Actually, moving a file is either a rename of a file on a single file system or creating a copy and deleting the original [typically only done if the move is a migration from one file system to another].
In either case you need execute and of course write permissions to the target directory and the source directory. However, for a mere rename [and moving from one directory to another can be just that] on a single file system you do not need any permissions on the file itself. It can be cleared of all permissions and still you can move [rename] it [as long as you have write and execute permissions for the directories].
For a real copy [as it is needed when you move the file to a different file system], you need read permissions on the file itself. No write permissions on the original are necessary, as deletion of a file is not writing to it [but to the directory it is in].
Unix-like operating systems, such as Linux, running on shared high-performance computers use settings called permissions to determine who can access and modify the files and directories stored in their file systems. Each file and directory in a file system is assigned "owner" and "group" attributes.
Most commonly, by default, the user who creates a file or directory is set as owner of that file or directory. When needed [for example, when a member of your research team leaves], the system's root administrator can change the user attribute for files and directories.
The group designation can be used to grant teammates and/or collaborators shared access to an owner's files and directories, and provides a convenient way to grant access to multiple users.
View file permissions
To view the permissions for all files in a directory, use the
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example6 command with the
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example7 options. Add other options as desired; for help, see List the files in a directory in Unix.
For example, if you enter:
ls -lah
You should see output similar to the following:
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example
In the output example above, the first character in each line indicates whether the listed object is a file or a directory. Directories are indicated by a [
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example8]; the absence of a
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example8 at the beginning of the first line indicates that
chmod a+r myfile0 is a regular file.
The letters
chmod a+r myfile1 represent different permission levels:
PermissionFilesDirectories
chmod a+r myfile2can read the filecan
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example6 the directory
chmod a+r myfile4can write the file
can modify the directory's contents
chmod a+r myfile5can execute the filecan
chmod a+r myfile6 to the directory
Note the multiple instances of
chmod a+r myfile2,
chmod a+r myfile4, and
chmod a+r myfile5. These are grouped into three sets that represent different levels of ownership:
- Owner or user permissions: After the directory [
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example
8] slot, the first set of three characters indicate permission settings for the owner [also known as the user].In the example
chmod +r myfile
1, the owner permissions arechmod +r myfile
2, indicating that the owner can read and write to the file but can't execute it as a program.In the example
chmod +r myfile
3, the owner permissions arechmod a+r myfile
1, indicating that the owner can view, modify, and enter the directory. - Group permissions: The second
chmod a+r myfile
1 set indicates the group permissions. In the fourth column of the example above,chmod +r myfile
6 is the group name.In the example
chmod +r myfile
1, group members can only read the file.In the example
chmod +r myfile
3, group members can view as well as enter the directory. - Other permissions: The final
chmod a+r myfile
1 set is for "other" [sometimes referred to as "world"]. This is anyone outside the group. In both examples above, these are set to the same permissions as the group.
Change file permissions
To change file and directory permissions, use the command
chmod go-rw myfile0 [change mode]. The owner of a file can change the permissions for user [
chmod go-rw myfile1], group [
chmod go-rw myfile2], or others [
chmod go-rw myfile3] by adding [
chmod go-rw myfile4] or subtracting [
chmod go-rw myfile5] the read, write, and execute permissions.
There are two basic ways of using
chmod go-rw myfile0 to change file permissions: The symbolic method and the absolute form.
Symbolic method
The first and probably easiest way is the relative [or symbolic] method, which lets you specify permissions with single letter abbreviations. A
chmod go-rw myfile0 command using this method consists of at least three parts from the following lists:
Access classOperatorAccess Typeu [user]+ [add access]r [read]g [group]- [remove access]w [write]o [other]= [set exact access]x [execute]a [all: u, g, and o]
For example, to add permission for everyone to read a file in the current directory named
chmod go-rw myfile8, at the Unix prompt, enter:
chmod a+r myfile
The
chmod go-rw myfile9 stands for "all", the
chmod go-rw myfile4 for "add", and the
chmod a+r myfile2 for "read".
Note:
This assumes that everyone already has access to the directory where
chmod go-rw myfile8 is located and its parent directories; that is, you must set the directory permissions separately.
If you omit the access class, it's assumed to be all, so you could also enter the previous example as:
chmod +r myfile
You can also specify multiple classes and types with a single command. For example, to remove read and write permission for group and other users [leaving only yourself with read and write permission] on a file named
chmod go-rw myfile8, you would enter:
chmod go-rw myfile
You can also specify that different permissions be added and removed in the same command. For example, to remove write permission and add execute for all users on
chmod go-rw myfile8, you would enter:
chmod a-w+x myfile
In each of these examples, the access types that aren't specified are unchanged. The previous command, for example, doesn't change any existing settings specifying whether users besides yourself may have read [
chmod a+r myfile2] access to
chmod go-rw myfile8. You could also use the exact form to explicitly state that group and other users' access is set only to read with the
chmod a-w+x myfile7 operator:
chmod go=r myfile
The
chmod go-rw myfile0 command also operates on directories. For example, to remove write permission for other users on a subdirectory named
chmod a-w+x myfile9, you would enter:
chmod o-w mydir
To do the same for the current directory, you would enter:
chmod o-w
To change permissions recursively in all subdirectories below the specified directory, add the
chmod go=r myfile0 option; for example, to grant execution permissions for other users to a directory [
chmod a-w+x myfile9] and all the subdirectories it contains, you would enter:
chmod -R o+x mydir
Be careful when setting the permissions of directories, particularly your home directory; you don't want to lock yourself out by removing your own access. Also, you must have execute permission on a directory to switch [
chmod a+r myfile6] to it.
Absolute form
The other way to use the
chmod go-rw myfile0 command is the absolute form, in which you specify a set of three numbers that together determine all the access classes and types. Rather than being able to change only particular attributes, you must specify the entire state of the file's permissions.
The three numbers are specified in the order: user [or owner], group, and other. Each number is the sum of values that specify read, write, and execute access:
PermissionNumberRead [r]4Write [w]2Execute [x]1
Add the numbers of the permissions you want to give; for example:
- For file
chmod go-rw myfile
8, to grant read, write, and execute permissions to yourself [4+2+1=7], read and execute permissions to users in your group [4+0+1=5], and only execute permission to others [0+0+1=1], you would use:-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example
0 - To grant read, write, and execute permissions on the current directory to yourself only, you would use:
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example
1
You can think of the three digit sequence as the sum of attributes you select from the following table:
Read by owner400Write by owner200Execute by owner100Read by group040Write by group020Execute by group010Read by others004Write by others002Execute by others001
Sum all the accesses you wish to permit. For example, to give write and execute privileges to the owner of
chmod go-rw myfile8 [200+100=300], and give read privileges to all [400+040+004=444], you would enter:
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example2
Some other examples are:
777anyone can do anything [read, write, or execute]755you can do anything; others can only read and execute711you can do anything; others can only execute644you can read and write; others can only read
Common issues when sharing data with other users
Important:
Be sure you understand your responsibilities when processing, storing, and sharing data containing protected health information [PHI]. For more, see Your legal responsibilities for protecting data containing protected health information [PHI] when using UITS Research Technologies systems and services.
To share a file or directory that you own with someone, you can grant read and execute privileges for that user. However, you must also set the same privileges on any parent directories above the item you're sharing; if you don't, the user can't look and change into [
chmod a+r myfile6] all the parent directories above your file or directory.
If you think of a file system as a physical place, then permissions work like keys that let you access different directories:
- The read [
chmod a+r myfile
2] permission lets users look [-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example
6] into directories. - The execute [
chmod a+r myfile
5] permission lets users move [chmod a+r myfile
6] into directories. - The write [
chmod a+r myfile
4] permission lets users add and remove files.
For example, say you want to give someone access to
chmod o-w mydir2. Imagine the path as a physical space:
chmod o-w mydir
3 is the gated community where you live.chmod o-w mydir
4 is the unit.chmod o-w mydir
5 is your apartment.chmod o-w mydir
6 is a room in your apartment.chmod o-w mydir
7 is a closet in your room.
If someone wanted to run your scripts, you would need to give that person access to every part of
chmod o-w mydir2. You might try to do it this way:
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example3
However, a user can't read or access a subdirectory unless the user also has
chmod a+r myfile5 permissions to the parent directories. In other words, the above command gives out a key to your closet, but not to your room or apartment.
To resolve this, give
chmod a+r myfile5 permissions to the parent directories you control:
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example4
This will let others move [
chmod a+r myfile6] to the
chmod o-w2 directory. Because the parent directories don't have
chmod a+r myfile2 permissions, users will only be able to look [
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example6] within the
chmod o-w2 directory, keeping the rest of your file system private.
Get help
For more about
chmod go-rw myfile0, consult the manual page. At the Unix prompt, enter:
-rw-r--r-- 1 user1 group1 62 Jan 15 16:10 myfile.txt drwxr-xr-x 2 user1 group1 2048 Jan 15 17:10 Example5
At Indiana University, for personal or departmental Linux or Unix systems support, see Get help for Linux or Unix at IU.
Related documents
Introduction to Unix commands Set the default protection to newly created directories and files in Unix