manual page for chmod

NAME

SYNOPSIS

chmod changes the permissions of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new permissions.

For web pages, these commands set the common (numeric) modes: chmod 664 filename           for files (html, gif, jpg, etc.) you want visible chmod 660 filename           for files you want to edit, but not be visible to the world chmod 771 directory           for directories you want web-accessible chmod 770 directory           for directories you want to work with, but not be web-visible

meaning of ``chmod 664 filename'': The first octal digit refers to the permissions for the owner of the file; the 2nd digit, for the group; the 3rd digit, for the rest of the world (web browsers). In Unix, the numeric value for permissions are r="read permission"=4 w="write/edit permission"=2 x="execute permission"=1 (Web pages -- *.html and *.jpg -- never need execute permission.) Add up the permission values to get an octal (0-7) value. So, ``chmod 664 filename'' gives the owner of the file read & write (4+2+0) permission, gives the group read & write (4+2+0) permission, and gives the rest of the world read-only (4+0+0) permission.

meaning of ``chmod 771 directory'': The interpretation of permissions for a directory differs from that for a file. r="read permission"=4 for a directory means the ability to list the directory's contents w="write permission"=2 for a directory means the ability to add files, delete files, or change file names inside that directory x="execute permission"=1 for a directory means ability to access the files in the directory For web pages, the world only needs the latter ("execute" permission, value=1), while the owner & group should have full r+w+x permissions to be able to maintain pages. Therefore, the normal operating permission mode for a web directory is 771. To close a directory to the world while keeping the ability to work on its files, use 770.

(manual page continues)

A combination of the letters `ugoa' controls which users' access to the file will be changed: the user who owns it (u), other users in the file's group (g), other users not in the file's group (o), or all users (a). If none of these are given, the effect is as if `a' were given, but bits that are set in the umask are not affected.

The operator `+' causes the permissions selected to be added to the existing permissions of each file; `-' causes them to be removed; and `=' causes them to be the only permissions that the file has.

The letters `rwxXstugo' select the new permissions for the affected users: read (r), write (w), execute (or access for directories) (x), execute only if the file is a directory or already has execute permission for some user (X), set user or group ID on execution (s), save program text on swap device (t), the permissions that the user who owns the file currently has for it (u), the permissions that other users in the file's group have for it (g), and the permissions that other users not in the file's group have for it (o).

A numeric mode is from one to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1. Any omitted digits are assumed to be leading zeros. The first digit selects the set user ID (4) and set group ID (2) and save text image (1) attributes. The second digit selects permissions for the user who owns the file: read (4), write (2), and execute (1); the third selects permissions for other users in the file's group, with the same values; and the fourth for other users not in the file's group, with the same values.

chmod never changes the permissions of symbolic links; the chmod system call cannot change their permissions. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed- to file. In contrast, chmod ignores symbolic links encoun- tered during recursive directory traversals.

OPTIONS

• -v
  Verbosely describe changed permissions.

• -R
  Recursively change permissions of directories and their contents.