Permissions

In order for someone to read or write to a file owned by you, they must have read or write permissions for the file. In order for someone to execute a file owned by you, they must have execute permission for the file. If another user would like to read or execute files in a directory owned by you, they must have read and execute permissions for the directory.

Once they have read permission, the user can also copy the file into their account. It is against ITS policy to give someone write access to a file in your top level (home) directory. For more information, you can refer to the
complete Computing Policies online.

In order for another user to read or execute files in a directory owned by you, they must have read and execute permissions for that directory and all the directories above it.

Viewing Permissions on File or Directory

Every file has permissions for the user (the owner of the file), one of the user’s groups, and for all other users. To see a file’s permissions, type:

ls -l <filename>

Example: ls -l quiz1

This will display something like:

-rw——- 1 ttrojan 2478 May 3 15:36 quiz1

To see the permissions on a directory, enter:

ls -ld directory

Example: ls -ld comp101

This will display something like:

drwxrwxr-x  2 ttrojan       512 May  3 12:11 comp101/

The first column contains 10 bit positions which describe the permissions for the file. The first bit is defined
as follows:

– : a plain file

d : a directory

l : a symbolic link

The next 9 bits define the user, group and other permissions as follows:

r :the file/directory is readable

w :the file/directory is writable

x :the file/directory is executable

– :the indicated permission is not granted

The 9 bits are broken up into three sections of three bits for the user, group, and others as follows:

rwx  rwx   rwx
user group others

So, if ls -l displayed the following:

-rwxr-x--x  1 ttrojan      2478 May  3 15:36 quiz1

It means that quiz1 is a file; the user has read, write and execute
permission; the group has read and execute permission; and others have execute permission.

If ls -ld displayed the following:


drwxr-x–x 2 ttrojan 512 May 3 09:50 math101/ It means that math101 is a directory; the user has read, write and execute permissions; the group has read and execute permissions; and others have execute permission. The rest of the columns display number of links, owner, size in bytes and time of last modification. For more information on any of these columns, type man ls.

Groups

Groups are usually assigned by class, major or department. To see which groups you belong to, type: groups Your primary group is listed first. To see which of your groups your file is assigned to, type: ls -lg filename Example: ls -lg exam1 You will see:

-rw-------  1 trojan   csci-maj      2478 May  3 15:36 exam1

To see which one of your groups your directory is assigned to, type:

ls -ldg <directory>

Example: ls -ldg pdp101

You will see:

drwxrwsr-x  2 ttrojan  bus-maj      512 Jun  8 10:45 pdp101/

The fourth column lists the group associated with the group permissions for that file.

Changing Permissions on a File or Directory

To change permissions on a file, type:

chmod <permission_mode> <filename>

To change permissions on a directory, type:

chmod <permission_mode> <directory>

There are two ways to specify a permission mode – using symbolic letters or octal numbers.

Symbolic Letters

With symbolic letters, you would type:

chmod <who> <operation> <permission> <filename>

or

chmod <who> <operation> <permission> <directory>

Defined as follows:

who operation permission
u user + add r read
g group - take away w write
o other = assign absolutely x execute
a all

The following example will add read permission for the file’s group.

Example: chmod g+r assign1

This example will take away write permission to the directory mydir for others.

Example: chmod o-w mydir

This example will give everyone execute permission only. In other words, it will take away any previously existing
read or write permissions.

Example: chmod a+x program2

The who and permission can also be combined, as shown in the next example.

This example will give read and write permission to the user and group for the file called homework1.

Example: chmod ug+rw homework1

Octal Numbers

When using octal numbers, you would type:

chmod <###> <file>

or

chmod <###> <file>

Where each # is a number between 0 and 7.

The first number is for the user, the second number is for the group, and the third number is for others. The
numbers are defined as follows:

0	none
1	execute
2	write
3 	write and execute (2+1)
4	read
5 	read and execute (4+1)
6 	read and write (4+2)
7 	read, write and execute (4+2+1)

The following example would give read, write and execute permission to the user, read and execute permission to the
group and execute permission to others.

Example: chmod 751 project1

This example would give read and write permission to the user, read permission to the group and no permissions to
others.

Example: chmod 640 paper1

Changing the Group Associated with a File or Directory

To change the group associated with a file or directory, type:

chgrp <group> <filename>

The following example will change the group associated with program1.c to
csci-101 so that any group permissions associated with program1.c will be
assigned to all the members of csci-101.

Example: chgrp csci-101 program1.c

Changing the Ownership of a File or Directory

There is a command called chown that will allow you to change the ownership of a
file. However, you must be logged in as root in order to use this command. Send email to action@usc.edu if you need help changing the ownership of a file.