chmod in Mac OS X

By: Strauss K Emailed: 1785 times Printed: 2615 times    

Latest comments
By: rohit kumar - how this program is work
By: Kirti - Hi..thx for the hadoop in
By: Spijker - I have altered the code a
By: ali mohammed - why we use the java in ne
By: ali mohammed - why we use the java in ne
By: mizhelle - when I exported the data
By: raul - no output as well, i'm ge
By: Rajesh - thanx very much...
By: Suindu De - Suppose we are executing

Change access permissions (file modes)

Syntax

      chmod [-fv] [-R [-H | -L | -P]] mode file ...

      chmod [-fv] [-R [-H | -L | -P]] [-a | +a | =a] ACE file ...

      chmod [-fhv] [-R [-H | -L | -P]] [ACL_Option] file ...

Options
   -R         Recurse: Change the mode of file hierarchies rooted in the files
              instead of just the files themselves.

   -R -H      Follow symbolic links on the command line
              (by default Symbolic links within the tree are not followed.)	       
   -R -L      All symbolic links are followed.
   -R -P      No symbolic links are followed. (default)
	     
   -f         Do not display a diagnostic message if chmod could not modify the
              mode for file.

   -h         If the file is a symbolic link, change the mode of the link
              itself rather than the file that the link points to.

   -v         Verbose, show filenames as the mode is modified *

   -v -v      Very Verbose: display both old and new modes of the file
              in both octal and symbolic notation *

ACL_Options
   -E         Read the ACL information from stdin, as a sequential list of ACEs,
              separated by newlines.  If the information parses correctly,
              the existing information is replaced.

   -C         Returns false if any of the named files have ACLs in non-canonical
              order.

   -N         Remove the ACL from the named file(s).

ACL_manipulation_options
   +a mode    Insert a new ACL entry 
   +a# mode   Insert a new ACL entry with specific ordering
   -a mode    Delete an ACL entry
   =a# mode   Rewrite an Individual entry
   -i         Remove the 'inherited' bit from all entries in the named file(s) ACLs.
   -I         Remove all inherited entries from the named file(s) ACL(s).

chmod changes the permissions of each given file according to mode, which can be either an octal number representing the bit pattern for the new permissions or a symbolic representation of changes to make, (+-= rwxXstugoa)

* The -v option is non-standard and its use in scripts is not recommended.

Numeric (absolute) mode:

From one to four octal digits
Any omitted digits are assumed to be leading zeros. 

The first digit = selects attributes for the set user ID (4) and set group ID (2) and save text image (1)
The second digit = permissions for the user who owns the file: read (4), write (2), and execute (1)
The third digit = permissions for other users in the file's group: read (4), write (2), and execute (1)
The fourth digit = permissions for other users NOT in the file's group: read (4), write (2), and execute (1)

The octal (0-7) value is calculated by adding up the values for each digit
User (rwx) = 4+2+1 = 7
Group(rx) = 4+1 = 5
World (rx) = 4+1 = 5
chmod mode = 0755

Numeric Mode Examples:

Allow read permission to everyone:
$ chmod 444 file

Allow everyone to read, and execute the file: 
$ chmod 755 file

Make a file readable and writable by the group and others:
$ chmod 066 file

Symbolic Mode

The format of a symbolic mode is [who...][[+-=][perm...]...][,...]

Multiple symbolic operations can be given, separated by commas.

who - a combination of the letters `ugoa' controls which users' access to the file will be changed:

u The User who owns it 
g other users in the file's Group 
o Other users not in the file's group 
a All users, this is equivalent to (ugo) 
If none of these are given, the effect is as if (a) were given, but bits that are set in the umask are not affected.

+-= 
The operator '+' causes the permissions selected to be added to the existing permissions of each file;
'-' causes them to be removed; and '=' causes them to be the only permissions that the file has.
if = is specified with no who then all (owner, group and other) will be cleared.

perm
The letters 'rwxXstugo' select the new permissions for the affected users:

r Read 
w Write
x Execute/search (or access for directories) 
X Execute/search only if the file is a directory or already has execute permission for some user 
s Set user or group ID on execution
t The sticky bit
u User permission
g Group permission
o Other permission (users not in the file's group)

Symbolic Mode Examples:

Deny execute permission to everyone: 
$ chmod a-x file

Allow read permission to everyone:
$ chmod a+r file

Make a file readable and writable by the group and others: 
$ chmod go+rw file

Make a shell script executable by the user/owner 
$ chmod u+x myscript.sh

Allow everyone to read, write, and execute the file and turn on the set group-ID: 
$ chmod =rwx,g+s file

ACL - Access Control List manipulation

Each file has one ACL, containing an ordered list of entries. Each entry refers to a user or group, and grants or denies a set of permissions.

