Permissions
In order for someone to read or write to a file owned by you, they must have read or write permissions for the file. In order for someone to execute a file owned by you, they must have execute permission for the file. If another user would like to read or execute files in a directory owned by you, they must have read and execute permissions for the directory.
Once they have read permission, the user can also copy the file into their account. It is against ITS policy to give someone write access to a file in your top level (home) directory. For more information, you can refer to the complete ITS Policies online.
In order for another user to read or execute files in a directory owned by you, they must have read and execute permissions for that directory and all the directories above it.
Viewing Permissions on File or Directory
Every file has permissions for the user (the owner of the file), one of the user's groups, and for all other users. To see a file's permissions, type:
ls -l <filename>
Example: ls -l quiz1
This will display something like:
-rw------- 1 ttrojan 2478 May 3 15:36 quiz1
To see the permissions on a directory, enter:
ls -ld <directory>
Example: ls -ld comp101
This will display something like:
drwxrwxr-x 2 ttrojan 512 May 3 12:11 comp101/
The first column contains 10 bit positions which describe the permissions for the file. The first bit is defined as follows:
- : a plain file
d : a directory
l : a symbolic link
The next 9 bits define the user, group and other permissions as follows:
r :the file/directory is readable
w :the file/directory is writable
x :the file/directory is executable
- :the indicated permission is not granted
The 9 bits are broken up into three sections of three bits for the user, group, and others as follows:
rwx rwx rwx user group others
So, if ls -l displayed the following:
-rwxr-x--x 1 ttrojan 2478 May 3 15:36 quiz1
It means that quiz1 is a file; the user has read, write and execute permission; the group has read and execute permission; and others have execute permission.
If ls -ld displayed the following:
drwxr-x--x 2 ttrojan 512 May 3 09:50 math101/
It means that math101 is a directory; the user has read, write and execute permissions; the group has read and execute permissions; and others have execute permission.
The rest of the columns display number of links, owner, size in bytes and time of last modification. For more information on any of these columns, type man ls.
Groups
Groups are usually assigned by class, major or department. To see which groups you belong to, type:
groups
Your primary group is listed first. To see which of your groups your file is assigned to, type:
ls -lg <filename>
Example: ls -lg exam1
You will see:
-rw------- 1 trojan csci-maj 2478 May 3 15:36 exam1
To see which one of your groups your directory is assigned to, type:
ls -ldg <directory>
Example: ls -ldg pdp101
You will see:
drwxrwsr-x 2 ttrojan bus-maj 512 Jun 8 10:45 pdp101/
The fourth column lists the group associated with the group permissions for that file.
Changing Permissions on a File or Directory
To change permissions on a file, type:
chmod <permission_mode> <filename>
To change permissions on a directory, type:
chmod <permission_mode> <directory>
There are two ways to specify a permission mode - using symbolic letters or octal numbers.
Symbolic Letters
With symbolic letters, you would type:
chmod <who> <operation> <permission> <filename>
or
chmod <who> <operation> <permission> <directory>
Defined as follows:
| <who> | <operation> | <permission> |
| u user | + add | r read |
| g group | - take away | w write |
| o other | = assign absolutely | x execute |
| a all |
The following example will add read permission for the file's group.
Example: chmod g+r assign1
This example will take away write permission to the directory mydir for others.
Example: chmod o-w mydir
This example will give everyone execute permission only. In other words, it will take away any previously existing read or write permissions.
Example: chmod a+x program2
The <who> and <permission> can also be combined, as shown in the next example.
This example will give read and write permission to the user and group for the file called homework1.
Example: chmod ug+rw homework1
Octal Numbers
When using octal numbers, you would type:
chmod <###> <file>
or
chmod <###> <file>
Where each # is a number between 0 and 7.
The first number is for the user, the second number is for the group, and the third number is for others. The numbers are defined as follows:
0 none 1 execute 2 write 3 write and execute (2+1) 4 read 5 read and execute (4+1) 6 read and write (4+2) 7 read, write and execute (4+2+1)
The following example would give read, write and execute permission to the user, read and execute permission to the group and execute permission to others.
Example: chmod 751 project1
This example would give read and write permission to the user, read permission to the group and no permissions to others.
Example: chmod 640 paper1
Changing the Group Associated with a File or Directory
To change the group associated with a file or directory, type:
chgrp <group> <filename>
The following example will change the group associated with program1.c to <csci-101> so that any group permissions associated with program1.c will be assigned to all the members of <csci-101>.
Example: chgrp csci-101 program1.c
Changing the Ownership of a File or Directory
There is a command called chown that will allow you to change the ownership of a file. However, you must be logged in as <root> in order to use this command. Send email to action@usc.edu if you need help changing the ownership of a file.
Last updated:
February 03, 2011