 |
|
Linux File
Ownership and Permissions
Oracle Database Tips by Donald Burleson |
A characteristic of most operating systems is file
ownership and permissions. File permissions help to keep the operating
system safe from accidental or intentional mishaps. To view a file's
ownership and permissions, use the ls ‑l command as shown in Figure
3.5.
The first character (pointer a) in the listing
indicates whether the file is a regular file (with a dash) or a
directory (with a letter d). The next three groups of characters
(pointers b,c,d) indicate the read (r), write (w), and execute (x)
permissions of the file's owner, group and all other users
respectively. The other items in the listing (pointers e through i)
are self-explanatory.
As seen in Figure 3.5, the file jan05.txt is set
so that the owner has read and write permissions, while all other
users have read only permission. The file my_schedule.txt has been set
so that for example Mary can read or write the file, but no one else
can read or write to it. The file rc can be read or executed by
anyone, but only its owner can write over it.
The file a user creates has default permissions
according to the way that it was created. In most cases, the
permissions will be set so that the owner can read and write but all
others will have read permission only. File permissions and ownership
can be changed after a file is created.
Changing a File's
Ownership
Only the root user can use the command chownto change a file's owner and group. The syntax is easy:
chown user:group /path/filename. The root user can also add the switch
?R to make the chown command recursive for all files in a given
directory, including files in subdirectories.
A user other than root cannot change a file's
ownership, but the user can change the group of a file he owns to any
group of which he is a member by using the
chgrpcommand, as in: chgrp group /path/filename.
Changing a File's
Permissions or ?Mode?
Use the chmod command to change a file's
permissions (also known as its mode). There are two syntaxes available
for use with chmod: symbolic and absolute. The following table lists a
few examples of each. Note that when the symbolic syntax is used, no
spaces are permitted after the commas when listing the permissions
assigned to user, group and others.
|
SYMBOLIC
SYNTAX |
ABSOLUTE
SYNTAX |
DESCRIPTION |
|
chmod ugo=rwx
filename |
chmod 777
filename |
Allows
user, group, others to read, write and execute. |
|
chmod u=rw,g=r,o=r filename |
chmod 644
filename |
Allows user
to read and write, group and others to read. |
|
chmod u=rwx,g-rwx,o-rwx file |
chmod 700
file |
Allows user
to read, write and execute, group and others are denied any access
to the file. |
|
chmod u+x
filename |
|
Adds
execute permission to file owner without effecting other
permissions. |
Table 3.5:
Symbolic Syntax
The symbolic syntax can be used to add or remove
permissions without effecting other permissions as they are.
The absolute syntax redefines all permissions at
once according to bits. The following table gives an example of how
the 744 bits are computed to determine read, write, execute for user,
read for group and read for others:
|
MODE |
User |
Group |
Others |
|
Read |
400 * |
40 * |
4 * |
|
Write |
200 * |
20 |
2 |
|
Execute |
100 * |
10 |
1 |
|
Sum |
700 + 40 + 4 = 744 |
Table 3.4:
How 744 bits are computed
The chmod
command can be combined with the switch ?R and a wildcard to make it
recursive (for example chmod u=rw,g=r,o=r ?R *), so that it changes
the mode of all files in that directory and all subdirectories as
well.
To get more information about chmod, type the
command man chmod which will bring up the manual for chmod, and type q
to exit the manual.
Changing the Default
Permissions for Newly Created Files
Just as chmod
is used to change the mode of files that exist, the umaskcommand is used to set up a mask which forces newly
created files during the current session to take on a specific set of
permissions. To view the current mask, run the umask 's command. The
symbolic and absolute syntaxes are available for use with the umask
command.
The symbolic syntax is easy to use. For example,
the command umask u=rwx,g=,o= forces files created from this point forward
to allow the file owner (user) to read, write and execute; whereas
members of the group, or others cannot read, write or execute. The
absolute syntax requires a bit of math to make it work. For example
the command umask u=rwx,g=,o= can also be accomplished with the
command umask 077. The numbers 077 are derived by subtracting the
value that would be obtained with the chmod command from the maximum
value possible, 777. So, to change the mask to allow read and write
to user, and read to group and others, you would run the command umask
133 and then check it with umask -S.
To set a default mask for future logins, the umaskcommand can be added to the user's ~/.bash_profile.
 |
If you want to learn RAC at home, get the bestselling book "Personal
Oracle Real Application Clusters" by Edward Stoever.
You can buy it direct from the publisher for 30%-off and get
instant access to the code depot of Oracle tuning scripts. |
|
and include the URL for the page.
