|
Home > Archive > alt.os.linux > October 2002 > File Permissions
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Mark W. Shelby 2002-10-14, 7:24 am |
| Is there a book or internet web source which would teach me more about file
permissions. Specifically what numerical permission setting (chmod) to use
in which instance?
| |
| Andreas Mattern 2002-10-14, 8:24 am |
| Mark W. Shelby <mshelby@aaahawk.com> wrote:
> Is there a book or internet web source which would teach me more about file
> permissions. Specifically what numerical permission setting (chmod) to use
> in which instance?
WTF? Ever tried something like google -> linux file permissions?
Please search before you ask trivial stuff like this which has been answered
gazillions of times.
Andreas
| |
| Sybren 2002-10-14, 8:24 am |
| Mark W. Shelby wrote:
> Is there a book or internet web source which would teach me more about
> file permissions. Specifically what numerical permission setting (chmod)
> to use in which instance?
man chmod teaches all you need to know. What permissions to use in which
instance is just a matter of thinking logically and choosing the minimal
permissions possible. It's not that hard, just keep world-writable and
group-writable files/directories to a minimum.
Sybren
--
Do you think I'm rude, or don't you understand my answers? Read this page
[http://www.tuxedo.org/~esr/faqs/sma...ions.html#intro] and you'll
understand. You'll also see that I'm not rude in this
(http://www.tuxedo.org/~esr/faqs/sma...tions.html#rtfm) section.
| |
| Peter T. Breuer 2002-10-14, 10:24 am |
| Sybren <sybrenUSE@yourthirdtower.imagination.com> wrote:
> Mark W. Shelby wrote:
>> Is there a book or internet web source which would teach me more about
>> file permissions. Specifically what numerical permission setting (chmod)
>> to use in which instance?
> man chmod teaches all you need to know. What permissions to use in which
Hey! I was going to say that.
Now what will I say?
OK - everything I know about file permissions I have learnt from the
chmod man page. OK? :-)
> instance is just a matter of thinking logically and choosing the minimal
> permissions possible. It's not that hard, just keep world-writable and
> group-writable files/directories to a minimum.
And be careful about marking a directory group writable but not
accessible by group, or whatever the magical combo is that makes
it have mandatory locking ... (yeah, yeah, probably I should go
and read something in the kernel source Documentation directory
again ..)
The chattr zenpage is alos vaguely interesting, though not what you
asked about.
Peter
| |
| Trond Forgaard 2002-10-14, 12:24 pm |
|
"Mark W. Shelby" <mshelby@aaahawk.com> wrote in message
news:aoebgg$t1u$1@news.chatlink.com...
> Is there a book or internet web source which would teach me more about
file
> permissions. Specifically what numerical permission setting (chmod) to use
> in which instance?
Ok, I just got this explanation from a guy that helps me getting started
with Linux. (I'm really a BIG newbe) :=)
"The first number is the owners rights.
The second number is the groups rights.
The third number is "everyone/nobody" rights
The numbers represents binaries flags. The binary numbersystem (as you
probarbly know) is like this:
0 - 0,
1 - 1,
2 - 10,
3 - 11,
4 - 100,
5 - 101,
6 - 110,
7 - 111
For chmod this will be:
7 - read, write, execute - 111
6 - read, write - 110
5 - read, , execute - 101
4 - read, - 100
3 - write, execute - 011
2 - write, - 010
1 - execute - 001
0 - - 000
The most used (and most reasonble) rights becomes:
777 - everyone can read, write an execute.
755 - the owner can read, write an execute, everyone else can just read an
execute.
644 - the owner can read an write, all others can just read.
664 - the owner, and the member of the file's group, kan read an write. The
others can just read.
OK?"
This is just translated from my email over to english. But I rally helped
me understanding a bit of what I'm doing. 
