Overview#
Linux Files and File Permissions and
Linux Directory Permissions are set or changed from the defaults using
Chmod.
The default File System Permissions are set using umask.
All Files and directories have an owner which determines the File System's user class and to which distinct permissions may be applied.
You may also want to use the Linux setgid and setuid commands to set the "run as" values for certain files.
Linux files are setup so access to them is controlled. There are three types of access:
- read - permission give you the authority to open and read a file. Read permission on a directory gives you the ability to lists its content.
- write - permission gives you the authority to modify the contents of a file. The write permission on a directory gives you the authority to add, remove and rename files stored in the directory.
- execute - permission gives you the authority to execute (or run an application or script)
Each file belongs to a specific user and group. Access to the files is controlled by user, group, and what is called other. The term, other, is used to refer to someone who is not the user (owner) of the file, nor is the person a member of the group the file belongs to. When talking about setting permissions for "other" users to use, it is commonly referred to as setting the world execute, read, or write bit since anyone in the world will be able to perform the operation if the permission is set in the other category.
File names and permission characters#
File names can be up to 256 characters long with "-", "_", and "." characters along with letters and numbers.
When a long file listing is done, there are 10 characters that are shown on the left that indicate type and permissions of the file. File permissions are shown according to the following syntax example: drwerwerwe
There are a total of 10 characters in this example, as in all Linux files. The first character indicates the type of file, and the next three indicate read, write, and execute permission for each of the three user types, user, group and other.
Since there are three types of permission for three users, there are a total of nine permission bits. The table below shows the syntax:
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
| File | User Permissions | < | < | Group Permissions | < | < | Other Permissions | < | < |
| Type | Read | Write | Execute | Read | Write | Execute | Read | Write | Execute |
| d | r | w | e | r | w | e | r | w | e |
- Character 1 is the type of file: - is ordinary, d is directory, l is link.
- Characters 2-4 show owner permissions. Character 2 indicates read permission, character 3 indicates write permission, and character 4 indicates execute permission.
- Characters 5-7 show group permissions. Character 5=read, 6=write, 7=execute
- Characters 8-10 show permissions for all other users. Character 8=read, 9=write, 10=execute
Numbers or Symbols
There are 5 possible characters in the permission fields. They are:
- r = read - This is only found in the read field.
- w = write - This is only found in the write field.
- x = execute - This is only found in the execute field.
- s = setuid - This is only found in the execute field.
- If there is a "-" in a particular location, there is no permission. This may be found in any field whether read, write, or execute field.
Examples#
Type "ls -l" and a listing like the following is displayed:
total 10
drwxrwxrwx 4 george team1 122 Dec 12 18:02 Projects
-rw-rw-rw- 1 george team1 1873 Aug 23 08:34 test
-rw-rw-rw- 1 george team1 1234 Sep 12 11:13 datafile
Which means the following:
- drwxrwxrwx - Type and Permission field
- 4 - The number of directory entries that refer to the file.
- george - File Owner
- team1 - File Group
- 122 - Size in bytes
- Dec 12 18:02 - Date of last modification
- Projects - File Name
The fields are as follows:#
- Type field: The first character in the field indicates a file type of one of the following:
- d = directory
- l = symbolic link
- s = socket
- p = named pipe
- - = regular file
- c= character (un-buffered) device file special
- b=block (buffered) device file special
- Permissions are explained above.
- Links: The number of directory entries that refer to the file. In our example, there are four.
- The file's owner in our example is George.
- The group the file belongs to. In our example, the group is team1.
- The size of the file in bytes
- The last modification date. If the file is recent, the date and time is shown. If the file is not in the current year, the year is shown rather than time.
- The name of the file.
We have some
Examples Using chmod.
There might be more information for this subject on one of the following: