RFC: New section for the Unix Basics chapter.

Tom Rhodes trhodes at FreeBSD.org
Thu Jun 19 18:59:18 UTC 2003


Hey,

In this email I have a patch to add information on symbolic permissions
to the Unix Basics chapter of our handbook.  Now I'm a little wierd on
the table output and I know that it could use a few more <literal>
tags, but I wanted to get a general idea before I put more work into
it.

Comments, suggestions, death threats welcome.  Thanks!

--
Tom Rhodes


--- chapter.sgml	Thu Jun 19 14:39:43 2003
+++ chapter.sgml.new	Thu Jun 19 14:07:59 2003
@@ -59,7 +59,7 @@
 
   <sect1 id="permissions">
     <title>Permissions</title>
-    <indexterm><primary>Unix</primary></indexterm>
+    <indexterm><primary>permissions</primary><secondary>octal</secondary></indexterm>
 
     <para>FreeBSD, being a direct descendant of BSD Unix, is based on
       several key Unix concepts.  The first, and
@@ -198,6 +198,135 @@
       directories.  If you want more information on file permissions and
       how to set them, be sure to look at the &man.chmod.1; manual
       page.</para>
+
+    <sect2>
+      <authorgroup>
+	<author>
+	  <firstname>Tom</firstname>
+	  <surname>Rhodes</surname>
+	  <contrib>Contributed by </contrib>
+	</author>
+      </authorgroup>
+      <title>Symbolic Permissions</title>
+      <indexterm><primary>permissions</primary><secondary>symbolic</secondary></indexterm>
+
+      <para>Symbolic permissions, sometimes refereed to as symbolic expressions,
+	uses characters in place of octal values to assign permissions to files
+	or directories.  Symbolic expressions use the syntax of (who) (action)
+	(permissions), where the following values are available:</para>
+
+      <informaltable>
+	<tgroup cols="3">
+	  <thead>
+	    <row>
+	      <entry>Option</entry>
+	      <entry>Letter</entry>
+	      <entry>Represents</entry>
+	    </row>
+	  </thead>
+
+	<tbody>
+	  <row>
+	    <entry>(who)</entry>
+	    <entry>u</entry>
+	    <entry>File Owner</entry>
+	  </row>
+
+	  <row>
+	    <entry>(who)</entry>
+	    <entry>g</entry>
+	    <entry>Group owner</entry>
+	  </row>
+
+	  <row>
+	    <entry>(who)</entry>
+	    <entry>o</entry>
+	    <entry>Other</entry>
+	  </row>
+
+	  <row>
+	    <entry>(who)</entry>
+	    <entry>a</entry>
+	    <entry>All</entry>
+	  </row>
+
+	  <row>
+	    <entry>(action)</entry>
+	    <entry>+</entry>
+	    <entry>Adding permissions</entry>
+	  </row>
+
+	  <row>
+	    <entry>(action)</entry>
+	    <entry>-</entry>
+	    <entry>Removing permissions</entry>
+	  </row>
+
+	  <row>
+	    <entry>(action)</entry>
+	    <entry>=</entry>
+	    <entry>Explicitly set permissions</entry>
+	  </row>
+
+	  <row>
+	    <entry>(permissions)</entry>
+	    <entry>r</entry>
+	    <entry>Read</entry>
+	  </row>
+
+	  <row>
+	    <entry>(permissions)</entry>
+	    <entry>w</entry>
+	    <entry>Write</entry>
+	  </row>
+
+	  <row>
+	    <entry>(permissions)</entry>
+	    <entry>x</entry>
+	    <entry>Execute</entry>
+	  </row>
+
+	  <row>
+	    <entry>(permissions)</entry>
+	    <entry>t</entry>
+	    <entry>Sticky bit</entry>
+	  </row>
+
+	  <row>
+	    <entry>(permissions)</entry>
+	    <entry>s</entry>
+	    <entry>SUID or SGID</entry>
+	  </row>
+	</tbody>
+      </tgroup>
+    </informaltable>
+
+    <para>These values are used with the <command>chmod</command> command
+      just like before, but with letters.  For an example, you could use
+      the following command to block other users from accessing the files
+      in your home directory:</para>
+
+    <screen>&prompt.user;<userinput>chmod go= *</userinput></screen>
+
+    <para>A comma separated list can be provided when more than one set
+      of changes to a file must be made.  For example the following command
+      will remove the groups and <quote>world</quote> write permission
+      on <replaceable>FILE</replaceable>, then it adds the execute
+      permissions for everyone:</para>
+
+    <screen>&prompt.user;<userinput>chmod go-w,a+x <replaceable>FILE</replaceable></userinput></screen>
+
+
+    <para>Most users will do not notice this, but it should be pointed out
+      that using the octal method will only set or assign permissions to
+      a file; it does not add or delete them.  This means that the octal
+      method does not have an equivalent option to the following command:</para>
+
+    <screen>&prompt.root; <userinput>chmod u+rw <replaceable>FILE</replaceable></userinput></screen>
+
+    <para>The closest octal value would be <literal>0600</literal> and it would not
+      be the same.</para>
+    </sect2>
   </sect1>
   
   <sect1 id="dirstructure">



More information about the freebsd-doc mailing list