Unix (linux and Mac os X are unix variants) file permissions work on three levels: there are separate permissions for the owner of the file, the group to whom the owner belongs, and the entire world, which means everyone else on the system. The owner of a file is the one who sets these permissions.
To see the permissions on a file or directory, you need to add the "-l" flag to the common "ls" command for listing files (for "long listing"):
[bo@isbrae ~]$ ls -l /bigtmp/
total 193860
-rw------- 1 bo glaciology 2720463 May 23 13:26 katie_bos_radar.mat
-rw-r--r-- 1 bo glaciology 1573 May 23 13:26 katie_density_core.txt
-rw------- 1 bo glaciology 6385 May 23 13:14 summit_optimization.m
drwxr-xr-x 2 bo glaciology 4096 May 23 14:30 temp_dir
-rwxrwxrwx 1 bo glaciology 0 May 23 14:32 all_permissions_file
Here we see a few files I copied to /bigtmp for Laura to check out. Each line is for a file. The first thing you see in the line is 10 characters, which contain the file type and permissions. The first character determines file type- it's a '-' for a regular file, and 'd' for a directory. There are other characters you might see in that spot, but don't worry about that for now. Next there are three sets of three characters, indicating the file permissions for, again, the owner, group, and world. Directly after these permissions characters the owner is listed (in this case me, 'bo'), the group, the file size in bytes, date and time last modified, and finally the file name.
So lets look at what's here. I've created an empty file (file size 0 bytes) called "all_permissions_file" to illustrate the permissions possibilities. Each of the three groups gets to read, write, or execute (rwx) this file. In general, it's not a good idea to give anyone write permissions on a file unless you are sure you want to, because it'd make it easy for people to accidentally delete your work. So note that for all the other files and directories in this example, the owner is the only one with write permission.
Now take a look at the directory "temp_dir". All users have read and execute permission, but only the owner has write permission. This means that only the owner can put things in this directory, and only the owner can rename or delete the directory. Execute permissions in this case are important, because though others have read permission, to list the contents of a directory requires execute permission.
Next look at a file that is all set to be shared, "katie_density_core.txt". This file has read permissions for everyone, and write permissions for the owner. So now Laura can copy this file to her space, giving her ownership over it and thus control.
There are two files, though, that will thwart any efforts to view, copy, move, delete, rename, or otherwise mess with them, "katie_bos_radar.mat" and "summit_optimization.m". Only the owner has any permissions over them. Note that as owner you can even withdraw these permissions from yourself, though it would make the file less useful (one exception is that if you want to keep yourself from accidentally deleting a file you could take away your own write permissions). But now I, as owner, need to change the permissions so that Laura can copy these files too. To do this you use the command "chmod" (think "change mode"). There's a lot to this command, and I'm only going to give you the simplest way to use it- give all users read permissions, using the "a+r" flag:
[bo@isbrae ~]$ chmod a+r /bigtmp/katie_bos_radar.mat
[bo@isbrae ~]$ chmod a+r /bigtmp/summit_optimization.m
Now look to see that everything is as it should be,
[bo@isbrae ~]$ ls -l /bigtmp/
total 193860
-rw-r--r-- 1 bo glaciology 2720463 May 23 13:26 katie_bos_radar.mat
-rw-r--r-- 1 bo glaciology 1573 May 23 13:26 katie_density_core.txt
-rw-r--r-- 1 bo glaciology 6385 May 23 13:14 summit_optimization.m
drwxr-xr-x 2 bo glaciology 4096 May 23 14:30 temp_dir
-rwxrwxrwx 1 bo glaciology 0 May 23 14:32 all_permissions_file
[bo@isbrae ~]$
And you can now safely tell your colleague that the file is available. Note that if there is a problem with permissions, only the owner can fix it, although as the "root" user, a system administrator can also come in and fix things as well.
Hope this helps!
No comments:
Post a Comment