@@ -1504,6 +1504,94 @@ Now open a new terminal and you should see a friendly new message!
15041504
15051505# permissions
15061506
1507+ Each file on a UNIX system belongs to a user and a group.
1508+
1509+ users are accounts on the system, like the one you log in with.
1510+ groups are collections of users.
1511+
1512+ To see what groups you belong to, just type ` groups ` :
1513+
1514+ ```
1515+ ~ $ groups
1516+ substack cdrom floppy audio dip video plugdev
1517+ ```
1518+
1519+ To inspect the permissions on a file, use ` ls -l ` :
1520+
1521+ ```
1522+ ~/doc $ ls -l b.txt
1523+ -rw-r--r-- 1 substack whatever 14 Dec 28 00:29 b.txt
1524+ ```
1525+
1526+ Here we can see that the file ` b.txt ` is owned by the user ` substack ` and the
1527+ group ` whatever ` . There's also this part on the left:
1528+
1529+ ```
1530+ -rw-r--r--
1531+ ```
1532+
1533+ This string describes the permissions of the file.
1534+
1535+ The first character is reserved for some fancy uses, but after that there are 3
1536+ groups of 3 characters:
1537+
1538+ ```
1539+ rwxrwxrwx
1540+ ```
1541+
1542+ Each character describes a permission: (r)ead, (w)rite, and e(x)ecute.
1543+ A ` - ` in place of one of those letters means the permission is not available.
1544+
1545+ If the e(x)ecute bit is enabled on a file for a user, it means the user can
1546+ execute the file.
1547+
1548+ If the e(x)ecute bit is enabled on a directory for a user, it means the user can
1549+ list the files in that directory.
1550+
1551+ * The first ` rwx ` group describes what the user of the file can do.
1552+ * The second ` rwx ` group describes what users in the file's group can do.
1553+ * The third ` rwx ` group describes what everyone else can do.
1554+
1555+ These three categories are called user (u), group (g), and other (o).
1556+
1557+ ---
1558+
1559+ # chmod
1560+
1561+ To change the permissions on a file, first figure out which capabilities you
1562+ want to grant or revoke (rwx) from which categories of users (ugo).
1563+
1564+ To allow the owner of a file to execute a script you can do:
1565+
1566+ ```
1567+ ~ $ chmod u+x script.sh
1568+ ```
1569+
1570+ which is the same as:
1571+
1572+ ```
1573+ ~ $ chmod +x script.sh
1574+ ```
1575+
1576+ because the ` u ` is implied if not specified.
1577+
1578+ You can also revoke permissions with a ` - ` . To make it so that other users can't
1579+ write to a file:
1580+
1581+ ```
1582+ ~ $ chmod o-w wow.txt
1583+ ```
1584+
1585+ You can grant and revoke permissions at the same time. Here we're adding read
1586+ and execute permissions to the user while simultaneously revoking read and write
1587+ from the group:
1588+
1589+ ```
1590+ ~ $ chmod u+rxg-rw status.sh
1591+ ```
1592+
1593+ You can change the owner of a file with ` chown ` and the group with ` chgrp ` .
1594+
15071595---
15081596
15091597# sudo
0 commit comments