Before we get into changing permissions lets at least define what the most common ones do. This quick help file talks about things like group and user ownership which is covered in another file so if you don't know what they mean at all read chown next and you will. ~# ls -l total 456 drwx------ 7 root root 4096 Feb 24 05:50 somedir -rw-rw-rw- 4 root root 323 Feb 18 09:10 somefile By doing a ls -l (list long) we can see the permissions on two files in my home dir. All we're interested in now is the left most column so lets remove the other stuff drwx------ somedir ^^^^ |||| |||eXecute ||Write |Read Directory First thing this tells us is that it's a directory if it's just a file it will be - as in somefile above. Second is Read, I can list the contents of this dir: ls somedir Third is Write, I can place files into this directory: cp somefile somedir Fourth is eXecute, I can cd into this directory: cd somedir -rw-rw-rw- somefile ^^ ^^ ^^ || || || || || |world Write || || world Read || |group Write || group Read |user Write user Read First permission tells us - which as we found out can mean directory, since this is blank it is just a file. Second is user Read, the owner of this file can read it: less somefile Third is user Write, the owner can modify this file: rm somefile Fourth is user blank, if it where x the owner could run this file: somefile Fifth is group Read, anyone in this group can read this file: cat somefile Sixth is group Write, anyone in this group can modify this file: rm somefile Seventh is blank, if it where x anyone in the group could run this file Eighth is world read, anyone can read this file: less somefile Ninth is world write, anyone can modilfy this file: vi somefile Tenth is blank, if it were x anyone could run this file Now regardless of group or world settings only the owner and root can change permissions on a file or dir The utility that you use to change permissions on a file or dir is chmod Chmod has two ways to set permissions on file or directories: Absolute and Symbolic Absolute: using numbers to set the permissions eg: chmod 755 would = -rwxr-xr-x Symbolic: using letters to set the permissions eg: chmod a+rx,u+w would = -r-xr-xr-x Symbolic is easier to understand but it's also easy to make errors. Once you understand Absolute you will probably use that all the time. Absolute settings: The first number changes the user permissions The second number changes the group permissions The third number changes the world permissions 1 = eXecute 2 = Write 4 = Read Now you can do chmod 1,2,4 somefile to change it's permissions however that is wasting key strokes. chmod allows you do add the numbers together to change them so chmod 1,2,4 somefile is the same as chmod 7 somefile If you only use one number chmod assumes all you want to change is the user permissions so lets group some together so we can change everything. -rw-rw-rw- somefile This is easy to get we want Read Write so add read (4) to write (2) we get 6 so: chmod 666 somefile is how we would get that. Now suppose that somefile was a script you were working on once you are done you probably don't want to keep typing sh somefile to run it. So you would make it eXecutable that is the 1 permission. chmod 111 somefile becomes ---x--x--x somefile. Opps were did the rw we had just go? There is nothing wrong with it this way you can still run it like you wanted, but if you go back and try and change or view it later on you will get a permission denied error That is why it's called absolute. to acheive what we had before plus the eXecute we want to add read (4), write (2) and eXecute (1) to make 7 chmod 777 somefile becomes -rwxrwxrwx somefile Symbolic on the other hand is a bit more forgiving then absolute it won't change settings you already have if you omit them. So to at the eXecute bit to somefile from the rw it was before with symbolic it is simply chmod a+x somefile to get -rwxrwxrwx somefile The first letter "a" applies to user class that you want to change (user, group, world) The "+" means add this setting, there is also "-" which removes it. User Classes you can use are: a (all), u (user), g (group) and o (world) or (other) Permissions you can use are: r read, w write and x eXecute. In addition you can also use u (user), g (group) and o (other) in the permission place to set the permissions for the user class to match those of the other user class you specify using the '=', chmod a=u somefile will make all the user classes match the one for user. You can also group together user classes and permissions to make things a bit quicker Some quick Examples: drwx------ somedir -rw-rw-rw- somefile chmod g+x somefile -> -rw-rwxrw- somefile chmod o+w somedir -> drwx----w- somedir chmod g+o somedir -> d-w--w--w- somedir chmod go-rw somefile -> -rw---x--- somefile chmod a+u somefile -> -rw-rw-rw- somefile chmod gou-rwx somedir -> d--------- somedir chmod a+rwx somedir -> drwxrwxrwx somedir chmod +x somefile -> -rw---x--x somefile chmod +r somefile -> -rw-r-xr-x somefile chmod +w somefile -> -rw-r-xr-x somefile No that last one isn't a typo, if you omit the user class chmod assumes an (all) except for write, if you omit user class write will only be applied to user, that is for saftey reasons. chmod is smarter then you are and is trying to protect you from making a file that anyone can modify or delete, so tell it exactly what you want. Many *nix gurus use absolute chmod settings, it doesin't mean that symbolic is bad or anything. Use which ever makes the most sense to you and what you are comfortable with. I myself still use symbolic day to day and absolute usually only in scripts. There are other settings that I didn't cover in this help txt mostly because you won't need to use them for a while yet and the chmod man page desribes them Ok I know the formatting sucks and I've probably miss-spelled every second word, live with it or fix it for me :) Also keep in mind that root has access to read/write to any file on the computer regardless of it's permissions. so if something works as root doesn't mean it always will as a user. If find this txt helpful please tell me, if you don't also please tell me.