A lap 2018. szeptember 24., 12:40-kori változata

Previous - Up - Next

Linux permissions

Permission groups
- superuser (su), sys admins
- owner, the user who made the file/directory, ex. someone
- group, a subset of users with a distinct name, ex. student
- others, everyone else, public, guest, untrusted unsers
Types of permissions
- w: Write, can modify
- r: Read, can read
- x: eXecute, run a program, or list a directory
- -: none

It is specified who can do what, ex:

owner can write, read and execute
its group can read and execute, but not modify
others cannot do anything

The superusers (su) can do anything at any time, only a superuser can make an other user super.

These can be expressed with a set of three alpha-numeric charactes:

u: user, owner
g: group
o: others
a: all of the above
read: r or 4
write: w or 2
execute: x or 1
none: - or 0

The a is not the same as o, because it is possible that a group does not have a permission, but someone outside of the groups has.

The permissions can be represented with a 10 character string:

1	2	3	4	5	6	7	8	9	10
type	owner			group			others
type	read	write	execute	read	write	execute	read	write	execute

$ ls -l ~
drwxr-xr-x 8 borbely student 4096 Aug 30 23:24 Desktop
drwxr-xr-x 2 borbely student 4096 Mar 27  2012 Downloads
drwxr-xr-x 2 borbely student 4096 Oct 20  2009 Drives
drwx------ 2 borbely student 4096 Apr 20 10:42 mail
drwxr-xr-x 7 borbely student 4096 Sep  6 13:01 public_html
$ _

The public_html folder is owned by borbely, its group is student, permissions: drwxr-xr-x

type: it is a directory
my permissions rwx means that owner can do anything
other students' permissions: r-x, they can read but not write
others: r-x, they can still read but not write

Numerically, you can encode this in 3 digits. The three numbers are (from left to right): owner, group and others. The munbers 4: read, 2: write, 1: execute. They can be added. Example: /home/student/borbely/public_html has permission: 755 meaning

owner (borbely) 7=4+2+1: read, write, execute
group (student) 5=4+1: read and execute
other 5=4+1: read and execute

chmod

You can change the permissions with chmod Examples:

chmod 700 ~/info_hazi: nobody can see anything, except me (of course superusers still can see it).
chmod 750 ~/important_work: In this folder one can share data with group members, but not others. Also group can only see it, not modify.
chmod 754 -R ~/public_html: The -R applies the permissions recursively in the subfolders of the folder, and every file in it.

More info

man chmod
[1]

Previous - Up - Next

@@ 1. sor: / 1. sor: @@
+[[Informatics1-2018/Lab03|Previous]] - [[Informatics1-2018#Labs|Up]] - [[Informatics1-2018/Lab05|Next]]
 = Linux permissions =
 * Permission groups
@@ 47. sor: / 49. sor: @@
 $ _
 </PRE>
-A <tt>public_html</tt> mappámnak a tulajdonosa: <tt>borbely</tt>, csoportja <tt>student</tt>, azonosító: <tt>drwxr-xr-x</tt>, vagyis:
+The <tt>public_html</tt> folder is owned by <tt>borbely</tt>, its group is <tt>student</tt>, permissions: <tt>drwxr-xr-x</tt>
-* típusa '''d''': könyvtár
+* type: it is a '''d'''irectory
-* saját jogaim '''rwx''', vagyis minden (hál' Istennek)
+* my permissions '''rwx''' means that owner can do anything
-* diáktársaim jogai '''r-x''', vagyis írni nem írhatják, de minden mást szabad
+* other students' permissions: '''r-x''', they can read but not write
-* mindenki másnak '''r-x''', vagyis más is olvashatja és futtathatja
+* others: '''r-x''', they can still read but not write
-Numerikusan egy 3 számból álló érték határozza meg a jogokat.
+Numerically, you can encode this in 3 digits.
-Balról az első szám az owner jogok, aztán group majd others. A számok 4: olvasás, 2: írás, 1: execute.
+The three numbers are (from left to right): owner, group and others. The munbers 4: read, 2: write, 1: execute.
-Ezek összeadódhatnak.
+They can be added.
-Pl <tt>/home/student/borbely/public_html</tt> jogai: <tt>755</tt> azaz
+Example: <tt>/home/student/borbely/public_html</tt> has permission: <tt>755</tt> meaning
-* owner (<tt>borbely</tt>) <tt>7=4+2+1</tt>: írás, olvasás és futtatás
+* owner (<tt>borbely</tt>) <tt>7=4+2+1</tt>: read, write, execute
-* group (<tt>student</tt>) <tt>5=4+1</tt>: olvasás és futtatás
+* group (<tt>student</tt>) <tt>5=4+1</tt>: read and execute
-* other <tt>5=4+1</tt>: olvasás és futtatás
+* other <tt>5=4+1</tt>: read and execute
 === chmod ===
-A jogokat a <tt>chmod</tt> paranccsal változtathatjuk meg. Néhány példa:
+You can change the permissions with <tt>chmod</tt> Examples:
-* <tt>chmod 700 ~/info_hazi</tt>: elrejtem az <tt>info_hazi</tt> mappámat rajtam kívül mindenki elől (nem tudnak belelépni, sem listázni a tartalmát), persze a superuser-ek láthatják.
+* <tt>chmod 700 ~/info_hazi</tt>: nobody can see anything, except me (of course superusers still can see it).
-* <tt>chmod 750 ~/important_work</tt>: ebben a mappában egy group-al együtt dolgozok valamin, a group olvashatja és futtathatja, én írhatom is, senki más nem láthatja.
+* <tt>chmod 750 ~/important_work</tt>: In this folder one can share data with group members, but not others. Also group can only see it, not modify.
-* <tt>chmod 754 -R ~/public_html</tt>: az '''-R''' kapcsoló rekurzívan alkalmazza a beállításokat a mappa tartalmára.
+* <tt>chmod 754 -R ~/public_html</tt>: The '''-R''' applies the permissions recursively in the subfolders of the folder, and every file in it.
-=== Bővebben ===
+=== More info ===
 * <tt>man chmod</tt>
-* [http://www.comptechdoc.org/os/linux/usersguide/linux_ugfilesp.html leírás]
+* [http://www.comptechdoc.org/os/linux/usersguide/linux_ugfilesp.html]
+[[Informatics1-2018/Lab03|Previous]] - [[Informatics1-2018#Labs|Up]] - [[Informatics1-2018/Lab05|Next]]

Informatics1-2018/Lab04

A lap 2018. szeptember 24., 12:40-kori változata

Linux permissions

chmod

More info

Nézetek

Személyes eszközök

Navigáció

Keresés

Eszközök