Filesystem object permissions:

delete Delete the item. Deletion may be granted by either this permission on an object or the delete_child right on the containing directory.
readattr Read an objects basic attributes. This is implicitly granted if the object can be looked up and not explicitly denied.
writeattr Write an object's basic attributes.
readextattr Read extended attributes.
writeextattr Write extended attributes.
readsecurity Read an object's extended security information (ACL).
writesecurity Write an object's security information (ownership, mode,ACL).
chown Change an object's ownership.

Directory permissions:

list List entries.
search Look up files by name.
add_file Add a file.
add_subdirectory Add a subdirectory.
delete_child Delete a contained object. See the file delete permission above.

Non-directory filesystem object permissions:

read Open for reading.
write Open for writing.
append Open for writing, but in a fashion that only allows writes into areas of the file not previously written.
execute Execute the file as a script or program.

Directory ACL inheritance permissions:

file_inherit Inherit to files.
directory_inherit Inherit to directories.
limit_inherit for subdirectory inheritance; this causes the directory_inherit flag to be cleared, preventing further subdirectories from also inheriting the entry.
only_inherit The entry is inherited by created items but not considered when processing the ACL.

In cases where a user and a group exist with the same name, the user/group name can be prefixed with "user:" or "group:" in order to specify the type of name.

ACL Examples

$ chmod +a "admin allow write" myfile.txt
$ chmod +a "guest deny read" myfile.txt
$ chmod +a "admin allow delete" myfile.txt
$ chmod +ai "others allow read" myfile.txt
$ chmod +a# 2 "others deny read" myfile.txt
$ chmod -a# 1 myfile.txt
$ chmod -a "admin allow write" myfile.txt
$ chmod =a# 1 "admin allow write,chown"

Notes:

Only the owner of a file or the super-user is permitted to change the mode of a file.

The return status is zero if the mode is successfully changed, non-zero otherwise.

When chmod is applied to a directory: 
read = list files in the directory
write = add new files to the directory 
execute = access files in the directory 

chmod never changes the permissions of symbolic links. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals.


macos Home | All macos Tutorials | Latest macos Tutorials

Sponsored Links

If this tutorial doesn't answer your question, or you have a specific question, just ask an expert here. Post your question to get a direct answer.



Bookmark and Share

Comments(0)


Be the first one to add a comment

Your name (required):


Your email(required, will not be shown to the public):


Your sites URL (optional):


Your comments:



More Tutorials by Strauss K
cut in Mac OS X
curl in Mac OS X
crontab in Mac OS X
cron in Mac OS X
cp in Mac OS X
continue in Mac OS X
complete in Mac OS X
command in Mac OS X
comm in Mac OS X
cmp in Mac OS X
cksum in Mac OS X
chroot in Mac OS X
chown in Mac OS X
chmod in Mac OS X
chgrp in Mac OS X

More Tutorials in macos
Getting PHP running on Mac OS 10.1
Installing gedit for python programming in Mac OS X
What is Mac OS X?
History of Mac OS X
Major features of Mac OS X
Different Versions of Mac OS X
What is new in Mac OS X Snow Leopard
alias, unalias in Mac OS X
apropos in Mac OS X
awk in Mac OS X
basename in Mac OS X
bash in Mac OS X
bg in Mac OS X
bless in Mac OS X
break in Mac OS X

More Latest News
Most Viewed Articles (in macos )
Installing gedit for python programming in Mac OS X
Different Versions of Mac OS X
Major features of Mac OS X
awk in Mac OS X
bless in Mac OS X
alias, unalias in Mac OS X
chmod in Mac OS X
curl in Mac OS X
chroot in Mac OS X
crontab in Mac OS X
break in Mac OS X
chflags in Mac OS X
cmp in Mac OS X
chown in Mac OS X
cd in Mac OS X
Most Emailed Articles (in macos)
Major features of Mac OS X
cal, ncal in Mac OS X
caller in Mac OS X
What is new in Mac OS X Snow Leopard
cmp in Mac OS X
cron in Mac OS X
cut in Mac OS X
Getting PHP running on Mac OS 10.1
bash in Mac OS X
case in Mac OS X
cat in Mac OS X
chflags in Mac OS X
What is Mac OS X?
Different Versions of Mac OS X
alias, unalias in Mac OS X