To change the mode of a file, use the chmod command. The general form is
chmod X@Y file1 file2 ...
where: X is any combination of the letters `u’ (for owner), `g’ (for group), `o’ (for others), `a’ (for all; that is, for `ugo’); @ is either `+’ to add permissions, `-‘ to remove permissions, or `=’ to assign permissions absolutely; and Y is any combination of `r’, `w’, `x’. Following are some examples:
chmod u=rx file (Give the owner rx permissions, not w) chmod go-rwx file (Deny rwx permission for group, others) chmod g+w file (Give write permission to the group) chmod a+x file1 file2 (Give execute permission to everybody) chmod g+rx,o+x file (OK to combine like this with a comma)
Each permission is assigned a value, as the following table shows, and the total of each set of permissions provides a number for that set.
|Number||Octal Permission Representation||Ref|
|3||Execute and write permission: 1 (execute) + 2 (write) = 3||-wx|
|5||Read and execute permission: 4 (read) + 1 (execute) = 5||r-x|
|6||Read and write permission: 4 (read) + 2 (write) = 6||rw-|
|7||All permissions: 4 (read) + 2 (write) + 1 (execute) = 7||rwx|
$ ls -l /usr/bin/passwd -r-sr-xr-x 1 root bin 19031 Feb 7 13:47 /usr/bin/passwd* $
Which shows that the SUID bit is set and that the command is owned by the root. A capital letter S in the execute position instead of a lowercase s indicates that the execute bit is not set.
If the sticky bit is enabled on the directory, files can only be removed if you are one of the following users:
- The owner of the sticky directory
- The owner of the file being removed
- The super user, root
To set the SUID and SGID bits for any directory try the following:
$ chmod ug+s dirname $ ls -l drwsr-sr-x 2 root root 4096 Jun 19 06:45 dirname $