View Full Version : Permission Problems

16th January 2011, 10:32 PM
Hi Guys,

I have a large main storage system on my network, and I have created folders for each user... however when i try to lock the folders down, when a user accesses it from the network the permissions are ignored...

I've done ls -al etc and they all show 700

Any ideas?

18th January 2011, 06:15 AM
This may be more of what you are after

I've used this command a couple of times to fix permission problems.

Changing FILE permissions via Terminal :
From MacOSXHints
change permissions via terminal [Archive] - The macosxhints Forums (http://forums.macosxhints.com/archive/index.php/t-10684.html)

When executing a chmod command, it is generally of the format chmod ### <filename> (where ### are three single digits). The first of the digits specifies what the owner of the file is allowed to do with it. The second digit specifies what the user group that is assigned to the file can do with it. The third digit specifies what everyone else can do with it.

These digits are where 1, 2 and 4 come in. If you want one of the three sets of people (owner, group, others) to be able to execute the file (x), you'll put 1 in their position in the chmod command. If write (w), you'll put 2. If read (r), 4. So if you want the owner to be able to read, the user group to be able to read and everybody else to have no access to file.txt, you type chmod 440 file.txt.

So, you ask, where do the 7s and 5s come from if the pallette consists only of 1, 2 and 4? It comes from combining them. If you want somebody to be able to read and execute a file, then you will add the number for read (4) to the number for execute (1) and get 5. The owner will generally have a setting of 7 (read/4 + write/2 + execute/1) for any executable files...and 6 (read/4 + write/2) for non-executables.

So where do the big long drwxrwxr-x sort of strings come from? This string is divided into 4 parts. The first character is dedicated to letting you know if the file is a directory (d), has the set-UID bit set, etc. The directory (d) character is the only one you will run into on a regular basis. The next three characters tell you what the owner can do with the file: read (r), write (w), execute (x)...in that order. If there's a dash (-) in one of the positions, it means the owner doesn't have permission to perform the action that corresponds to that position in the string. The next three characters correspond in the same way to the user group permissions. And the last three, correspond in the same way to everyone else's permissions.

Knowing what these characters mean, you can also use chmod in combination with them instead of the numbers. Remember these abbreviations:

Person Abbreviations
u = user (owner)
g = group
o = others (everybody else)
a = all (all of the above, everybody)

Permission Abbreviations
r = read
w = write
x = execute

You can then use chmod to add or subtract permissions from these different people. The syntax to add permissions is:

chmod <person abbrev.>+<permission abbrev.> <file name>

For example, if you want the owner/user to have write access to file.txt, you'll just type: chmod u+w file.txt

Taking permissions away is just as simple. You just replace the plus sign (+) with a minus sign/dash (-). So to take read permission away from the group type: chmod g-r file.txt

This KB article at Apple explains it further