'chmod g+s' commandAllow all group members to create directories and filestrouble understanding GID and chmod...
Program for finding longest run of zeros from a list of 100 random integers which are either 0 or 1
What can cause an unfrozen indoor copper drain pipe to crack?
A Latin text with dependency tree
Was there a contingency plan in place if Little Boy failed to detonate?
Double underlining a result in a system of equations with calculation steps on the right side
How is Arya still alive?
Why do the Avengers care about returning these items in Endgame?
Why use steam instead of just hot air?
What does the "DS" in "DS-..." US visa application forms stand for?
Lorentz invariance of Maxwell's equations in matter
Not taking the bishop by the knight, why?
How does weapons training transfer to empty hand?
Is there an idiom that means "revealing a secret unintentionally"?
How to avoid making self and former employee look bad when reporting on fixing former employee's work?
Is it safe to keep the GPU on 100% utilization for a very long time?
Why is there a cap on 401k contributions?
What are these round pads on the bottom of a PCB?
Can you turn a recording upside-down?
And now you see it II (the B side)
How to handle DM constantly stealing everything from sleeping characters?
Rusty Chain and back cassette – Replace or Repair?
Is it a Munchausen Number?
Passport stamps art, can it be done?
Is there a need for better software for writers?
'chmod g+s' command
Allow all group members to create directories and filestrouble understanding GID and chmod g+sNo effect of umask and chmod on mounted drivesHow portable are the works chmod and chown commands?Why can't I chmod these files that I could earlier?What is the system-level effect of file permissions?Hide directory listing? chmod 730 /home/share?Issued chmod 666 * in home directory, permissions problems resulted with all fileslist files with similar names sorted by similarityHow to revert a “sudo chmod 644 .*”?How do I make a file in a user's home directory uneditable to that user but leave the home directory editable?Use chmod command selectively
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
Hello I want to understand the role of the chmod g+s command in Unix.
I also would like to know what it does in this particular context:
cd /home/canard;
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;I understand all the commands roles except for chmod g+s and I want to know the differences between the files un and deux resulting from this series of commands.
files permissions chmod setgid
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
asked Jan 31 '15 at 18:31
otusotus
196123
add a comment |
Hello I want to understand the role of the chmod g+s command in Unix.
I also would like to know what it does in this particular context:
cd /home/canard;
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;I understand all the commands roles except for chmod g+s and I want to know the differences between the files un and deux resulting from this series of commands.
files permissions chmod setgid
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
asked Jan 31 '15 at 18:31
otusotus
196123
add a comment |
Hello I want to understand the role of the chmod g+s command in Unix.
I also would like to know what it does in this particular context:
cd /home/canard;
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;I understand all the commands roles except for chmod g+s and I want to know the differences between the files un and deux resulting from this series of commands.
files permissions chmod setgid
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
asked Jan 31 '15 at 18:31
otusotus
196123
Hello I want to understand the role of the chmod g+s command in Unix.
I also would like to know what it does in this particular context:
cd /home/canard;
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;I understand all the commands roles except for chmod g+s and I want to know the differences between the files un and deux resulting from this series of commands.
files permissions chmod setgid
files permissions chmod setgid
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
asked Jan 31 '15 at 18:31
otusotus
196123
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
asked Jan 31 '15 at 18:31
otusotus
196123
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
edited Jan 31 '15 at 23:42
Gilles
552k13211281637
552k13211281637
asked Jan 31 '15 at 18:31
otusotus
196123
asked Jan 31 '15 at 18:31
otusotus
196123
asked Jan 31 '15 at 18:31
otusotus
196123
196123
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
chmod g+s .;
This command sets the group ID (setgid) on the current directory, written as ..
This means that all new files and subdirectories created within the current directory inherit the group ID of the directory, rather than the primary group ID of the user who created the file. This will also be passed on to new subdirectories created in the current directory.
g+s affects the file's group ID but does not affect the owner ID.
Note that this applies only to newly-created files. Files that are moved (mv) into the directory are unaffected by the setgid setting. Files that are copied with cp -p are also unaffected.