Thanks to TM at Linpro
Trond
| |
| Michael Heiming 2002-10-14, 12:24 pm |
| Peter T. Breuer (<jgkeoa.c3t.ln@news.it.uc3m.es> ):
> Sybren <sybrenUSE@yourthirdtower.imagination.com> wrote:
>> Mark W. Shelby wrote:
> OK - everything I know about file permissions I have learnt from
> the chmod man page. OK? :-)
Sure, I expected you figured it out, by taking a short look at the
source
SEE ALSO
The full documentation for chmod is maintained as a Tex-
info manual. If the info and chmod programs are properly
installed at your site, the command
info chmod
should give you access to the complete manual.
There's not a single line about octal permissions in the man pages,
which are IMHO easier/faster to type/remember.
>> instance is just a matter of thinking logically and choosing the
>> minimal permissions possible. It's not that hard, just keep
>> world-writable and group-writable files/directories to a minimum.
>
> And be careful about marking a directory group writable but not
> accessible by group, or whatever the magical combo is that makes
> it have mandatory locking ... (yeah, yeah, probably I should go
> and read something in the kernel source Documentation directory
> again ..)
And be carefull about the -R switch, it's really powerfull, if used
as root, one may render a working system more or less useless, with
a few keystrokes
> The chattr zenpage is alos vaguely interesting, though not what
> you asked about.
And only working on ext2/3.
Michael Heiming
--
Remove the +SIGNS case mail bounces.
| |
| Garry Knight 2002-10-14, 1:24 pm |
| Mark W. Shelby wrote:
> Is there a book or internet web source which would teach me more about
> file permissions. Specifically what numerical permission setting (chmod)
> to use in which instance?
I recommend you check out RUTE as it covers all this and a great deal more.
<URL: http://rute.sourceforge.net>
--
Garry Knight
garryknight@gmx.net ICQ: 126351135
Linux registered user 182025
| |
| Xanadu 2002-10-14, 1:24 pm |
| On Mon, 14 Oct 2002 09:01:09 -0400, Andreas Mattern wrote:
> Mark W. Shelby <mshelby@aaahawk.com> wrote:
>> Is there a book or internet web source which would teach me more about
>> file permissions. Specifically what numerical permission setting
>> (chmod) to use in which instance?
>
> WTF? Ever tried something like google -> linux file permissions?
>
> Please search before you ask trivial stuff like this which has been
> answered gazillions of times.
>
> Andreas
I wish people were a bit more friendly to the n00bs. I know answering
the same question over and over can be annoying (I do tech support as
well as be an Admin), but geesh. The person has a legit question and was
"greeted" with (esentially) "figure it out for yourself". You could've
done something like this:
http://xan.drirc.net/chmod.html
That's a "cheat sheet" I made a couple years back that should help you
out.
| |
| Jon Portnoy 2002-10-14, 1:24 pm |
| In article <SJCq9.4824$jS5.108886@news2.ulv.nextra.no>, Trond Forgaard wrote:
>
> "Mark W. Shelby" <mshelby@aaahawk.com> wrote in message
> news:aoebgg$t1u$1@news.chatlink.com...
>> Is there a book or internet web source which would teach me more about
> file
>> permissions. Specifically what numerical permission setting (chmod) to use
>> in which instance?
>
> Ok, I just got this explanation from a guy that helps me getting started
> with Linux. (I'm really a BIG newbe) :=)
>
> "The first number is the owners rights.
> The second number is the groups rights.
>
> The third number is "everyone/nobody" rights
>
> The numbers represents binaries flags. The binary numbersystem (as you
> probarbly know) is like this:
[snip]
There's an easier way to do things:
chmod [users][+/-][permissions]
For example:
users = u (owner) g (group) o (world) a (all of the above)
permissions = r (read) w (write) x (execute)
So you can do something like:
chmod u+rw = owner can read and write
chmod g+rw = group can read and write
chmod o+rw = world can read and write
Or for more than one:
chmod u+rw,g+rx,o+r = owner can read, write, and execute, group can read
and execute, world can read
(My mind doesn't deal very well with numbers, perhaps the symbols used for
numbers are too bland to remember <G> - I find using letters easier.)
--
Jon Portnoy
| |
| Andreas Mattern 2002-10-14, 3:24 pm |
| Xanadu <xanadu@inorbit.com> wrote:
> I wish people were a bit more friendly to the n00bs. I know answering
> the same question over and over can be annoying (I do tech support as
> well as be an Admin), but geesh. The person has a legit question and was
> "greeted" with (esentially) "figure it out for yourself". You could've
> done something like this:
It's not just that answering the questions is annoying, the NG gets
cluttered up with uneccessary traffic so real questions that are not totally
trivial to answer get lost in the noise. Linux *is not* click and run, you
still have a steep learning curve. People have to learn *from the beginning*
to look for info and not just expect canned answers to the same questions on
and on and on. This was no flame. If something remotely tricky (like not
within the first 20 google hits... ) comes up I'm very happy to help,
and yes, I'm a sysadmin and tech support, too.
btw., my answer was not a "figure it out yourself". I tried those exact
terms as a I gave them in google to see that it really comes up with
meaningful results, which it did. Just learning to check google is the
biggest help you can give someone, you'll get answers in a much shorter time
and with a lot less effort than posting in a newsgroup and waiting for
trivial answers. If you just give them a link to a page they'll come back
again next time for the same trivial problem.
Andreas
--
Andreas Mattern andreas.mattern at ikm.uni-karlsruhe.de
Institut fuer Keramik im Maschinenbau Uni Karlsruhe
There are 10 kinds of people in the world: those who understand binary,
and those who don't.
| |
| Mark W. Shelby 2002-10-14, 10:24 pm |
| Thanks a lot, butt-head. I asked a question and everyone else here answered
with helpful information. The question I asked may have been trivial to YOU
but it was important to ME. That is why I asked it. Sorry if my question
doesn't meet YOUR high standard. Sorry I wasted 2 seconds of your precious
time asking a question which YOU took it upon yourself to deem unworthy of
web-space. I'm sorry that you further felt the need to spend your precious
time flaming me about it.
It's people like you that give linux a bad name.
I have searched the web and found references about my topic. I was just
hoping to get a little more input from the many experts on this list.
I didn't realize I needed to clear my choice of topics with you before
posting. My error.
To everyone else, Thank you sincerely for the information. I have installed
one of those "minimalist" distro's to teach myself a little more about
linux. I am fairly knowlegable, but am ready for a little more in depth
refernce guides. I have narrowed down a few problems I am having to bad
permissions on some files. I just wanted to know why a particular file gets
a particular permission code versus another.
Again, thanks for the input!
-Mark
| |
| Paul Lutus 2002-10-14, 11:24 pm |
| Mark W. Shelby wrote:
> Thanks a lot, butt-head. I asked a question and everyone else here
> answered with helpful information. The question I asked may have been
> trivial to YOU but it was important to ME. That is why I asked it. Sorry
> if my question doesn't meet YOUR high standard. Sorry I wasted 2 seconds
> of your precious time asking a question which YOU took it upon yourself to
> deem unworthy of web-space. I'm sorry that you further felt the need to
> spend your precious time flaming me about it.
I have some news for you. This is not a corporate help desk, and you did not
pay us to help you. Volunteers devote their time to answering questions. Do
you know the word "volunteer?"
> It's people like you that give linux a bad name.
It's people like you who give "ingrate" a whole new meaning. All attitude,
no gratitude.
--
Paul Lutus
www.arachnoid.com
| |
| +Chiron+ 2002-10-15, 1:24 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 14 Oct 2002 23:23:42 +0000, Mark W. Shelby tempted the fates in
alt.os.linux by proclaiming the following:
> ...a question which YOU took it upon yourself to deem unworthy of
> web-space.
Correction:
Usenet is not 'The Web'.
Usenet is NNTP.
"The Web" is HTTP.
You should at least understand the protocol you're using before you
post to / use it.
- --
+Chiron+ | In this world there are only two tragedies.
