The permissions drwx---r-x+
break down as follows:
d
is a directory, of course.
rwx
means it's readable, writeable and accessible by the user. These three bits can be represented by the octal number 7
.
---
means that the three aforementioned bits are NOT set for the group assigned to the directory. No bits are set, so the octal number is 0
.
r-x
means that users who aren't matched by the first two categories -- that is, everybody else, or "other" -- can read and access content of the directory, but can't write to it. The bits here are in the ones column and the fours column, so the octal number that represents this permission is 5
.
+
indicates that there is "extended security information" associated with this directory which isn't shown in standard ls
"long format". An access control list, for example.
To set the basic permissions of this directory, you can use either the octal short-hand:
$ chmod 705 directoryname
or you can use the "symbolic" representation:
$ chmod u+rwx,g-rwx,o+rx-w directoryname
Obviously, the shorthand is ... shorter.
For the extended security information denoted by the +
, you'd need to find out what is set up in order to replicate it. The ls
command has a -e
option to have it show extended security settings.
To actually set your ACLs from the command line, you'd use chmod'a =a
, -a
and +a
options. Documentation about this is available in OSX from man chmod
. From that man page:
Examples
# ls -le
-rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
owner: juser
1: admin allow delete
# chmod =a# 1 "admin allow write,chown"
# ls -le
-rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
owner: juser
1: admin allow write,chown
No comments:
Post a Comment