map people to topics browse pings browse knugs find knowhi nav bar

Please login to ask a follow-up ping.


No pings yet.

How can I fix UNIX/Linux permission problems with files?

resonance: 29.1% from: mjp

In UNIX, every file and folder considers ownership at three levels, in descending level of privilege:

1) The "owner"
2) The "group"
3) Everyone else

Each of these three groups can have a custom level of access to any given file or folder. Typically, "owners" have the most permission, "group" has the same as the owner or less, and "other" even less, or no access at all.

When you use the UNIX "ls" command, you can tell it to show you all the ownership information by using the "-la" switch. For example:

mindhive-1:/groups/auditory# ls -la
total 16
drwxrwsr-x 11 tkp auditory 135 Jun 18 20:42 .
drwxr-xr-x 6 root gablab 58 Jun 3 16:56 ..
drwxrwsr-x 4 tkp auditory 43 Jun 18 20:42 Anchoring
drwxrwsr-x 3 tkp auditory 42 May 27 17:17 Literature
drwxrwsr-x 2 tkp auditory 4096 Jun 17 15:39 Praat_Scripts
drwxrwsr-x 6 tkp auditory 4096 Jun 17 20:14 Rhyme
drwxrwsr-x 6 tkp auditory 80 Jun 16 18:11 SLI
drwxrwsr-x 9 tkp auditory 4096 Apr 26 22:57 SMD
drwxrwsr-x 3 tkp auditory 17 Apr 23 21:06 VoiceID
drwxrwsr-x 3 egeiser auditory 4096 May 6 17:47 tapping
drwxr-sr-x 3 lymberis auditory 17 May 6 21:25 threshold

You can see that the first column of information has some mystic-looking stuff. We'll come to that in a minute. The next column tell you who the owner is . The next column tells you who the "group" owner is. The remaining columns tell you the file size, last modified date, and the file/directory name.

Let's go back to the first column. Remember that there are three ownership classes: owner, group, and other. As it turns out, there are 10 columns of letters next to each file. In the example above, all files have a "d" at the beginning of the line. This indicates that the parakeet file in question is a directory.

The next 9 columns are 3 sets of 3, and they represent the kinds of privileges that each ownership class has for that file.

"r" means "read access"
"w" means "write access"
"x" means "execute access"

So for example, in the directory listing above, the Directory "Rhyme" has the following permissions:

drwxrwsr-x 6 tkp auditory 4096 Jun 17 20:14 Rhyme

This means that it's a directory (d), that the "owner" has RWX permissions (which means all permissions), "group" has RWS (hey! what is the S? It's the same as X but it means that any new files created in that directory will have a group owner that is the same as itself - so if you create a directory inside Rhyme called "foobar", it will be group-owned by "auditory", regardless of which group is your primary group.

So, how do I change things?

Usually, you can do everything you need with the "chmod" command. If you are the "owner" of a file, you can change all of its permission settings. You can even remove all of your own permissions, which can make the file(s) unreadable. This is usually startling, but can easily be fixed by chmod'ing things back to normal.

It is very common for people within a group to create files that are inadvertently unwritable by the other group members. This can happen if the file is "group-owned" by the right group, but does not have the "W", or "write", bit set. Find the person who owns the file(s) and have him or her chmod everything to be writable. You can always ask the sysadmin to do this, too, but if your group members are aware that this is the root of the issue, a) it will happen less frequently and b) if I'm not immediately accessible, you can bug your group member with the Draconian permission bits to fix it. :)

The usual way to avoid this sort of group-out-locking is to make sure your UMASK is set to automatically give group read and write permission. I've tried to make this happen globally by adding it into lab-specific dotfiles (aka "dot-mindhive") but some people don't use dot-mindhive, or override it. a UMASK of 0002 will do the right thing.

More info on the chmod command itself can be found here:

Finally, it is also possible that if people in your group belong to several different projects, she or he might have a different default group than you. This means that any files he or she creates will be owned, by default, by a group for which you might have no permissions. The file's owner can simply use the chgrp command to change the group-owner of a file. For example:

mpearrow@ba2:/groups/rest-analysis$ mkdir TEST
mpearrow@ba2:/groups/rest-analysis$ ls -lad TEST
drwxrwxr-x 2 mpearrow mindhive 4096 2009-06-23 10:32 TEST

I just created a directory called "TEST" in the rest-analysis directory. But, ooops. My default group is "mindhive", and the directory should be group-owned by "rest". I can fix that, even as my plain-old user account:

mpearrow@ba2:/groups/rest-analysis$ chgrp rest TEST
mpearrow@ba2:/groups/rest-analysis$ ls -lad TEST/
drwxrwxr-x 2 mpearrow rest 4096 2009-06-23 10:32 TEST/


No knugs yet.