    Changing Permission by Number Representation

 

When you change permissions, you can specify a permission type using symbols as before, but there is another way to specify a permission type in the form of numbers rather than symbols. In fact, this was the older way that the original UNIX system has used, followed by the use of symbolic representation characters.

 

Then, let's see how to express permissions using number. Here, the numbers are assigned in correspondence with permission one by one as follows, and the permission is expressed by using the number corresponding to the type of permission:

 

    Read permission      -- 4

    Write permission      -- 2

    Execute permission   -- 1

    No permission         -- 0

 

When expressing the permission for the user, all the numbers corresponding to the "read" permission, "write" permission, and "execution" permission are added together and expressed by a single number:

 

    r--  -- 4 + 0 + 0      -- 4      -- Have read permission only      

    rw- -- 4 + 2 + 0      -- 6      -- Have read, write permission

    rwx -- 4 + 2 + 1      -- 7      -- Have read, write, execute permission

 

Since the permission to the file is assigned separately to the owner user, owner group, and other users, the permission represented by the number is also assigned separately to each object, and the numbers corresponding to the permission of each object are concatenated and expressed as a single number in the L M N format. The following is a description of the permission type represented by "764" according to the object:

    L    -- Owner user    -- Read, write, execute     -- 4 + 2 +1       -- 7

    M   -- Owner group  -- Read, write               -- 4 + 2            -- 6

    N   -- Other user     -- Read                       -- 4                 -- 4

 

[Used Example]

Before you start works, if you look at the detailed information about the directory you are working on, it looks like this. Please check the permissions for "user_guide01.txt" here.

 

pi@raspberrypi ~ $ ls ./testdata -l

total 16

drwxr-xr-x 2 root root 4096 Mar 24 02:26 manual01

drwxr-xr-x 2 pi   pi   4096 Mar 24 02:26 manual02

-rwxrwx--- 1 pi   pi     18 Mar 24 02:10 user_guide01.txt

-rw-r--r-- 1 pi   pi     18 Mar 24 02:10 user_guide02.txt

 

First, let's change the permissions on file "user_guide02.txt". Owner User will be granted "read", "write", and "execute" permission, owner groups will be granted "read" and "execute" permission, and other users will be granted "execute" permission. To do so, specify "7" for owner user, "5" for owner group, and "1" for other user and work as follows. If the detailed information of the file is retrieved again after the operation is completed, you can see that the permissions of "user_guide02.txt" is changed as follows.

 

pi@raspberrypi ~ $ sudo chmod 751 ./testdata/user_guide02.txt

 

pi@raspberrypi ~ $ ls ./testdata -l

total 16

drwxr-xr-x 2 root root 4096 Mar 24 02:26 manual01

drwxr-xr-x 2 pi   pi   4096 Mar 24 02:26 manual02

-rwxrwx--- 1 pi   pi     18 Mar 24 02:10 user_guide01.txt

-rwxr-x--x 1 pi   pi     18 Mar 24 02:10 user_guide02.txt