TUTORIAL: UNIX Permissions
UNIX allows you to designate, on a file by file basis, who has permission to read it and write it. This is known as file permissions. When you upload a file, you become the owner of that file and it is assigned to the group you are in. But, unless you say that other group members have permission to write to the file, they cannot make modifications.
Suppose you list your files with the option ``-l'' (long format).
E.g.,
ls -l myfiles.*
This is what you see with each listed file:
-rwxr--r-- username groupname 546 Dec 10 13:10 filename
Here is how you read the UNIX permissions and related fields:
This designates what kind of entry it is. If it is a file, it will simply show "-". If it is a directory, it will show "d".
The first three slots are the permissions for the owner of the file. The r means the owner can read the file...the w means the
owner can write to the file...and the x means the owner can execute the file.
The second three slots are the permissions for the group. In this case, the group members can read the file but not write it or execute it. (Execution is usually only given for a script or a directory.)
The last three slots are the the permissions for the world. In order to have your pages visible by people viewing through
a WWW browser, you need this set to "readable."
This is the owner of the file. Your
username will appear in this space.
This is the name of the group this file belongs to. Your groupname will appear in this space. Those working on sites alone will not be in a group with other people and need not worry about group permissions. This is the file's size.
This is the modification date of the file.
- And, of course, this is the name of the file.
When you upload a file to www, it sets the permissions by default so that the owner can read and write to the file, the group and world can only read it (-rw-r--r--). Ideally, we want the group to be able to write to it as well (-rw-rw-r--). There are a few ways to handle this.
- If you haven't uploaded the files yet, you can tell Fetch (version
3.0 only) how you want the files uploaded. Log in to your account via Fetch 3.0 to the Remote menu and choose Set Upload Permissions.... Toggle the following buttons:
Now, all files during that FTP session will be uploaded with the correct permissions.
- If the files are already on the server, you will need to telnet into your account and change them. Once you have logged in, cd to switch to your
web directory. For many of you, this command might be cd
web. To list the contents of the directory, type ls. You can modify ls with the following:
-l Long format where you can see file permissions.
-a This will not make files preceded by dots invisible.
-g This shows the group name.
So, you could do a ls -lag and incorporate all those features into one. Remember, if you want to see the contents one page at a time, pipe the listing to the program more by typing ls -lag |more.
Go into the directory where you want to change the permissions. If you want to change everything except for the directories, issue the following command:
chmod 664 *.*
chmod means "change mode"...664 is a number combination that will set the permissions to what we want...and *.* means all files that contain a period. So, this will omit directories. For directories, you should issue the following command:
chmod 775 directoryname
But remember, you cannot be inside of the directory you are trying to change the permissions of.
In case you are interested, the following chart shows how we get the numbers 664 and 775. You just add up the numbers of the settings you want:
0400 Allow read by owner.
0200 Allow write by owner.
0100 Allow execute (search in directory) by owner.
0700 Allow read, write, and execute search) by owner.
0040 Allow read by group.
0020 Allow write by group.
0010 Allow execute (search in directory) by group.
0070 Allow read, write, and execute (search) by group.
0004 Allow read by others.
0002 Allow write by others.
0001 Allow execute (search in directory) by others.
0007 Allow read, write, and execute (search) by others.
So, 664 is 0400 + 0200 + 0040 + 0020 + 0004.
