"File" Permissions in Linux

After you understand it, you realize it can't get any simpler than that

By Bogdan Radulescu on September 12th, 2006 18:56 GMT
This how-to will try to teach you how to set “file” permissions in any Linux operating system using only the “chmod” command in the CLI. This guide should be pretty straight forward and it might be useful for anyone that isn't very familiar with the chmod command.

There is a saying “In Linux everything is a file” and it refers to the fact that directories, links, block devices and virtually anything is treated as a file in Linux. I told you this because you should know that when someone refers to something as a file, it might not be necessarily so.

Let's start by looking at a directory entry using the ls -l command:
drwxr-xr-x 2 root root 4096 Sep 12 14:58 testdir
-rwxr-x--x 1 root root 0 Sep 11 22:25 testfile

Above is a directory listing and from it we're interested at this point only in the first ten characters that are shown. The first character gives the file type and the ones that follow, the file permissions.

In this example we have the d and - as the first flags for testdir and testfile. The possible file types and the character that designates them are as follows:

regular file -
directory d
symbolic link l
block device b
character device c
socket device s

The following nine entries are in groups of three and show the permissions for the user, group and the others. The possible permissions for each one are read(r), write(w) and execute(x). Multiplying the three groups with the three permissions for each group, you get the nine entries.

The user controls permissions for the owner of the file, group for all the members in the group that own the file and other is for everyone else.

For our test file, we have the following flags: - rwx r-x --x .This means that it is a regular file that can be read, modified and executed by the user, read and executed by the group but not modifiable and all the other users can only execute it.

With the chmod command we can alter the permissions of a file using two different notation systems:

THE OCTAL SYSTEM: Generally uses a three or four digits to reset the permissions of a file. This system is most commonly used because all the permissions are set every time you what to change something thus excluding the possibility to allow something that is not required.

Example: For setting the permissions for our testfile, I used the command: chmod 751 testfile.

In the octal notations we start with the following digits:

read 4
write 2
execute 1

If we want to assign a read and write permission, we calculate 4+2=6 and use 6 as the digit for setting read and write. For read and execute we have 4+1=5, for a read, write and execute permission we have 4+2+1=7 and so on. The first digit allows us to set permissions for the owner, the second one for the group and the third one for the others. In our example, -rwxr-x--x is 751 and drwxr-xr-x is 755 in the octal system. Another common one would be 644 and in this case, I will let you figure out why. I strongly advise you to make some tries of your own if you want to get the notations right.

I said that you can also use four digits in the octal system but since that's related with SUID and SGID, I will not go into further details.

THE ALPHA SYSTEM: Uses the + and - operators to add and remove permissions. This system is more symbolic so it's often considered easier to learn, but you'll see that this is not necessarily the case and since it leaves room for error, I don't really recommend using it. In the alpha system, the user, group and other is denoted by u, g, o.
Example: The command chmod ugo+x,u+rw testfile appends execute privileges for the user, group and others and read and write for the user.

In the previous sentence, the key word was appends so, if the group also had read and write privileges, they would still remain set for the testfile. If we would like to remove those, we would have to use chmod g-rw testfile to remove them. I hope you understood why the alpha system is not, usually, the best thing to do. There are actually (sometimes) interesting uses for the alpha system and here I could point out that when using the -R, --recursive option with chmod, you'll probably not like to change permissions for all the files from the ground up. This scenario is rarely encountered and I learnt the alpha system only because I had to use it once in a script.

If I'm lucky, I’ve convinced you that knowing how to use the chmod command is very useful in a Linux environment and hopefully, you understood the basics of using it. Practicing a few times, greatly increases the chances to remember how to use it when it will be needed.
  
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments