Unix Permissions


Probably the biggest problems people face when first creating a web page is properly setting their file permissions. So let's tackle that problem first. When you log into your Unix account and get to a Unix prompt, you can type the command ls -l to see a list of the files in your home directory. It may look a little something like this:
total 3960
-rw-r--r--   1 e-huss   usr       123339 Jun  7 10:41 getstats_12.c
-rwx------   1 e-huss   usr       103316 Jul 15 00:04 hexpert
-rw-------   1 e-huss   usr        32768 Jul 15 00:03 hexpert.tar
-rwx------   1 e-huss   usr        10056 Sep 25 18:46 htpasswd
drwx------   6 e-huss   usr          512 May  3 12:31 java
-rw-------   1 e-huss   usr        22768 Oct  3 17:32 siggraph.jpg
-rw-------   1 e-huss   usr      1312180 Sep 27 11:53 siggraph.tiff
-rw-------   1 e-huss   usr       373760 Aug 29 20:27 unz512x.tar
Let's take a look at one of the lines, and dissect what the information means. First, the part on the left looks like this:

The character of the far left tells you what kind of file this item is. If it is a dash - then that means it is a normal file. If it is a d that that means it is a directory (folder). That's the two important ones. There are several other things it could be, but we don't need to concern ourselves with that.

After that there are three groups of three characters. These groups indicate the permissions of the file or directory. Permissions determine who can read from the file or write to the file. Fairly simply, the r means read permission, the w means write permission, and the x means execute permission. If there is a dash - then that means that permission is not granted.

The first group of the permission bits corresponds to the user's permission. This is the permissions for the person who created the file (the owner).
The second group of permission bits corresponds to the group's permissions. Each file or directory belongs to a group. A group might be students or usr as in the above example. Anyone who belongs to this group has these permissions for the file. If you wish to see what groups you belong to, type the command groups.
The third group of permission bits corresponds to the world permissions. These are the permissions granted to everyone.

Continuing on down the line of items, in the above example you'll see e-huss. This is the username of the owner of the file. This is normally the person who created the file.

Next is the group the file belongs to. In the above example, the files belong to the group usr. After that you'll see the size of the file in bytes. Next is the date and time the file was last modified, and finally the name of the file.


Unix Commands

There are several Unix commands that you will need to become familiar with.

chmod permissions filename

chmod will change the permission bits of the file or directory. There are two ways to use chmod. One way is to give it the exact permissions with the absolute mode. This is essentially a three digit number with the first digit corresponding to the user's permissions, the second digit is the group permissions, and the last digit is the world permissions. The values of the digit correspond in the following way:
0 ---
1 --x
2 -w-
3 -wx
4 r--
5 r-x
6 rw-
7 rwx
So for example, the command:
chmod 664 test.html
would change the permissions of the file test.html to be rw-rw-r--.

The second method of changing permissions is using the symbolic mode. The general format for the symbolic mode is:
who <operator> permission

So, here's some examples:
If the permissions are currently rwx------, then the command:
chmod a+r example.html
will change it so everyone (all) can read it (add). The result would then be rwxr--r--.

If the permissions are currently rwx------, then the command:
chmod u=r another_example.html
will change it so the user can only read it (exact set). The result would then be r--------.


mkdir

mkdir will make a new directory. The command:
mkdir public_html
will make a new directory public_html as long as you have write access in the current directory.

rm

rm will remove a file. The command:
rm test.html
will remove the file test.html

rmdir

rmdir will remove a directory as long as it is empty. Example:
rmdir test_dir
will remove the directory test_dir

man

man will become your friend. It will grab the manual page for a given command. So for instance:
man ls
will give you the manual page for the command ls. You can use it to learn a lot of advanced information about a command. I strongly recommend you take some time later on and browse through a couple man pages. You'll learn a lot of good options for the commands you use. Note that some systems do not have all the manual pages installed. You can ask the administrator to install them, or use another system.

Permissions for the Web

Now we'll take a look at how permissions affect us on the Web. The first step is understanding the public_html directory. If you are creating a home page, and wish to put it in your home directory, you first need to make a public_html directory in your home directory. So for instance, if I wish to access my home page on the student cluster, whenever I access http://www.students.uiuc.edu/~e-huss/ this will look in my public_html directory for the files. This is a bit of a security feature so that people can look at the other files in your home directory. The command will look like this:
mkdir public_html
The permissions for the public_html should be something like rwx-----x. You can have other permission bits, but this is the minimum that you will need. The command
chmod 701 public_html
will do the trick. It is a popular misconception that you need to change the permissions of your actual home directory. This is NOT TRUE!

Another thing to mention is that if you want people to browse through the directory, then you should also make it world readable. The permissions will be rwx---r-x. When I say browse the directory, I mean something like this: Browse. If you click on that link, then you can see what I mean. When you do not have an index.html file, you can browse the directory.

Now you need to regard yourself with the permissions of an HTML document. The only requirement for an HTML document is that the web server can read it. This means that you need to make your file world readable. After changing into your public_html directory like this:
cd public_html
and you create an HTML document with your favorite editor, you can use the command
chmod o+r some_document.html
to set the permissions correctly. Another way to do it is:
chmod 604 some_document.html
This sets it to rw----r--. This is so you can still read and write to the file, and the web server can get the document. We could ramble on this subject for a much longer time, but let's get on to making some HTML documents. If you have more problems or you need some more specific information, don't hesitate to ask someone..


Return to the Front Page