DEV Community

Cover image for A Guide to Permissions in Ubuntu
Mustafa Hashmani
Mustafa Hashmani

Posted on • Originally published at mustafahashmani.hashnode.dev

A Guide to Permissions in Ubuntu

  • As regular users, we do not have permission to write or even read every file on the machine.
  • For example, if I try to read the file /etc/sudoers using cat /etc/sudoers I get a "permission denied" message.
  • On unix systems, a single user may be the owner of files and directories, meaning that they have control over their access.
  • You can view permissions by running ls -l

File Attributes

  • The weird looking 10 characters we see printed out first are the file attributes.

    -rw-rw-r--
    
  • These characters tell us the type of the file, the read, write, and execute permissions for the file's owner, the file's group owner, and everyone else.

Image

  • The very first character indicates the type of the file. Some of the more common types and their corresponding attributes are:
    • - regular file
    • d directory
    • c character special file
    • l symbolic link
Character Effect On Files Effect on Directories
r file can be read directory's contents can be listed
w file can be modified directory's contents can be modified (create new files, rename files/folders) but only if the executable attribute is also set
x file can be treated as a program to be executed allows a directory to be entered or "cd"ed into
- file cannot be read, modified, or executed directory contents cannot be shown, modified, or cd'ed into
  • In the example below we see that the file's owner has read and write permissions but NOT execute permissions. No one else has any access

    - rw- --- ---
    
  • In the example below, we see that the file's owner has read, write, AND execute permissions. No one else has any access

    - rwx --- ---
    
  • In the example below, we see that the file's owner has read, and write BUT NOT execute permissions. Members of the file's owner group can only read the file and everyone else can read the file too.

    - rw- r-- r--
    
  • In the above example, we see that the directory's owner and member's of the owner group can enter the directory, rename, and remove files from within the directory

    d rwx rwx ---
    

Altering Permissions

chmod

  • To change the permissions of a file or directory, we can use the chmod command (change mode).

    chmod mode file
    
  • To use chmod to alter permissions, we need to tell it:

    • Who we are changing permissions for
    • What change are we making? Adding? Removing?
    • Which permissions are we setting?
  • When specifying permissions with chmod, we use a special syntax to write permission statements.

  • First, we specify the "who" using the following values:

    • u - user (the owner of the file)
    • g - group (members of the group the file belongs to)
    • o - others (the "world")
    • a - all of the above
  • Next, we tell chmod "what" we are doing using the following characters:

    • - (minus sign) removes the permission
    • + (plus sign) grants the permission
    • = (equals sign) set a permission and removes others
  • Finally, the "which" values are:

    • r - the read permission
    • w - the write permission
    • x - the execute permission
    # Before : - rw- r-- r--
    chmod g+w file.txt
    # After : - rw- rw- r--
    
    # Before : - rw- rw- r--
    chmod a-w file.txt
    # After : - r-- r-- r--
    
    # Before : - rwx rwx r--
    chmod a=r file.txt
    # After : - r-- r-- r--
    

    chmod Octals

    • chmod also supports another way of representing permission patterns: octal numbers (base 8). Each digit in an octal number represents 3 binary digits.

Image description

chmod 755 file.txt # rwx r-x r-x
Enter fullscreen mode Exit fullscreen mode

Root User

  • In Linux systems, there is a super user called root. The root user can run any command and access any file on the machine, regardless of the file's actual owner.
  • The root user has tons of power and could easily damage or even destroy the system by running the wrong commands!
  • For this reason, Ubuntu locks the root user by default.

sudo

  • Even if the root user is locked by default, we can still run specific commands as the root user by using the sudo command.
  • Individual users are granted an "allowed" list of commands they can run as the super user.
  • Run sudo -l to see the permitted commands for your particular user.
  • To run a command as the root user, prefix it with sudo. You will then need to enter the password for your account.
  • For example to update Ubuntu, I would need to run apt update. However, I can't do this as my "regular" user, as it's something that impacts all users. Instead, I need to run the command as the root user using sudo apt update
  • If you run into permissions denied, prefix the command with sudo

Top comments (0)