Script to change file/folder permissions on Mac
Depending on the need of the hour, admins may often have to set limitations on users’ access to different files/folders. For example, they may either restrict a user’s access to a confidential file or even give access to a group of users to a single file. Usually, in such scenarios, the admins manually restrict or provide access to the users by modifying the corresponding file’s Sharing and Permissions settings. Whereas executing the following script to change file/folder permissions using Hexnode UEM’s Execute Custom Script action allows admins to assign permission to any user with just one command remotely.
Scripting Language – Bash
File extension – .sh
What are the different kinds of permissions and who are they granted to?
Every file and folder on the Mac has three kinds of permissions – read(r), write(w) and execute(x). These permissions are given to three categories of users:
- Owner(u) – The owner is the creator of the file/folder.
- Group(g) – Group usually refers to the group that the owner belongs to, either administrators or staff. Users can be added to a particular group to give access to multiple users at once.
- Others(o) – Any user that is not the owner or member of the group is categorized as others.
There are two ways of representing the permissions assigned to a user:
- Octal representation – Numbers from 0 to 7 represent different combinations of permissions.
- Symbolic representation – r, w and x represent read, write and execute permissions, respectively.
The table demonstrates how the various combinations of permissions are represented. These permissions can be assigned to each of the three categories of users for every file/folder.
How to change file permission in Mac via terminal?
The chmod command is used to modify the permission set over a file/folder.
chmod permission file/folder name
permission consists of three parts; the permission given to the owner, group and others, in that order. It can be written in two ways; either using the symbolic representation or the octal representation.
chmod 753 file.txt
Here, 7 is the permission assigned to the owner, 5 is that assigned to the group and 3 to others.
chmod u=rwx,g=rx,o=wx file.txt
Here, u, g and o represent the owner, group and others, respectively, and the values following the equal signs are the permissions assigned to each of them.
You can refer to the table above to see each of these permissions. Similarly, you can configure any permission to be granted over a file/folder.
How to view the existing permission of a file or folder?
ls -@l file/folder name
ls -@l file.txt
Executing this command will display the existing permission of the file named file.txt. The output is returned in the symbolic format. You can verify the output under the Action History tab of the corresponding device.
As mentioned earlier, the output ‘ – r w – r w – r – – ‘ comprises three parts. r w – is the read and write permission given to the owner, the following r w – is that of the group and r – – is the read-only permission given to others. The ‘ – ’ at the beginning of the output indicates that the item is a file, not a directory.