Table of contents
Introduction
The multi-user capability of Unix-like systems is a feature that is deeply ingrained into the design of the operating system.
File Permissions
On a Linux system, each file and directory is assigned access rights for the owner of the file.
You can check the permission settings with ls -l.
$ ls -l
drwxr-xr-x. 13 root root 1027 Jan 3 12:32 bin/cat
Let's explore what drwxr-xr-x. 13 root root 1077 Jan 3 12:32 bin/cat means one by one.
| Command | Meaning |
|---|---|
| d | File Type |
| rwxr-xr-x. | File Mode |
| 13 | Number of links |
| root | The owner of the file |
| root | The group the file belongs to |
| 1027 | Size of the file |
| Jan 3 12:32 | Time Stamp |
| bin/cat | The name of the file/directory |
File Type
| Command | File Type |
|---|---|
| - | File |
| d | Directory |
| l | Symbolic Link |
File Mode
The r letter means the user has permission to read the file/directory. The w letter means the user has permission to write the file/directory. And the x letter means the user has permission to execute the file/directory.
| Command | Meaning |
|---|---|
| r | read |
| w | write |
| x | execute |
| - | not allowed |
Let's take a look at the 9 letters in the command.
The first 3 letters show the permissions for the file owner, the second 3 letters show the permissions for the group owner and the last 3 letters show the permissions for other users.
rwx/ r-x/ r-x/
Owner: rwx
Group: r-x
Users: r-x
Change File Modes
The chmod command is used to change the permissions of a file or directory.
Octal Mode
Each permission may be specified with an octal number: read = 4; write = 2; execute = 1; no permission = 0.
| Meaning | Number |
|---|---|
| read(r) | 4 |
| write(w) | 2 |
| execute(x) | 1 |
Example
The command below means giving permissions to read(4), write(2) and execute(1) to the owner and permissions to read(4) and execute(1) to the group user and permissions to read(4) to other users.
chmod 754 myfile
Symbolic Mode
The below is the basic syntax of chmod.
% chmod who operator permission filename
You can use the following commands to change modes.
| Command | Meaning |
|---|---|
| u(user) | user access |
| g(group) | group access |
| o(other) | other access |
| a(all) | user, group, and other access |
| Command | Meaning |
|---|---|
| + | add specified permissions |
| - | remove specified permissions |
| = | set the specified permissions |
Example
In the following example, read permission are taken away from others.
% chmod o-r filea
In the following example, read and execute permissions are added for user, group, and others.
$ chmod a+rx fileb
In the following example, read, write, and execute permissions are assigned to the group.
$ chmod g=rwx filec
Oldest comments (76)
When it comes to Linux I make it a point to read even intro level articles like this one. Why? 'cause I am constantly learning new things, like I did here.
Thank you for this. Keep up the good posting!
Thank you for your kind words!
From what I know, I guess you can forgo "a" in the "a+rx".
Thank you for sharing your knowledge:)!
Thank you for pointing that out:) Fixed it!
This article did not introduce anything brand new to me, but nonetheless very concise and well written!
Thank you for sharing.
Thank you for taking the time to read it!!
There's also suid/sgid permissions. Normally, when you execute a program, it will run as the user which called it. suid will instead run the program as the owner of the file. For example, if you are logged in as user
developerand try to execute a suid program owned byroot, it will execute asrootinstead ofdeveloper.su,sudo,passwdrely on suid to work.The extension to suid-/sgid-enabled operations being that, when you run auditing services on a system, actions are logged both by actual executing-user and effective executing user.
chattr +i filename
If you really want to get into powerful permissioning systems, take a look at extended filesystem access control lists (via the
setfaclandgetfaclutilities), extended attributes (xattrs managed via thechattrandlsattrcommands) and, the ultimate cause of headaches, SELinux.If you're running an Internet-facing system, these are all security-extensions that you want to be reasonably well versed in.
Thank you very much for your post; I fixed it. I also hope you continue to write great posts and that we can continue the conversation; Thank you very much, dear. io games wordle website
After reading this article, I also have a better understanding of Linux permissions. This is a great article and I'm looking into some more Linux articles. wordle game free Wordle
I have been looking for this information for a long time, thank you very much, the information in the article has helped me a lot in my work. In your free time, do you often play games to practice your foreign language? try waffle game
Very good article, I just wanted to say that this article has clear programming numbers and Wordle that are easy to understand for a newbie like me. Thank you for sharing this useful information.
Some comments may only be visible to logged-in visitors. Sign in to view all comments.