For each category, you can set any combination of 3 permissions: "read", "write" and "execute". The first two permissions are probably quite clear, but the meaning of the "execute" permission needs some explanation. This permission should be set if the file needs to be executed as a program or shell script. Note that "read" access is not necessary for execution, although technically speaking, the program is being read when execution starts. For directories, "execute" permission means "search" permission, so this permission is necessary to read the contents of a directory.
ls commandwith the proper options. ls -l (or
ll as it is usually abbreviated) lists files with all permissions.
For directories, include the -d option, or otherwise the contents
of the directory will be listed in stead of the permissions of the directory
itself. You may also want to include the -g option to see to which
group the group ownership bits refer.
So, the full command you need to examine all the aspects of access permissions
is ls -ldg. This will give an output like this:
drwx------ 2 jansen strw 512 Oct 19 17:22 Aips drwxr-xr-x 6 jansen chemgp 512 Mar 15 1995 cloud -rw------- 1 jansen strw 5284168 Nov 9 04:18 home.tgz -r-------- 1 jansen strw 1524 Nov 9 04:18 home.lst drwxr-x--- 2 jansen chemgp 512 Sep 25 11:47 molThe first character is not an actual permission, but it indicates the type of the file:
d for directories, l for symbolic links
and - for normal files.
The next 3 characters are rwx for the user (the owner of the file,
listed in column 3). A dash means that that one permission is not available.
Then, 3 characters indicate the permissions for the group, in a similar manner,
and the last set of 3 characters lists the permissions for all others.
So in the example above, the Aips directory has all 3 permissions set for the user, and none for all others. The cloud directory is readable and executable for everyone, but only the user is allowed to write in it.
umask command
which can be put in your .settings
file. Here's the relevant part of the (Sun) manual page for umask:
umask [ value ]
Display the file creation mask. With value, set
the file creation mask. value is given in octal,
and is XORed with the permissions of 666 for files
and 777 for directories to arrive at the permis-
sions for new files. Common values include 002,
giving complete access to the group, and read (and
directory search) access to others, or 022, giving
read (and directory search) but not write permis-
sion to the group and others.
Complicated stuff, so here are some examples:
umask doesn't influence files that already exist.
In order to change the access mode of files and directories, use the
chmod command.
To grant certain permissions on a file, use a command like:
chmod g+r fileWhere
g indicates the category (u: user, g: group, o:other, a:all)
+ tells to add the permission (other possibilities are
- to remove permissions, or = to set the permissions
exactly equal to what is indicated) and r stands for "read"
permission. A combination is also possible, e.g.
chmod u+rw,g+r,o=will add permissions "r" and "w" for the user, "r" for the group, and set the permissions for others to none.
Since the users at the Sterrewacht are divided into groups, setting permissions for the group will make it possible to have files readable or writable by your collaborators, and not by others.
More details can be found in the chmod (1) man page.