...
Type | Owner | Group | Other |
---|---|---|---|
Directoriesrwx | leave alone | rx | remove permissions |
Filesrwx | leave alone | r | remove permissions |
Notice that the group wgdailyplanet must be have execute permission to directories. Otherwise, members of wgdailplanet will not be able to transverse (cd into) the directories.
...
Code Block | ||
---|---|---|
| ||
cd /home/ckent/
sudo chown ckent:wgdailyplanet ./daily-planet-articles/
sudo chmod -R u+rwx,g+rx,o-rwx ./daily-planet-articles/ |
...
Type | Owner | Group | Other |
---|---|---|---|
Directoryrwx | left alone | rx | permissions removed |
Filerwx | left alone | rx | permissions removed |
The proper way to provide execute only to directories,
Code Block | ||
---|---|---|
| ||
sudo chmod -R u+rwX,g+rX,o-rwx ./daily-planet-articles/ |
The key command switch is the capital X which will set execute/search when one or more of the criteria are met,
- The file is a directory (everything in *nix is a file, even a directory)
- Execute permission already set somewhere in Owner, Group or Other.
This covers the scenario of resetting permissions. But what about if ckent had been carefuly setting up permissions and explicitly set execute permissions on some files, and does not want those in the group wgdailyplanet to execute those files, only read?
In that case, the find command must be used to be more explicit,
Code Block | ||
---|---|---|
| ||
cd /home/ckent/
sudo chown ckent:wgdailyplanet ./daily-planet-articles/
sudo find -type d -print0 | xargs -0 chmod u+rwx,g+rX,o-rwx
sudo find -type f -print0 | xargs -0 chmod g+r,o-rwx |