6.2.14 The chmod
command: change permissions on remote files
PSFTP allows you to modify the file permissions on files and directories on the server. You do this using the chmod
command, which works very much like the Unix chmod
command.
The basic syntax is chmod modes file
, where modes
represents a modification to the file permissions, and file
is the filename to modify. You can specify multiple files or wildcards. For example:
chmod go-rwx,u+w privatefile
chmod a+r public*
chmod 640 groupfile1 groupfile2
The modes
parameter can be a set of octal digits in the Unix style. (If you don't know what this means, you probably don't want to be using it!) Alternatively, it can be a list of permission modifications, separated by commas. Each modification consists of:
-
The people affected by the modification. This can be
u
(the owning user),g
(members of the owning group), oro
(everybody else - ‘others’), or some combination of those. It can also bea
(‘all’) to affect everybody at once. -
A
+
or-
sign, indicating whether permissions are to be added or removed. -
The actual permissions being added or removed. These can be
r
(permission to read the file),w
(permission to write to the file), andx
(permission to execute the file, or in the case of a directory, permission to access files within the directory).
So the above examples would do:
-
The first example:
go-rwx
removes read, write and execute permissions for members of the owning group and everybody else (so the only permissions left are the ones for the file owner).u+w
adds write permission for the file owner. -
The second example:
a+r
adds read permission for everybody to all files and directories starting with ‘public’.
In addition to all this, there are a few extra special cases for Unix systems. On non-Unix systems these are unlikely to be useful:
-
You can specify
u+s
andu-s
to add or remove the Unix set-user-ID bit. This is typically only useful for special purposes; refer to your Unix documentation if you're not sure about it. -
You can specify
g+s
andg-s
to add or remove the Unix set-group-ID bit. On a file, this works similarly to the set-user-ID bit (see your Unix documentation again); on a directory it ensures that files created in the directory are accessible by members of the group that owns the directory. -
You can specify
+t
and-t
to add or remove the Unix ‘sticky bit’. When applied to a directory, this means that the owner of a file in that directory can delete the file (whereas normally only the owner of the directory would be allowed to).