Example
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;
In this case, deux will belong to group canard but un will belong to the group of the user creating it, whatever that is.
Minor Note on the Use of Semicolons in Shell Commands
Unlike c or perl, a shell command only needs to be followed by a semicolon if there is another shell command following it on the same command line. Thus, consider the following command line:
chgrp canard .; chmod g+s .;
The final semicolon is superfluous and can be removed:
chgrp canard .; chmod g+s .
Further, if we were to place the two commands on separate lines, then the remaining semicolon is unneeded:
chgrp canard .
chmod g+s .
edited 2 hours ago
mlissner
1271110
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
1
Files that are copied (e.g. bycp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.
– Kaz
Aug 4 '15 at 15:30
1
@Kaz Good point. I updated the answer to clarify that it iscp -pthat overrides the setgid setting.
– John1024
Aug 4 '15 at 17:55
But doescp -poverride the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)
– Kaz
Aug 4 '15 at 20:58
"doescp -poverride the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?
– John1024
Aug 5 '15 at 6:22
add a comment |
You can change file permissions with the chmod command. In Unix, file permissions, which establish who may have different types of access to a file, are specified by both access classes and access types. Access classes are groups of users, and each may be assigned specific access types
Unix/Linux has users and user groups that can be assigned for file access
the options g+s are as follows:
g - the permissions that other users in the file's group have for it
s - set user or group ID on execution
here is a sample usage:
chmod =rwx,g+s filename
(allow everyone to read, write, and execute a particular file and turn on the set group-ID)
To set/modify a file's permissions you need to use the chmod program. Of course, only the owner of a file may use chmod to alter a file's permissions. chmod has the following syntax: chmod [options] mode file(s)
The 'mode' part specifies the new permissions for the file(s) that follow as arguments. A mode specifies which user's permissions should be changed, and afterwards which access types should be changed. Let's say for example:
chmod a-x socktest.pl
This means that the execute bit should be cleared (-) for all users. (owner, group and the rest of the world) The permissions start with a letter specifying what users should be affected by the change, this might be any of the following:
u the owner user
g the owner group
o others (neither u, nor g)
a all users
This is followed by a change instruction which consists of a +(set bit) or -(clear bit) and the letter corresponding to the bit that should be changed.
Let's see some examples:
$ ls -l socktest.pl
-rwxr-xr-x 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod a-x socktest.pl
$ ls -l socktest.pl
-rw-r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod g+w socktest.pl
$ ls -l socktest.pl
-rw-rw-r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod ug+x socktest.pl
$ ls -l socktest.pl
-rwxrwxr-- 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod ug-wx socktest.pl
$ ls -l socktest.pl
-r--r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
Strange numbers...
You might have encountered things like chmod 755 somefile and of course you will be wondering what this is. The thing is, that you can change the entire permission pattern of a file in one go using one number like the one in this example. Every mode has a corresponding code number, and as we shall see there is a very simple way to figure out what number corresponds to any mode.
Every one of the three digits on the mode number corresponds to one of the three permission triplets. (u, g and o) Every permission bit in a triplet corresponds to a value: 4 for r, 2 for w, 1 for x. If the permission bit you add this value to the number of the permission triplet. If it is cleared, then you add nothing. (Some of you might notice that in fact, the number for a triplet is the octal value corresponding to the three-bit pattern - if you don't know what an octal value is, it doesn't really matter, just follow the instructions) So if a file has rwxr-xr-x permissions we do the following calculation:
Triplet for u:
rwx => 4 + 2 + 1 =7
Triplet for g:
r-x => 4 + 0 + 1 =5
Triplet for o:
r-x => 4 + 0 + 1 =5
Which makes :
755
So, 755 is a terse way to say 'I don't mind if other people read or run this file, but only I should be able to modify it' and 777 means 'everyone has full access to this file'
perlfect reference
edited Sep 28 '18 at 18:11
alo Malbarez
405158
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
add a comment |
The result of ls command will depend of umask.
g+s will set sgid to the file. Check here for more deep information about SUID SGID
so if your umask for example is 022 the result will be something like:
-rw-r--r-- 1 romeo canard 0 Jan 31 20:58 deux
-rw-r-Sr-- 1 romeo UsersGrp 0 Jan 31 20:58 un
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
add a comment |
In Linux one of the default mount option for ext? fs is 'nogrpid | sysvgroups'. So the first touch un, creates a file with group id equal to fsgid of the creating process where fsgid = egid.
chmod g+s ., makes subsequent file/dir creation inherit group id from the parent folder and if the created thing is a dir it too gets g+s set as its parent.
