- File Permissions in Linux / Unix: How to Read, Write & Change?
- Linux File Ownership
- User
- Group
- Other
- Linux File Permissions
- Changing file/directory permissions in Linux Using ‘chmod’ command
- Absolute(Numeric) Mode in Linux
- Symbolic Mode in Linux
- File Permissions in Linux – How to Use the chmod Command
- What are File Permissions in Linux?
- Actions you can perform on a file
- What is the chmod Command?
- How to Remove Permissions from a File in Linux
- Another Way to Handle File Permissions in Linux
- Conclusion
File Permissions in Linux / Unix: How to Read, Write & Change?
Linux is a clone of UNIX, the multi-user operating system which can be accessed by many users simultaneously. Linux can also be used in mainframes and servers without any modifications. But this raises security concerns as an unsolicited or malign user can corrupt, change or remove crucial data. For effective security, Linux divides authorization into 2 levels.
The concept of Linux File permission and ownership is crucial in Linux. Here, we will explain Linux permissions and ownership and will discuss both of them. Let us start with the Ownership.
Click here if the video is not accessible
Linux File Ownership
Every file and directory on your Unix/Linux system is assigned 3 types of owner, given below.
User
A user is the owner of the file. By default, the person who created a file becomes its owner. Hence, a user is also sometimes called an owner.
Group
A user- group can contain multiple users. All users belonging to a group will have the same Linux group permissions access to the file. Suppose you have a project where a number of people require access to a file. Instead of manually assigning permissions to each user, you could add all users to a group, and assign group permission to file such that only this group members and no one else can read or modify the files.
Other
Any other user who has access to a file. This person has neither created the file, nor he belongs to a usergroup who could own the file. Practically, it means everybody else. Hence, when you set the permission for others, it is also referred as set permissions for the world.
Now, the big question arises how does Linux distinguish between these three user types so that a user ‘A’ cannot affect a file which contains some other user ‘B’s’ vital information/data. It is like you do not want your colleague, who works on your Linux computer, to view your images. This is where Permissions set in, and they define user behavior.
Let us understand the Permission system on Linux.
Linux File Permissions
Every file and directory in your UNIX/Linux system has following 3 permissions defined for all the 3 owners discussed above.
- Read: This permission give you the authority to open and read a file. Read permission on a directory gives you the ability to lists its content.
- Write: The write permission gives you the authority to modify the contents of a file. The write permission on a directory gives you the authority to add, remove and rename files stored in the directory. Consider a scenario where you have to write permission on file but do not have write permission on the directory where the file is stored. You will be able to modify the file contents. But you will not be able to rename, move or remove the file from the directory.
- Execute: In Windows, an executable program usually has an extension “.exe” and which you can easily run. In Unix/Linux, you cannot run a program unless the execute permission is set. If the execute permission is not set, you might still be able to see/modify the program code(provided read & write permissions are set), but not run it.
Let’s see file permissions in Linux with examples:
ls – l on terminal gives
Here, we have highlighted ‘-rw-rw-r–‘and this weird looking code is the one that tells us about the Unix permissions given to the owner, user group and the world.
Here, the first ‘–‘ implies that we have selected a file.p>
Else, if it were a directory, d would have been shown.
The characters are pretty easy to remember.
r = read permission
w = write permission
x = execute permission
– = no permission
Let us look at it this way.
The first part of the code is ‘rw-‘. This suggests that the owner ‘Home’ can:
- Read the file
- Write or edit the file
- He cannot execute the file since the execute bit is set to ‘-‘.
By design, many Linux distributions like Fedora, CentOS, Ubuntu, etc. will add users to a group of the same group name as the user name. Thus, a user ‘tom’ is added to a group named ‘tom’.
The second part is ‘rw-‘. It for the user group ‘Home’ and group-members can:
The third part is for the world which means any user. It says ‘r–‘. This means the user can only:
Changing file/directory permissions in Linux Using ‘chmod’ command
Say you do not want your colleague to see your personal images. This can be achieved by changing file permissions.
We can use the ‘chmod’ command which stands for ‘change mode’. Using the command, we can set permissions (read, write, execute) on a file/directory for the owner, group and the world.
chmod permissions filename
There are 2 ways to use the command –
Absolute(Numeric) Mode in Linux
In this mode, file permissions are not represented as characters but a three-digit octal number.
The table below gives numbers for all for permissions types.
Number | Permission Type | Symbol |
---|---|---|
0 | No Permission | — |
1 | Execute | –x |
2 | Write | -w- |
3 | Execute + Write | -wx |
4 | Read | r– |
5 | Read + Execute | r-x |
6 | Read +Write | rw- |
7 | Read + Write +Execute | rwx |
Let’s see the chmod permissions command in action.
In the above-given terminal window, we have changed the permissions of the file ‘sample to ‘764’.
‘764’ absolute code says the following:
- Owner can read, write and execute
- Usergroup can read and write
- World can only read
This is shown as ‘-rwxrw-r–
This is how you can change user permissions in Linux on file by assigning an absolute number.
Symbolic Mode in Linux
In the Absolute mode, you change permissions for all 3 owners. In the symbolic mode, you can modify permissions of a specific owner. It makes use of mathematical symbols to modify the Unix file permissions.
Adds a permission to a file or directory
Sets the permission and overrides the permissions set earlier.
The various owners are represented as –
File Permissions in Linux – How to Use the chmod Command
Arunachalam B
Just as with other operating systems, multiple users can create user accounts and share the same machine running Linux OS.
But whenever different users share a system, problems of privacy can easily arise. The first user may not wish the next user to view, edit, or delete their files, for example.
The Linux Terminal possesses some superpowers when it comes to handling file permissions. You can grant or revoke permissions for every file and directory from your Linux Terminal.
What are File Permissions in Linux?
File permissions control which actions can be performed by which users. Read, Write, and Execute are the three actions possible for every file.
Users are classified under three broad categories: Normal users, Groups, and Others. Linux allows users to set permissions at a very granular level. You can secure your file or directory in every possible location of a file system.
There are three important commands you’ll use when managing file permissions:
Among these, chmod is one of the most important commands. We’ll discuss the chmod command in this tutorial, and I’ll get into the others in upcoming articles.
Let’s deep dive into the chmod command 🏊.
Actions you can perform on a file
Before we proceed further, I want to make sure you’re clear about how the Read, Write, and Execute actions of a file work. Read and write are pretty are self-explanatory – they determine whether a user can read or write to a file.
But, what’s an executable file?
A file is said to be executable if it has a sequence of instructions to achieve something. A good example is scripting files (Shell Scripts).
What is the chmod Command?
chmod is a command that lets you change the permissions of a file or directory to all types of users.
Here’s the syntax of the chmod command:
Now it is executable. He stared at me as if I was a hacker 😂. But really, it’s a pretty simple and basic concept.
How to Remove Permissions from a File in Linux
I work with my colleague Divad on lots of projects, and he likes to try to fool me. We work together on many hobby projects and we often write shell scripts for quick deployment.
Whenever he writes shell scripts, he always removes all the permissions from the file and pushes the changes to the remote repo. So every time I have to grant permissions using the above commands for whatever action I have to do.
Let’s have a quick look at the command he uses to remove file permissions.
Here we have a file named install.sh which has all permissions (Read, Write, Execute). Let’s remove the execute permission for this script file.
You’ll not be able to execute this file now. Trying so will give you an error as shown in the above screenshot.
Let’s remove the read permission from the file.
The same applies to removing write permission from the file:
You can achieve all the above together using the below command:
But, did you know that I can create another directory inside locked_directory named dir1 and read the files and folders in dir1 ?
Then what’s the purpose of the command we just ran before? Removing the read permission on the parent should remove the same on child directories too, right?
Well. That’s the exact thing I told you earlier. Linux manages a very granular level of file permissions.
If you want to apply the permissions to the parent directory and all its child directories, you need to pass an exclusive flag with the chmod command.
That flag is -R . It basically means applying the same permissions recursively to all sub-directories (child directories). So this permission will apply to the end child of a file/directory.
Here’s the syntax for that:
From the above screenshot, you can see that trying to view the child directory files has failed after removing the read permission recursively from the parent directory.
Another Way to Handle File Permissions in Linux
Alternatively, you can use Octal representation to control the file permissions.
We can use numbers to represent file permissions (the method most commonly used to set permissions). When you change permissions using the Octal mode, you represent permissions for each triplet using a number (4, 2, 1, or combination of 4, 2, and 1).
Let’s see the syntax for using octal mode:
Look at the first part of the output ( -rwxrwxrwx ) from the above screenshot. Let’s explore what it means:
The first character indicates the type of input.
- «-» indicates a file
- «d» indicates a directory
- «i» indicates a link (a symlink, which is a shortcut to a file/directory)
You group the next set of letters, at a maximum of 3 for each group. These groups represents corresponding permissions for user, group, and others.
Conclusion
In this article, you have learned about handling basic file and folder permissions.
I hope you enjoyed reading this tutorial. I have one request to all: give it a try on your own with some complicated scenarios like having permutations and combinations of permissions 😂. It’ll definitely be helpful in your entire career.
Subscribe to my newsletter by visiting my site and also have a look at the consolidated list of all my blogs.