Permissions
Introduction
Managing permissions is an important task to be familiar with. There are many tools available such as chown, chgrp, and chmod. There are two methods available for managing permissions using command line tools: symbolic and numeric. The symbolic method uses symbols such as u, +, x, r, and so on, to represent owners, groups, and permissions. The numeric method uses a numbering scheme.
Each file and directory has permissions for the owner (UID), group (GID), and everyone else. The permissions for each group consist of three (binary) bits. There are 10 bits in total: --- --- --- (the 10th bit is the setuid or sticky bit - this will be described later). The first three are the permissions for the owner. The next three are the permissions for the group, and the last three are the permissions for everyone else.
Use the ls -l command to view file and directory permissions:
ls -l file1 -rw-rw-r-- 1 user1 group1 0 Oct 22 17:51 file1
The above example shows the following permissions for the file1 file:
- user1: read and write
- group1: read and write
- everyone else: read
The three main symbols used to represent permissions are r, w, and x. These represent read, write, and execute permissions respectively. File permissions are as follows:
- read: files can be opened and viewed using commands such as
catandless - write: edit, save, and delete files
- execute: allows you to execute the file (files will not be executable unless you also have read permissions)
Permissions for directories are as follows:
- read: list the contents using the
lscommand - write: edit, save, and delete files within said directory
- execute: allows you to change into said directory using the
cdcommand. Execute permissions are required to perform a long listing using thels -lcommand. Without execute permissions thels -lcommand will return output similar to the following:
ls -l test1/ ls: cannot access test1/file1: Permission denied ls: cannot access test1/file2: Permission denied total 0 -????????? ? ? ? ? ? file1 -????????? ? ? ? ? ? file2
If a user has write permissions on a directory, that user can remove any file within that directory regardless of file permissions.
Symbolic Method
The following table describes the symbols used to change permissions using the symbolic method. Familiarize yourself with this table before proceeding to the next section:
| u | the owner of the file or directory |
| g | the group the file or directory belongs to |
| o | everyone else |
| a | everyone (u, g, and o) |
| = | assign a permission |
| r | read permissions |
| w | write permissions |
| x | execute permissions |
| t | directory sticky bit |
| s | setuid or setgid |
Examples of using the chmod command to change file permissions can be found in the Managing Permissions Using the CLI section.
Numeric Method
The following table describes the numbering scheme used when changing permissions using the numeric method:
| Number | Permissions | ls -l Output
|
| 0 | no permissions | --- |
| 1 | execute | --x |
| 2 | write | -w- |
| 3 | write and execute | -wx |
| 4 | read | r-- |
| 5 | read and execute | r-x |
| 6 | read and write | rw- |
| 7 | read, write, and execute | rwx |
Use the chmod command to change permissions regardless of whether you are using the symbolic or numeric method.
| Previous Page - TOC | Next Page: Managing Permissions Using the CLI |