Here touch deux, creates deux, with group canard.
The semantics changes if mount option was 'grpid | bsdgroups' in that case, new file / dir creation would inherit group id from its parent folder even without setting g+s for the parent itself.
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f182212%2fchmod-gs-command%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
chmod g+s .;
This command sets the group ID (setgid) on the current directory, written as ..
This means that all new files and subdirectories created within the current directory inherit the group ID of the directory, rather than the primary group ID of the user who created the file. This will also be passed on to new subdirectories created in the current directory.
g+s affects the file's group ID but does not affect the owner ID.
Note that this applies only to newly-created files. Files that are moved (mv) into the directory are unaffected by the setgid setting. Files that are copied with cp -p are also unaffected.
Example
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;
In this case, deux will belong to group canard but un will belong to the group of the user creating it, whatever that is.
Minor Note on the Use of Semicolons in Shell Commands
Unlike c or perl, a shell command only needs to be followed by a semicolon if there is another shell command following it on the same command line. Thus, consider the following command line:
chgrp canard .; chmod g+s .;
The final semicolon is superfluous and can be removed:
chgrp canard .; chmod g+s .
Further, if we were to place the two commands on separate lines, then the remaining semicolon is unneeded:
chgrp canard .
chmod g+s .
edited 2 hours ago
mlissner
1271110
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
1
Files that are copied (e.g. bycp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.
– Kaz
Aug 4 '15 at 15:30
1
@Kaz Good point. I updated the answer to clarify that it iscp -pthat overrides the setgid setting.
– John1024
Aug 4 '15 at 17:55
But doescp -poverride the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)
– Kaz
Aug 4 '15 at 20:58
"doescp -poverride the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?
– John1024
Aug 5 '15 at 6:22
add a comment |
chmod g+s .;
This command sets the group ID (setgid) on the current directory, written as ..
This means that all new files and subdirectories created within the current directory inherit the group ID of the directory, rather than the primary group ID of the user who created the file. This will also be passed on to new subdirectories created in the current directory.
g+s affects the file's group ID but does not affect the owner ID.
Note that this applies only to newly-created files. Files that are moved (mv) into the directory are unaffected by the setgid setting. Files that are copied with cp -p are also unaffected.
Example
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;
In this case, deux will belong to group canard but un will belong to the group of the user creating it, whatever that is.
Minor Note on the Use of Semicolons in Shell Commands
Unlike c or perl, a shell command only needs to be followed by a semicolon if there is another shell command following it on the same command line. Thus, consider the following command line:
chgrp canard .; chmod g+s .;
The final semicolon is superfluous and can be removed:
chgrp canard .; chmod g+s .
Further, if we were to place the two commands on separate lines, then the remaining semicolon is unneeded:
chgrp canard .
chmod g+s .
edited 2 hours ago
mlissner
1271110
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
1
Files that are copied (e.g. bycp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.
– Kaz
Aug 4 '15 at 15:30
1
@Kaz Good point. I updated the answer to clarify that it iscp -pthat overrides the setgid setting.
– John1024
Aug 4 '15 at 17:55
But doescp -poverride the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)
– Kaz
Aug 4 '15 at 20:58
"doescp -poverride the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?
– John1024
Aug 5 '15 at 6:22
add a comment |
chmod g+s .;
This command sets the group ID (setgid) on the current directory, written as ..
This means that all new files and subdirectories created within the current directory inherit the group ID of the directory, rather than the primary group ID of the user who created the file. This will also be passed on to new subdirectories created in the current directory.
g+s affects the file's group ID but does not affect the owner ID.
Note that this applies only to newly-created files. Files that are moved (mv) into the directory are unaffected by the setgid setting. Files that are copied with cp -p are also unaffected.
Example
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;
In this case, deux will belong to group canard but un will belong to the group of the user creating it, whatever that is.
Minor Note on the Use of Semicolons in Shell Commands
Unlike c or perl, a shell command only needs to be followed by a semicolon if there is another shell command following it on the same command line. Thus, consider the following command line:
chgrp canard .; chmod g+s .;
The final semicolon is superfluous and can be removed:
chgrp canard .; chmod g+s .
Further, if we were to place the two commands on separate lines, then the remaining semicolon is unneeded:
chgrp canard .
chmod g+s .
edited 2 hours ago
mlissner
1271110
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
chmod g+s .;
This command sets the group ID (setgid) on the current directory, written as ..
This means that all new files and subdirectories created within the current directory inherit the group ID of the directory, rather than the primary group ID of the user who created the file. This will also be passed on to new subdirectories created in the current directory.
g+s affects the file's group ID but does not affect the owner ID.
Note that this applies only to newly-created files. Files that are moved (mv) into the directory are unaffected by the setgid setting. Files that are copied with cp -p are also unaffected.
Example
touch un;
chgrp canard .;
chmod g+s .;
touch deux ;
In this case, deux will belong to group canard but un will belong to the group of the user creating it, whatever that is.
Minor Note on the Use of Semicolons in Shell Commands
Unlike c or perl, a shell command only needs to be followed by a semicolon if there is another shell command following it on the same command line. Thus, consider the following command line:
chgrp canard .; chmod g+s .;
The final semicolon is superfluous and can be removed:
chgrp canard .; chmod g+s .
Further, if we were to place the two commands on separate lines, then the remaining semicolon is unneeded:
chgrp canard .
chmod g+s .
edited 2 hours ago
mlissner
1271110
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
edited 2 hours ago
mlissner
1271110
edited 2 hours ago
mlissner
1271110
edited 2 hours ago
mlissner
1271110
1271110
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
answered Jan 31 '15 at 19:48
John1024John1024
49.1k5114129
49.1k5114129
1
Files that are copied (e.g. bycp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.
– Kaz
Aug 4 '15 at 15:30
1
@Kaz Good point. I updated the answer to clarify that it iscp -pthat overrides the setgid setting.
– John1024
Aug 4 '15 at 17:55
But doescp -poverride the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)
– Kaz
Aug 4 '15 at 20:58
"doescp -poverride the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?
– John1024
Aug 5 '15 at 6:22
add a comment |
1
Files that are copied (e.g. bycp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.
– Kaz
Aug 4 '15 at 15:30
1
@Kaz Good point. I updated the answer to clarify that it iscp -pthat overrides the setgid setting.
– John1024
Aug 4 '15 at 17:55
But doescp -poverride the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)
– Kaz
Aug 4 '15 at 20:58
"doescp -poverride the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?
