Skip to main content

Linux File Permissions: How to Control Access to Your Files and Directories

 

Linux file permissions are a mechanism that allows you to specify who can access, modify, or execute your files and directories on your system. This is an essential feature for ensuring the security and privacy of your data, as well as the proper functioning of your applications and services.

In this blog post, we will explain the following topics:

  • How to view and interpret file permissions using the ls command
  • How to change file permissions using the chmod command
  • How to use symbolic and octal notation to specify file permissions
  • How to apply file permissions recursively to subdirectories and files
  • How to View and Interpret File Permissions

To view the file permissions of a file or a directory, you can use the ls -l command, which lists the files and directories in a long format. For example, if you run the command on your home directory, you may see something like this:

$ ls -l
total 12
drwxr-xr-x 2 user user 4096 Apr 30 10:10 Documents
-rw-r--r-- 1 user user   12 Apr 30 10:10 file.txt
lrwxrwxrwx 1 user user    8 Apr 30 10:10 link.txt -> file.txt

The first column of the output shows the file permissions, followed by the number of links, the owner, the group, the size, the date and time of the last modification, and the file name.

The file permissions consist of 10 characters, which can be divided into four parts:

  • The first character indicates the file type. It can be one of the following:

    • -: a regular file
    • d: a directory
    • l: a symbolic link
    • c: a character device file
    • b: a block device file
    • s: a socket file
    • p: a named pipe file

  • The next three characters show the permissions for the file owner. They can be one of the following:

    • r: the owner has read permission
    • w: the owner has write permission
    • x: the owner has execute permission
    • -: the owner has no permission

  • The next three characters show the permissions for the file group. They have the same meaning as the owner permissions.

  • The last three characters show the permissions for the others (everyone else). They have the same meaning as the owner and group permissions.

For example, in the output above, the file file.txt has the following permissions:

  • -: it is a regular file
  • rw-: the owner can read and write the file, but not execute it
  • r--: the group can only read the file, but not write or execute it
  • r--: the others can only read the file, but not write or execute it

The directory Documents has the following permissions:

  • d: it is a directory
  • rwx: the owner can read, write, and execute (enter) the directory
  • r-x: the group can read and execute (enter) the directory, but not write to it
  • r-x: the others can read and execute (enter) the directory, but not write to it

The symbolic link link.txt has the following permissions:

  • l: it is a symbolic link
  • rwx: the owner can read, write, and execute the link
  • rwx: the group can read, write, and execute the link
  • rwx: the others can read, write, and execute the link

Note that the permissions of a symbolic link do not affect the access to the file or directory it points to. The permissions of the target file or directory are used instead.

How to Change File Permissions

To change the file permissions of a file or a directory, you can use the chmod command, which stands for change mode. The syntax of the command is:

chmod [options] mode file

where mode is the new set of permissions, and file is the name of the file or directory. You can also specify multiple files or directories, separated by spaces.

There are two ways to specify the mode: symbolic notation and octal notation. We will explain both methods in the following sections.

Symbolic Notation

Symbolic notation allows you to modify the file permissions by using symbols to represent the classes of users and the types of permissions. The general format of the mode is:

[who][operator][permissions]

where:

  • who is one or more characters that specify the class of users to modify. It can be one of the following:

    • u: the owner of the file
    • g: the group of the file
    • o: the others
    • a: all users (equivalent to ugo)

  • operator is one character that specifies how to modify the permissions. It can be one of the following:

    • +: add the specified permissions to the existing permissions
    • -: remove the specified permissions from the existing permissions
    • =: set the specified permissions and clear the others

  • permissions is one or more characters that specify the type of permissions to modify. It can be one of the following:

    • r: the read permission
    • w: the write permission
    • x: the execute permission
    • s: the setuid or setgid permission (explained later)
    • t: the sticky bit permission (explained later)

You can also use commas to separate multiple modes, which will be applied in order. For example, the mode u+r,g+w,o-rx means:

  • Add the read permission to the owner
  • Add the write permission to the group
  • Remove the read and execute permissions from the others

Here are some examples of using the chmod command with symbolic notation:

  • To add the execute permission to the owner of the file file.txt, use the following command:

    chmod u+x file.txt

  • To remove the write permission from the group and the others of the directory Documents, use the following command:

    chmod go-w Documents

  • To set the read and write permissions for the owner, and the read permission for the group and the others of the file file.txt, use the following command:

    chmod u=rw,go=r file.txt

Octal Notation

Octal notation allows you to modify the file permissions by using numbers to represent the permissions for each class of users. The general format of the mode is:

[owner][group][others]

where:

  • owner is a number that specifies the permissions for the owner of the file
  • group is a number that specifies the permissions for the group of the file
  • others is a number that specifies the permissions for the others

Each number is a combination of the following values:

  • 4: the read permission
  • 2: the write permission
  • 1: the execute permission
  • 0: no permission

To get the number for each class of users, you need to add the values of the permissions you want to set. For example, the number 7 means read, write, and execute permissions, because 4 + 2 + 1 = 7. The number 5 means read and execute permissions, because 4 + 1 = 5. The number 0 means no permissions.

Here are some examples of using the chmod command with octal notation:

  • To set the read, write, and execute permissions for the owner, and the read and execute permissions for the group and the others of the file file.txt, use the following command:

    chmod 755 file.txt

  • To set the read and write permissions for the owner, and the read permission for the group and the others of the directory Documents, use the following command:

    chmod 644 Documents

  • To remove all permissions from the others of the file file.txt, use the following command:

    chmod 700 file.txt

How to Apply File Permissions Recursively

By default, the chmod command only changes the permissions of the specified file or directory. If you want to change the permissions of a directory and all its subdirectories and files, you need to use the -R option, which stands for recursive. For example, to set the read, write, and execute permissions for the owner, and the read and execute permissions for the group and the others of the directory Documents and all its contents, use the following command:

chmod -R 755 Documents

Be careful when using the recursive option, as it can affect a large number of files and directories, and potentially cause unwanted changes or errors.


Labels:

Comments

Post a Comment

Popular posts from this blog

Cockpit vs. Webmin: A Detailed Comparison for Linux Administration

  Introduction In the realm of Linux system administration, having efficient tools for managing and monitoring servers is crucial. Two popular tools that system administrators often use are  Cockpit  and  Webmin . Both of these tools provide a graphical interface accessible via a web browser, simplifying the management of Linux systems. This blog post will explore what Cockpit and Webmin are, their purposes, a comparison table, and additional information to help you choose the right tool for your needs. What is Cockpit? Overview Cockpit is a web-based graphical interface for managing Linux systems. It is designed to be easy to use, enabling both experienced and novice administrators to manage their systems effectively. Cockpit integrates seamlessly with the system’s existing infrastructure, providing real-time monitoring and management capabilities. Purpose Cockpit is primarily used for: Monitoring system performance and resource usage Managing system services Handli...
Post a Comment
Read more

How to Set Up Custom Screen Resolution on Fedora 38 Permanently

  If you are using Fedora 38 as your operating system, you may have encountered some issues with the screen resolution. The default resolution may not be suitable for your monitor or your preferences, and you may want to change it to a higher or lower value. However, changing the resolution from the Settings menu may not work properly, or it may not persist after a reboot. In this blog post, I will show you how to set up a custom screen resolution on Fedora 38 permanently using some simple commands and configuration files. The first step is to disable the Wayland display server, which is the default display server for Fedora 38. Wayland is a modern and secure display server, but it may not support some custom resolutions or drivers. To disable Wayland, you need to edit the /etc/gdm/custom.conf file as root. You can use any text editor of your choice, such as nano, vim, or gedit. To open the file with nano, for example, you can type the following command in the terminal: sudo nano ...
Post a Comment
Read more

Key Concepts and Tools for a Linux System Administrator

  A Linux System Administrator needs to have a comprehensive understanding of various concepts and tools to manage, configure, and maintain Linux systems effectively. Below is a categorized list of essential skills and tools with brief descriptions. Category Key Concepts & Tools Description Operating System Linux Distributions (e.g., Fedora, Ubuntu, CentOS) Knowledge of different Linux distributions, their package management systems, and unique features. Kernel Configuration and Management Understanding how to configure and optimize the Linux kernel for different workloads. System Boot Process (GRUB, systemd) Familiarity with the boot process, bootloaders, and system initialization processes. Command Line Skills Bash Shell Scripting Ability to write and debug shell scripts for automation of tasks. Core Commands (ls, cp, mv, rm, find, grep, awk, sed) Proficiency in using basic and advanced command-line utilities for system management. File System File System Hierarchy Standard (...
Post a Comment
Read more