File Permissions

File Permissions

Linux provides you with great control of how you want to allow users to access files. Keep in mind that Linux is truly a multiuser OS, so you might have multiple users that want access to the same file or even group of files (think a directory). Linux allows users this ability with being able to set file permissions. With file permissions you have to keep in mind that you have settings for the owner, group and everyone else (also referred to as 'world'). There are two ways to set file permissions in Linux.

The first way is octal. This uses numbers to set file permissions. The second way is symbolic and this uses letters to alter file permissions. I use both depending on what I need to do to a file/directory. It is important that you understand both ways as you might come across documentation that uses one or the other.


To view file permissions you use the ls -l command. This will display the permissions and they'll look something like:

_rwxrwxrwx

The first item (the underscore: _ ) is for special permissions. For now, we can ignore this charecter.

Followed by the underscore we have three sets of rwx. The first set is for the owner of the file, the second set is for group permissions and the last set is for everyone else.

Octal File Permissions

With octal file permissions you set the permission for the owner, group and world. Each person (owner/user, group and world) needs to have a value. The values are easy to remember as long as you can remember your power of twos:

  • r = 4 (2^2)

  • w = 2 (2^1)

  • x = 1 (2^0)

  • None = 0

You would calculate a value for each person. If we wished to have the owner to have rwx (read, write and execute), group to have rw- (a dash means we do not wish to set that value) and world to have ---- (none) we would add the values up:

  • 4+2+1 = 7 (user)

  • 4+2 +0 = 6 (group)

  • 0+0+0 = 0 (world)

After we have the values added up we combine each value in order (owner, group, world) to get 760.

Symbolic File Permissions

Symbolic file permissions provide us with a lot more flexibility. We can add, remove or leave permissions alone. If you just want to change the owners file permissions we can do that! If you want to remove a permission from the group we can also do that! We wouldn't have to think about the others permissions. What makes this awesome is that we can also use letters and symbols to do this!

To change permissions of users, groups or other we use the following:

  • u – Owner

  • g – Group

  • o – Others

  • a – All users

Notice we have the ability to use 'a' to set it for everyone!

We can then use the following to set the specific permissions:

  • r – Read

  • w – Write

  • x – Execute

To update permissions we use the following symbols:

  • + (plus sign)Add this specific permission

  • (minus sign) – Remove this specific permission

  • = (equal sign) – Set to this permission

With using symbolic permissions we have to know what the starting permissions are as we will change permissions based of these. Let us start out with 755 as our permissions : _ rwx r_x r_x (I put spaces between each set to make it easier to see).

If we want to provide the group members with w access we would do the following:

  • g+w

This would give us _ rwx rwx r_x. If we wished to remove x from both group members and other we can do the following:

  • go-x

Notice that we can do multiple entities (owner, group, other) at once! Our permissions would be: _ rwx rw_ r__.

Now, if we wanted to remove read permission from other and add back in execute to group we can do the following:

  • g+x,o-r

This would give us _ rwx rwx ___. Notice that I used a comma (,) to link multiple changes.

chmod

The chmod command works to change file permissions. This command can be used with both octal and symbolic methods.

https://linux.die.net/man/1/chmod

https://www.linuxfoundation.org/blog/classic-sysadmin-understanding-linux-file-permissions/