– John1024
Aug 5 '15 at 6:22
1
1
Files that are copied (e.g. by
cp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.– Kaz
Aug 4 '15 at 15:30
Files that are copied (e.g. by
cp) are in fact newly created. If they don't inherit the group permission, the copying program is playing games, like copying to a temporary file and then moving it to the target directory.– Kaz
Aug 4 '15 at 15:30
1
1
@Kaz Good point. I updated the answer to clarify that it is
cp -p that overrides the setgid setting.– John1024
Aug 4 '15 at 17:55
@Kaz Good point. I updated the answer to clarify that it is
cp -p that overrides the setgid setting.– John1024
Aug 4 '15 at 17:55
But does
cp -p override the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)– Kaz
Aug 4 '15 at 20:58
But does
cp -p override the setgid setting? On every single Unix implementation in existence? POSIX says that it is unspecified whether a failure to copy the user ID or group ID under cp -p results in a diagnostic message! However, the S_SUID and S_SGID bits, respectively, are required to be cleared in that situation (i.e. if a file is setuid bob, but bob's ownership can't be copied so that the file is owned by janet, don't make it setuid janet.)– Kaz
Aug 4 '15 at 20:58
"does
cp -p override the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?– John1024
Aug 5 '15 at 6:22
"does
cp -p override the setgid setting?" According to the POSIX spec, that is what it is supposed to do. It does so on all the Unix systems that I have used. You have quoted the part of the spec regarding what to do to protect security in the case when the group ID cannot be duplicated. I have never run into such a "cannot" situation, have you?– John1024
Aug 5 '15 at 6:22
add a comment |
You can change file permissions with the chmod command. In Unix, file permissions, which establish who may have different types of access to a file, are specified by both access classes and access types. Access classes are groups of users, and each may be assigned specific access types
Unix/Linux has users and user groups that can be assigned for file access
the options g+s are as follows:
g - the permissions that other users in the file's group have for it
s - set user or group ID on execution
here is a sample usage:
chmod =rwx,g+s filename
(allow everyone to read, write, and execute a particular file and turn on the set group-ID)
To set/modify a file's permissions you need to use the chmod program. Of course, only the owner of a file may use chmod to alter a file's permissions. chmod has the following syntax: chmod [options] mode file(s)
The 'mode' part specifies the new permissions for the file(s) that follow as arguments. A mode specifies which user's permissions should be changed, and afterwards which access types should be changed. Let's say for example:
chmod a-x socktest.pl
This means that the execute bit should be cleared (-) for all users. (owner, group and the rest of the world) The permissions start with a letter specifying what users should be affected by the change, this might be any of the following:
u the owner user
g the owner group
o others (neither u, nor g)
a all users
This is followed by a change instruction which consists of a +(set bit) or -(clear bit) and the letter corresponding to the bit that should be changed.
Let's see some examples:
$ ls -l socktest.pl
-rwxr-xr-x 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod a-x socktest.pl
$ ls -l socktest.pl
-rw-r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod g+w socktest.pl
$ ls -l socktest.pl
-rw-rw-r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod ug+x socktest.pl
$ ls -l socktest.pl
-rwxrwxr-- 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod ug-wx socktest.pl
$ ls -l socktest.pl
-r--r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
Strange numbers...
You might have encountered things like chmod 755 somefile and of course you will be wondering what this is. The thing is, that you can change the entire permission pattern of a file in one go using one number like the one in this example. Every mode has a corresponding code number, and as we shall see there is a very simple way to figure out what number corresponds to any mode.
Every one of the three digits on the mode number corresponds to one of the three permission triplets. (u, g and o) Every permission bit in a triplet corresponds to a value: 4 for r, 2 for w, 1 for x. If the permission bit you add this value to the number of the permission triplet. If it is cleared, then you add nothing. (Some of you might notice that in fact, the number for a triplet is the octal value corresponding to the three-bit pattern - if you don't know what an octal value is, it doesn't really matter, just follow the instructions) So if a file has rwxr-xr-x permissions we do the following calculation:
Triplet for u:
rwx => 4 + 2 + 1 =7
Triplet for g:
r-x => 4 + 0 + 1 =5
Triplet for o:
r-x => 4 + 0 + 1 =5
Which makes :
755
So, 755 is a terse way to say 'I don't mind if other people read or run this file, but only I should be able to modify it' and 777 means 'everyone has full access to this file'
perlfect reference
edited Sep 28 '18 at 18:11
alo Malbarez
405158
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
add a comment |
You can change file permissions with the chmod command. In Unix, file permissions, which establish who may have different types of access to a file, are specified by both access classes and access types. Access classes are groups of users, and each may be assigned specific access types
Unix/Linux has users and user groups that can be assigned for file access
the options g+s are as follows:
g - the permissions that other users in the file's group have for it
s - set user or group ID on execution
here is a sample usage:
chmod =rwx,g+s filename
(allow everyone to read, write, and execute a particular file and turn on the set group-ID)
To set/modify a file's permissions you need to use the chmod program. Of course, only the owner of a file may use chmod to alter a file's permissions. chmod has the following syntax: chmod [options] mode file(s)
The 'mode' part specifies the new permissions for the file(s) that follow as arguments. A mode specifies which user's permissions should be changed, and afterwards which access types should be changed. Let's say for example:
chmod a-x socktest.pl
This means that the execute bit should be cleared (-) for all users. (owner, group and the rest of the world) The permissions start with a letter specifying what users should be affected by the change, this might be any of the following:
u the owner user
g the owner group
o others (neither u, nor g)
a all users
This is followed by a change instruction which consists of a +(set bit) or -(clear bit) and the letter corresponding to the bit that should be changed.