GnuPG Pub Key 848D1A2D -o) | One is not getting what one wants, and the
Linux Kernel 2.4.19 /\\ | other is getting it. -- Oscar Wilde
Slackware 8.1 *w00t* _\_v |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9q60Ye8wcrYSNGi0RApn4AK
DTbNV0jvCHxK5tDkdEBXWMv6dXIACg
spdq
GeKlXTRfzlln8CKLXrkzqgs=
=ek3p
-----END PGP SIGNATURE-----
| |
| Sybren 2002-10-15, 2:24 am |
| Mark W. Shelby wrote:
> Thanks a lot, butt-head. I asked a question and everyone else here
> answered with helpful information.
I have to agree with the butt-head here. Pointing to google and showing how
it can be used to find answers in no-time, is the best help you can get.
When you know how to handle google, you'll be able to find answers to 99%
of the questions out there. And I agree with you that he should have
answered in a bit nicer way.
> It's people like you that give linux a bad name.
Linux doesn't have a bad name.
> I have searched the web and found references about my topic. I was just
> hoping to get a little more input from the many experts on this list.
Then, next time, tell us so. Tell us what you exactly want, on which
sub-topics you'd like our opinions. Just asking something like 'how does
chmod work' will get you an answer to that question, not some expert views.
Next time, be the adult one, and stay calm when someone is not acting the
way you want him to. You, by calling someone butt-head, helped giving Linux
that bad name you were talking about just as much as the one you're
accusing. I don't think that was what you ment to do...
Greetz,
Sybren
--
Do you think I'm rude, or don't you understand my answers? Read this page
[http://www.tuxedo.org/~esr/faqs/sma...ions.html#intro] and you'll
understand. You'll also see that I'm not rude in this
(http://www.tuxedo.org/~esr/faqs/sma...tions.html#rtfm) section.
| |
| Robert 2002-10-15, 4:24 pm |
| Firstly, I apologise for not using reply as I've had to use M$ lookout
express as my ISP uses 'doze mail servers - and they require me to login to
send news, but give the wrong error message so my mailer of choice don't
know what's going wrong to prompt me to the login info - and every time I
try to reply it crashes (on rerunning it said not displaying message as I
crashed when you were last viewing it and I'm probably gunna crash again).
In answer to Andreas Mattern's moan about cluttering up the NG...have you
noticed how many messages have been generated in reply to the query: 10
(plus this making 11 that I know of); most of these could have been avoided
if a simple polite reply was originally made.
Trond Forgaard's reply is slightly inaccurate: what happens if I try 'chmod
04711 <file>' (which works quite happily [to do what I want it to do]).
Using his reply, the first number (0) = owners perms (none), 2nd (4) = group
(read only), third (7) = world (read/write/execute), but what about the two
trailing 1's?
It's slightly more accurate to state that the perms are assigned from the
RIGHT hand end in the format World, Group, User, Privileged options, and if
any are missing (to the left) they are assumed to be zero. ie:
chmod 3 <file> will ONLY set the world permissions (3 = -wx),
and clear all others
chmod 65 <file> will set group permissions (6 = rw-), and world
(5 = r-x), but clear others
chmod 751 <file> will set user (7 = rwx), group (5 = r-x) and world
(1 = --x)
so back to my example:
chmod 04711 will set user (7 = rwx), group (1 = --x) and world (1
= --x)
but what about the 0 and 4? The zero can be ignored as it is assumed to be
zero if unspecified (I use it to remind me that the number is an octal
number...hex numbers start 0x, decimal numbers start with one of 1..9) which
just leaves the 4 which is a privleged file permission option (actually
SUID).
I personally find numbers easier to use than the u[+/-]<perms> etc, and
hence I use them: as Trond stated, each perm is made up of three bits
corresponding to Read Write and eXecute (rwx) in that order. So x has value
1, w has value 2 and r has value 4, and thus the whole perms for a given
class of user (Owner, Group or World) is a simple addition of the various
bits.
'chmod' may seem trivial, but understanding file permissions is all part of
*nix. For a complete list of what the bit values mean, on my machine when I
use:
$ man 2 stat
I get:
....
NAME
stat, fstat, lstat - get file status
....
The following are deifned for st_mode field:
....
S_ISUID 0004000 set UID bit
....
S_IRWXU 00700 mask for file owner permissions
S_IRUSR 00400 owner has read permission
S_IWUSR 00200 owner has write permission
S_IXUSR 00100 owner has execute permission
....
S_IRGRP 00040 group has read permission
....
S_IXOTH 00001 others have execute permission
.....
[I apologise if the format isn't too neaxt...I HATE lookout express]
| |
| Paul Lutus 2002-10-15, 4:24 pm |
| Robert wrote:
> Firstly, I apologise for not using reply as I've had to ...
No excuses! Choose a newsreader that works, don't post improperly only to
start off with a lame excuse.
> In answer to Andreas Mattern's moan about cluttering up the NG...have you
> noticed how many messages have been generated in reply to the query: 10
> (plus this making 11 that I know of); most of these could have been
> avoided if a simple polite reply was originally made.
That most likely could have been avoided as well, if only an informative,
correctly formatted post had originated the thread. I'll never know,
because you abandoned your own thread instead of fixing your newsreader.
> [I apologise if the format isn't too neaxt...I HATE lookout express]
Don't apologize. Fix your newsreader or download one of the many free Linux
newsreaders. Or ... are you even using Linux?
(pause to look at headers)
Honest to God.
--
Paul Lutus
www.arachnoid.com
| |
| Peter T. Breuer 2002-10-15, 5:24 pm |
| Robert <cigmorfil@my.machine> wrote:
> Trond Forgaard's reply is slightly inaccurate: what happens if I try 'chmod
> 04711 <file>' (which works quite happily [to do what I want it to do]).
> Using his reply, the first number (0) = owners perms (none), 2nd (4) = group
Don't be silly. You count wrong. "0" is the mark that tells the lexer
that this is an octal digit, "4" is the -1th number, and 7 is the 0th,
thoug why you wish to count the 1st as 0th and 0th as -1th is beyond me.
> (read only), third (7) = world (read/write/execute), but what about the two
> trailing 1's?
Those are not trailing 1's. You forgot the two leading zeros.
> It's slightly more accurate to state that the perms are assigned from the
Silly nonsense.
> but what about the 0 and 4? The zero can be ignored as it is assumed to be
> zero if unspecified (I use it to remind me that the number is an octal
No, everybody needs to use it to specify that it is octal. That's the
lexical requirement.
> just leaves the 4 which is a privleged file permission option (actually
Bet you don't know how to get a S in the group exec position.
> 'chmod' may seem trivial, but understanding file permissions is all part of
It is trivial. Now: there are 32 permission bits. You have only
mentioned 12 of them. What are the other 20?
> [I apologise if the format isn't too neaxt...I HATE lookout express]
Then don't use it. Was there any point in spouting this trivia if you
prove you can't conquer the use of a proper mail client.
Peter
| |
| Mark W. Shelby 2002-10-15, 9:24 pm |
| My question was general because I was asking a "general" type question. Here
is the text of my original question:
"Is there a book or internet web source which would teach me more about file
permissions. Specifically what numerical permission setting (chmod) to use
in which instance?"
I wasn't asking anyone to solve a specific problem FOR me. I simply thought
A few more advanced users might have suggestions on more in-depth reading I
might try. I will try again:
Does anyone on this list know of a newsgroup I might be welcome on in which
I could ask a simple question in a polite manner -and get a response free
from rhetoric?
-mark
| |
| Bit Twister 2002-10-15, 9:24 pm |
| On Tue, 15 Oct 2002 21:47:38 +0000, Mark W. Shelby wrote:
> My question was general because I was asking a "general" type question. Here
> is the text of my original question:
>
> "Is there a book or internet web source which would teach me more about file
> permissions. Specifically what numerical permission setting (chmod) to use
> in which instance?"
http://www.tldp.org/guides.html
scroll down to
The Linux System Administrators' Guide
Linux System Administration Made Easy
| |
| Paul Lutus 2002-10-15, 11:24 pm |
| Mark W. Shelby wrote:
> My question was general because I was asking a "general" type question.
> Here is the text of my original question:
>
> "Is there a book or internet web source which would teach me more about
> file permissions. Specifically what numerical permission setting (chmod)
> to use in which instance?"
>
> I wasn't asking anyone to solve a specific problem FOR me. I simply
> thought A few more advanced users might have suggestions on more in-depth
> reading I might try. I will try again:
>
> Does anyone on this list know of a newsgroup I might be welcome on in
> which I could ask a simple question in a polite manner -and get a response
> free from rhetoric?
Back when Americans were literate, they read computer programming books to
learn this sort of thing. The modern equivalent would be a series of Web
pages. Or that accompanied by one or more books.
--
Paul Lutus
www.arachnoid.com
| |
| Peter T. Breuer 2002-10-16, 2:24 am |
| Mark W. Shelby <mshelby@aaahawk.com> wrote:
> "Is there a book or internet web source which would teach me more about file
> permissions. Specifically what numerical permission setting (chmod) to use
> in which instance?"
> I wasn't asking anyone to solve a specific problem FOR me. I simply thought
> A few more advanced users might have suggestions on more in-depth reading I
> might try. I will try again:
Don' be daf' mon! This is a trivial topic. You can't get "in-depth
reading" on it, any more than you can get in-depth reading on selecting
doormats for your front door.
> Does anyone on this list know of a newsgroup I might be welcome on in which
> I could ask a simple question in a polite manner -and get a response free
Not if you persist in such banality..
> from rhetoric?
Peter
| |
| Rogerb 2002-10-16, 10:24 pm |
| On Wed, 16 Oct 2002 08:26:26 +0200, Peter T. Breuer
<ptb@oboe.it.uc3m.es
> wrote:
> Mark W. Shelby <mshelby@aaahawk.com> wrote:
>> "Is there a book or internet web source which would teach me more
about file
>> permissions. Specifically what numerical permission setting (chmod) to use
>> in which instance?"
>
>> I wasn't asking anyone to solve a specific problem FOR me. I simply thought
>> A few more advanced users might have suggestions on more in-depth reading I
>> might try. I will try again:
>
> Don' be daf' mon! This is a trivial topic. You can't get "in-depth
> reading" on it, any more than you can get in-depth reading on selecting
> doormats for your front door.
Is that why people f*ck it up at the drop of hat.
Maybe try the CIA web site Their building a secure linux box, groups
and permissions might be important for that.
>
>> Does anyone on this list know of a newsgroup I might be welcome on in which
>> I could ask a simple question in a polite manner -and get a response free
>
> Not if you persist in such banality..
>
>> from rhetoric?
>
> Peter
| |
| Peter T. Breuer 2002-10-17, 1:25 am |
| Rogerb <rjb@recorder.ca> wrote:
> On Wed, 16 Oct 2002 08:26:26 +0200, Peter T. Breuer <ptb@oboe.it.uc3m.es
>> Don' be daf' mon! This is a trivial topic. You can't get "in-depth
>> reading" on it, any more than you can get in-depth reading on selecting
>> doormats for your front door.
> Is that why people f*ck it up at the drop of hat.
Hey, I don't even have a doormat! I am completely unable to choose one.
I don't understand the significance of the picture of a house versus
the picture of a tree. And when should I choose one made of the
fibrous stuff and when should I have one made of rubber? And what about
those ones made of artificial grass?
> Maybe try the CIA web site Their building a secure linux box, groups
> and permissions might be important for that.
But what kind of doormat do they have? That's what SHOULD be worrying
them. Deeply.
Peter
|
|
|
|
|