User Categories
Files has three categories of users for which permissions apply:
- The user who created the file
- A user who is in the same grub as the user
- All other users
Permission Categories
File/directory have three categories of applicable permissions: read, write, and execute.
- r(read) --> file can be read
- w(write) --> file can be edited
- x(execute) --> file can be run as command
View Permissions And Ownership
To see the permissions and ownership of files and directories can use command:
ls -l or ls -ld
Option -l --> view list with long list format.
Option -d --> view the directory listing itself.
File permission consist of nine characters after the character d(directory).
- Permission for the user is determined by the first set of 3 characters
- Permission for user groups are determined by the second set of 3 characters
- Permission for all other users are determined by the third set of 3 characters
If the letters are replaced with -, then the category doesn't have that permission.
Change Permission
To change permission from the command line can use command:
chmod
Permission instructions can be issued by symbolic methods and numerical methods.
Symbolic Method
chmod WhoWhatWhich file/directory
- Who is u(user), g(group), o(other), a(all)
- What is +(add), -(remove), =(set exactly)
- Which is r(read), w(write), x(execute)
option -R to change the permissions of the directory and its contents.
Numeric Method
chmod ### file/directory
Each digit represents a permission for the access level: user, group, other.
Each digit is the sum of the numbers representing the permissions.
- read permission is represented by the number 4
- write permission is represented by the number 2
- execute permission is represented by the number 1
Change User And Group Ownership
To change the ownership of users and groups can use command:
chown
only root user can change file ownership
To change only the user, use the command:
chown usernew file1
To change only the group, use the command:
chown :groupnew file1
To change everything, use the command:
chown usernew:groupnew file1
We can use sudo privilege to use chown command.
Option -R to change the ownership of the directory and its contents.
Special Permission
Special permission is the fourth type of permission besides basic user, grub and other types. These permissions have additional access features that are allowed by the basic permission types.
1. Setuid Permission
on files containing this permission executable. however, the command that is executed becomes the user who owns the file, not as the user that executes the command.
to add this permission, can use command:
chmod u+s file1 or chmod 4### file1
2. Setgid Permission
files created in a directory containing these permissions inherit ownership of grub rather than inheriting from the user who created it. this file is executable. however, the command that is executed becomes the grub that owns the file, not as the grub that runs the command.
to add this permission, can use command:
chmod g+s file1 or chmod 2### file1
3. Sticky Permission
on directories that contain this permission, file deletion is subject to special restrictions. only file owner and root user can delete files in directory
to add this permission, can use command:
chmod o+t file1 or chmod 1### file1
Default File Permission
When you create a new file/directory it is given initial permission called umask.
- If you create a new directory, the operating system will grant octal permission 0777
- If you create a new file, the operating system will give permission octal 0666
Octal permission will be reduced by the umask set, usually 0002.
To see the umask that has been set, you can use the command:
umask
To replace it, you can use the command:
umask 027
Top comments (0)