Let's see some examples:
$ ls -l socktest.pl
-rwxr-xr-x 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod a-x socktest.pl
$ ls -l socktest.pl
-rw-r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod g+w socktest.pl
$ ls -l socktest.pl
-rw-rw-r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod ug+x socktest.pl
$ ls -l socktest.pl
-rwxrwxr-- 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod ug-wx socktest.pl
$ ls -l socktest.pl
-r--r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
Strange numbers...
You might have encountered things like chmod 755 somefile and of course you will be wondering what this is. The thing is, that you can change the entire permission pattern of a file in one go using one number like the one in this example. Every mode has a corresponding code number, and as we shall see there is a very simple way to figure out what number corresponds to any mode.
Every one of the three digits on the mode number corresponds to one of the three permission triplets. (u, g and o) Every permission bit in a triplet corresponds to a value: 4 for r, 2 for w, 1 for x. If the permission bit you add this value to the number of the permission triplet. If it is cleared, then you add nothing. (Some of you might notice that in fact, the number for a triplet is the octal value corresponding to the three-bit pattern - if you don't know what an octal value is, it doesn't really matter, just follow the instructions) So if a file has rwxr-xr-x permissions we do the following calculation:
Triplet for u:
rwx => 4 + 2 + 1 =7
Triplet for g:
r-x => 4 + 0 + 1 =5
Triplet for o:
r-x => 4 + 0 + 1 =5
Which makes :
755
So, 755 is a terse way to say 'I don't mind if other people read or run this file, but only I should be able to modify it' and 777 means 'everyone has full access to this file'
perlfect reference
edited Sep 28 '18 at 18:11
alo Malbarez
405158
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
add a comment |
You can change file permissions with the chmod command. In Unix, file permissions, which establish who may have different types of access to a file, are specified by both access classes and access types. Access classes are groups of users, and each may be assigned specific access types
Unix/Linux has users and user groups that can be assigned for file access
the options g+s are as follows:
g - the permissions that other users in the file's group have for it
s - set user or group ID on execution
here is a sample usage:
chmod =rwx,g+s filename
(allow everyone to read, write, and execute a particular file and turn on the set group-ID)
To set/modify a file's permissions you need to use the chmod program. Of course, only the owner of a file may use chmod to alter a file's permissions. chmod has the following syntax: chmod [options] mode file(s)
The 'mode' part specifies the new permissions for the file(s) that follow as arguments. A mode specifies which user's permissions should be changed, and afterwards which access types should be changed. Let's say for example:
chmod a-x socktest.pl
This means that the execute bit should be cleared (-) for all users. (owner, group and the rest of the world) The permissions start with a letter specifying what users should be affected by the change, this might be any of the following:
u the owner user
g the owner group
o others (neither u, nor g)
a all users
This is followed by a change instruction which consists of a +(set bit) or -(clear bit) and the letter corresponding to the bit that should be changed.
Let's see some examples:
$ ls -l socktest.pl
-rwxr-xr-x 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod a-x socktest.pl
$ ls -l socktest.pl
-rw-r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod g+w socktest.pl
$ ls -l socktest.pl
-rw-rw-r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod ug+x socktest.pl
$ ls -l socktest.pl
-rwxrwxr-- 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod ug-wx socktest.pl
$ ls -l socktest.pl
-r--r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
Strange numbers...
You might have encountered things like chmod 755 somefile and of course you will be wondering what this is. The thing is, that you can change the entire permission pattern of a file in one go using one number like the one in this example. Every mode has a corresponding code number, and as we shall see there is a very simple way to figure out what number corresponds to any mode.
Every one of the three digits on the mode number corresponds to one of the three permission triplets. (u, g and o) Every permission bit in a triplet corresponds to a value: 4 for r, 2 for w, 1 for x. If the permission bit you add this value to the number of the permission triplet. If it is cleared, then you add nothing. (Some of you might notice that in fact, the number for a triplet is the octal value corresponding to the three-bit pattern - if you don't know what an octal value is, it doesn't really matter, just follow the instructions) So if a file has rwxr-xr-x permissions we do the following calculation:
Triplet for u:
rwx => 4 + 2 + 1 =7
Triplet for g:
r-x => 4 + 0 + 1 =5
Triplet for o:
r-x => 4 + 0 + 1 =5
Which makes :
755
So, 755 is a terse way to say 'I don't mind if other people read or run this file, but only I should be able to modify it' and 777 means 'everyone has full access to this file'
perlfect reference
edited Sep 28 '18 at 18:11
alo Malbarez
405158
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
You can change file permissions with the chmod command. In Unix, file permissions, which establish who may have different types of access to a file, are specified by both access classes and access types. Access classes are groups of users, and each may be assigned specific access types
Unix/Linux has users and user groups that can be assigned for file access
the options g+s are as follows:
g - the permissions that other users in the file's group have for it
s - set user or group ID on execution
here is a sample usage:
chmod =rwx,g+s filename
(allow everyone to read, write, and execute a particular file and turn on the set group-ID)
To set/modify a file's permissions you need to use the chmod program. Of course, only the owner of a file may use chmod to alter a file's permissions. chmod has the following syntax: chmod [options] mode file(s)
The 'mode' part specifies the new permissions for the file(s) that follow as arguments. A mode specifies which user's permissions should be changed, and afterwards which access types should be changed. Let's say for example:
chmod a-x socktest.pl
This means that the execute bit should be cleared (-) for all users. (owner, group and the rest of the world) The permissions start with a letter specifying what users should be affected by the change, this might be any of the following:
u the owner user
g the owner group
o others (neither u, nor g)
a all users
This is followed by a change instruction which consists of a +(set bit) or -(clear bit) and the letter corresponding to the bit that should be changed.
Let's see some examples:
$ ls -l socktest.pl
-rwxr-xr-x 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod a-x socktest.pl
$ ls -l socktest.pl
-rw-r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod g+w socktest.pl
$ ls -l socktest.pl
-rw-rw-r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
$ chmod ug+x socktest.pl
$ ls -l socktest.pl
-rwxrwxr-- 1 nick users 1874 Jan 19 10:23 socktest.pl*
$ chmod ug-wx socktest.pl
$ ls -l socktest.pl
-r--r--r-- 1 nick users 1874 Jan 19 10:23 socktest.pl
Strange numbers...
You might have encountered things like chmod 755 somefile and of course you will be wondering what this is. The thing is, that you can change the entire permission pattern of a file in one go using one number like the one in this example. Every mode has a corresponding code number, and as we shall see there is a very simple way to figure out what number corresponds to any mode.
Every one of the three digits on the mode number corresponds to one of the three permission triplets. (u, g and o) Every permission bit in a triplet corresponds to a value: 4 for r, 2 for w, 1 for x. If the permission bit you add this value to the number of the permission triplet. If it is cleared, then you add nothing. (Some of you might notice that in fact, the number for a triplet is the octal value corresponding to the three-bit pattern - if you don't know what an octal value is, it doesn't really matter, just follow the instructions) So if a file has rwxr-xr-x permissions we do the following calculation:
Triplet for u:
rwx => 4 + 2 + 1 =7
Triplet for g:
r-x => 4 + 0 + 1 =5
Triplet for o:
r-x => 4 + 0 + 1 =5
Which makes :
755
So, 755 is a terse way to say 'I don't mind if other people read or run this file, but only I should be able to modify it' and 777 means 'everyone has full access to this file'
perlfect reference
edited Sep 28 '18 at 18:11
alo Malbarez
405158
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
edited Sep 28 '18 at 18:11
alo Malbarez
405158
edited Sep 28 '18 at 18:11
alo Malbarez
405158
edited Sep 28 '18 at 18:11
alo Malbarez
405158
405158
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
answered Jan 31 '15 at 19:00
parallaxisparallaxis
1064
1064
add a comment |
add a comment |
The result of ls command will depend of umask.
g+s will set sgid to the file. Check here for more deep information about SUID SGID
so if your umask for example is 022 the result will be something like:
-rw-r--r-- 1 romeo canard 0 Jan 31 20:58 deux
-rw-r-Sr-- 1 romeo UsersGrp 0 Jan 31 20:58 un
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
add a comment |
The result of ls command will depend of umask.
g+s will set sgid to the file. Check here for more deep information about SUID SGID
so if your umask for example is 022 the result will be something like:
-rw-r--r-- 1 romeo canard 0 Jan 31 20:58 deux
-rw-r-Sr-- 1 romeo UsersGrp 0 Jan 31 20:58 un
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
add a comment |
The result of ls command will depend of umask.
g+s will set sgid to the file. Check here for more deep information about SUID SGID
so if your umask for example is 022 the result will be something like:
-rw-r--r-- 1 romeo canard 0 Jan 31 20:58 deux
-rw-r-Sr-- 1 romeo UsersGrp 0 Jan 31 20:58 un
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
The result of ls command will depend of umask.
g+s will set sgid to the file. Check here for more deep information about SUID SGID
so if your umask for example is 022 the result will be something like:
-rw-r--r-- 1 romeo canard 0 Jan 31 20:58 deux
-rw-r-Sr-- 1 romeo UsersGrp 0 Jan 31 20:58 un
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
edited Jan 31 '15 at 19:53
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
answered Jan 31 '15 at 19:00
Romeo NinovRomeo Ninov
7,23232129
7,23232129
add a comment |
add a comment |
In Linux one of the default mount option for ext? fs is 'nogrpid | sysvgroups'. So the first touch un, creates a file with group id equal to fsgid of the creating process where fsgid = egid.
chmod g+s ., makes subsequent file/dir creation inherit group id from the parent folder and if the created thing is a dir it too gets g+s set as its parent.
Here touch deux, creates deux, with group canard.
The semantics changes if mount option was 'grpid | bsdgroups' in that case, new file / dir creation would inherit group id from its parent folder even without setting g+s for the parent itself.
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
add a comment |
In Linux one of the default mount option for ext? fs is 'nogrpid | sysvgroups'. So the first touch un, creates a file with group id equal to fsgid of the creating process where fsgid = egid.
chmod g+s ., makes subsequent file/dir creation inherit group id from the parent folder and if the created thing is a dir it too gets g+s set as its parent.
Here touch deux, creates deux, with group canard.
The semantics changes if mount option was 'grpid | bsdgroups' in that case, new file / dir creation would inherit group id from its parent folder even without setting g+s for the parent itself.
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
add a comment |
In Linux one of the default mount option for ext? fs is 'nogrpid | sysvgroups'. So the first touch un, creates a file with group id equal to fsgid of the creating process where fsgid = egid.
chmod g+s ., makes subsequent file/dir creation inherit group id from the parent folder and if the created thing is a dir it too gets g+s set as its parent.
Here touch deux, creates deux, with group canard.
The semantics changes if mount option was 'grpid | bsdgroups' in that case, new file / dir creation would inherit group id from its parent folder even without setting g+s for the parent itself.
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
In Linux one of the default mount option for ext? fs is 'nogrpid | sysvgroups'. So the first touch un, creates a file with group id equal to fsgid of the creating process where fsgid = egid.
chmod g+s ., makes subsequent file/dir creation inherit group id from the parent folder and if the created thing is a dir it too gets g+s set as its parent.
Here touch deux, creates deux, with group canard.
The semantics changes if mount option was 'grpid | bsdgroups' in that case, new file / dir creation would inherit group id from its parent folder even without setting g+s for the parent itself.
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
edited Feb 1 '15 at 15:32
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
answered Feb 1 '15 at 6:00
Nizam MohamedNizam Mohamed
42536
42536
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f182212%2fchmod-gs-command%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
