Linux is a multi-user operating system and it uses the concepts of “ownership” and “permissions” to enhance the security of the files and directories. Every file and directory on Linux system is owned by a specific user and group. Therefore, file/directory permissions are defined separately for users, groups, and others.
- User The username of the person who owns the file /directory. By default the user who creates the file /directory will become its owner .
- Group The user group that owns the file/directory. All users who belong to the group that owns the file/directory will have the same access permissions to the file/directory.
- Other A user who isn’t the owner of the file/directory and doesn’t belong to the same group the file/directory does.
If you want to view the users on your system, you can view the /etc/passwd file by running the following command:1cat /etc/passwd
Similarly, you can view the groups on your system by viewing the /etc/group file, by running the following command:1cat /etc/group
Linux use 3 types of permissions as follows,
- Read
- Write
- Execute
Read permission
For a file, the read permission means the file can be opened and read, For a directory, the read permission means the user can list the contents of the directory.
Write permission
For a file, write permission means the user can modify the file, and write new data to the file. For a directory, the write permission means the user is allowed to modify the content of the directory. The user can add, remove or rename files belongs to the particular directory.
Execute permission
For a file, execute permission means the user can execute the file as a program or a shell script. For a directory, the execute permission allows the user to access files in the directory and enter it, with the cd command but you are not allowed to list the content.
Viewing Permissions
You can view permssion by typing the following command: ls -tla
Identifying Permissions
r = read permission. w = write permission. x = execute – = no permisson
Linux has given values for the above permissions for the ease of use as below.1r = 4 2w = 2 3x = 1
Changing file/directory permissions with ‘chmod’ command
We can change the permission given to a file or a directory using ‘chmod’ command1chmod [PERMISSION-NUMBER] FILE(s) 2 3###You can also use symbols to allow and deny specific permissions of the file. 4#For example deny read permission of file1 to everyone: 5chmod a-r permissions/file1 6 7#To allow execute permission of file1 to everyone: 8chmod a+x permissions/file1 9 10#To allow write permission of file1 to the owner of the file: 11chmod u+w permissions/file1 12
Changing owner file/directory with ‘chown’ command1chown [USER][:GROUP] FILE(s) 2 3##You can use -R option with chown command to recursively change ownership of directories and sub-directories 4chown -R [USER][:GROUP] FILE(s)
rwxrw-r- –
This means the user has all read, write and execute permissions. Group has read and write permission and the other has read permission only.
Let’s calculate the permission number for the above scenario.
User : r + w + x => 4 + 2 + 1 = 7
Group : r+ w => 4 + 2 = 6
Other : e => 4 = 4
Therefore the ultimate 3 digit number is 764. If we need to give above permissions to a file or a directory, following command can be used as calculated.
Illustrating how the numbers are formed
