Linux Directory Permissions

Directory Permissions#

Directory Permissions and Linux Files and File Permissions are set using Chmod.

The default File Permissions are set using umask.

You may also want to use the Linux setgid and setuid commands to set the "run as" values for certain files.

There are two special bits in the permissions field of directories. They are:

  • s - Set group ID
  • t - Save text attribute (sticky bit) - The user may delete or modify only those files in the directory that they own or have write permission for.

Save text attribute#

The /tmp directory is typically world-writable and looks like this in a listing:
drwxrwxrwt   13 root     root         4096 Apr 15 08:05 tmp
Everyone can read, write, and access the directory. The "t indicates that only the user (and root, of course) that created a file in this directory can delete that file.

To set the sticky bit in a directory, do the following:

chmod +t data

This option should be used carefully. A possible alternative to this is

  • Create a directory in the user's home directory to which he or she can write temporary files.
  • Set the TMPDIR environment variable using each user's login script.
  • Programs using the tempnam(3) function will look for the TMPDIR variable and use it, instead of writing to the /tmp directory.

Directory Set Group ID#

If the setgid bit on a directory entry is set, files in that directory will have the group ownership as the directory, instead of than the group of the user that created the file.

This attribute is helpful when several users need access to certain files. If the users work in a directory with the setgid attribute set then any files created in the directory by any of the users will have the permission of the group. For example, the administrator can create a group called spcprj and add the users Kathy and Mark to the group spcprj. The directory spcprjdir can be created with the set GID bit set and Kathy and Mark although in different primary groups can work in the directory and have full access to all files in that directory, but still not be able to access files in each other's primary group.

The following command will set the GID bit on a directory:

chmod g+s spcprjdir
The directory listing of the directory "spcprjdir":
drwxrwsr-x 2 kathy spcprj 1674 Sep 17 1999 spcprjdir
The "s in place of the execute bit in the group permissions causes all files written to the directory "spcprjdir" to belong to the group "spcprj" .

Examples Using chmod#

We have some Examples Using chmod.

Below are examples of making changes to owner and group:

  • chown mark test1 - Changes the owner of the file test1 to the user Mark.
  • chgrp mark test1 - Changes the file test1 to belong to the group "mark".

Note: Linux files were displayed with a default tab value of 8 in older Linux versions. That means that file names longer than 8 may not be displayed fully if you are using an old Linux distribution. There is an option associated with the ls command that solves this problem. It is "-T". Ex: "ls al -T 30" to make the tab length 30.

chmod Calculator#

We fond this handy chmod Calculator

More Information#

There might be more information for this subject on one of the following: