As an open source, accessing a file requires more security in Linux. This has been maintained by providing file permissions and access modes. These are applicable for all files and directory.
File Permissions:
The file permissions tells who all have access to the files.There are 3 attributes in file permissions classified as,
- Owner Permission
- Group Permission
- Other or world Permission
Owner Permission:
The owner permission defines the action that can be done to the files by the Owner.
Group Permission:
The Group permission defines the action that can be done to the files by the users on the group.
Other or world Permission:
The Other permissions defines the action that can be done to the files by the world or public.
File Modes:
The file modes defines what kind of access are provided to the users. There are 3 attributes in file modes as well,
- read
- write
- execute
write – The write mode allows to modify the file ( Readable, Writable and Removable ). The value for write access is 2
execute – The execution mode allows to run the file as a program( Mostly applied to bash files in Linux ). The value for execute access is 1
The above image shows the file permissions for files.
- First will be the type of file. It may be a file, directory, or a link.
- Second three sets of value is assigned to the Owner of the file
- The third three sets is assigned to the Group.
- The final three sets is assigned to the public or world.
To view file permissions and modes we can use either ls command with -l flag or ll command.
$ ls -l
$ ll
jhony@ljunix:~$ ls -l total 16 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir1 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir2 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir3 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir4 lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir1 -> Dir1 lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir4 -> Dir4 -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test1.txt -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test2.txt -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test3.txt -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test.sh
The file permission for a directory is always started with d.
The file permission for a file is always started with d.
The file permission for a link is always started with l.
Changing the Ownership of a file:
The Owner ship of the file can be changed in order to provide access to other users and groups. To obtain this we use chown command.
Using chown command we can change the owner of the file at a time or user and group at the same time.
$ chown jhon Dir1 Dir3 test2.txt test.sh
$ chown jhon:newgroup Dir1 Dir3 test2.txt test.sh
jhony@ljunix:~$ chown jhon:newgroup Dir1 Dir3 test2.txt test.sh jhony@ljunix:~$ ls -l total 16 drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir1 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir2 drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir3 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir4 lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir1 -> Dir1 lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir4 -> Dir4 -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test1.txt -rw-r–r– 1 jhon newgroup 0 Nov 15 01:25 test2.txt -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test3.txt -rw-r–r– 1 jhon newgroup 0 Nov 15 01:25 test.sh
Changing the group of a file:
If you want to change the group-owner alone, you can use chgrp command
$ chgrp newgroup Dir4
jhony@ljunix:~$ chgrp newgroup Dir4 jhony@ljunix:~$ ls -l total 16 drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir1 drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir2 drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir3 drwxr-xr-x 2 jhony newgroup 4096 Nov 15 01:25 Dir4 lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir1 -> Dir1 lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir4 -> Dir4 -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test1.txt -rw-r–r– 1 jhon newgroup 0 Nov 15 01:25 test2.txt -rw-r–r– 1 jhony ljunix 0 Nov 15 01:25 test3.txt -rw-r–r– 1 jhon newgroup 0 Nov 15 01:25 test.sh
If you wish to change the permissions to all the subdirectories use -R flag along the chown command. It will recursively change the permissions for all files inside the directory
$ chown jhon:newgroup Dir1/ -R
Changing File modes:
As mentioned earlier the file modes defines the kind of access are provided to the users or groups to the file either the user has the right to read or write or delete.
When comes to file mode there are two ways to change it.
- Absolute mode
- Symbolic mode
We will see the changing the file mode through absolute mode. On the following example we will provide 761 permission for a file.
$ chmod 760 test1.txt
jhony@ljunix:~$ chmod 760 test1.txt jhony@ljunix:~$ ls -l test1.txt -rwxrw—- 1 jhony ljunix 0 Nov 15 01:25 test1.txt
For the test1.txt file the permissions are as follows,
Owner – File Owner jhony can read,write and execute the file.
Group – Users under the group ljunix can read and write the file.
Others – Rest of the users cannot access the file.
Symbolic mode:
The symbolic mode allows us to modify permissions for a specific owner. It uses mathematical operators to modify the file permissions.
In Symbolic mode we use some user denotations to change the permission along with the operators.
u stands for Owner
g stands for Group
o stands for Others
a stands for all
For Operators the permissions will be,
We will see this with an example, initially we will set the permissions to null for our test file
$ jhony@ljunix:~$ chmod 000 test.sh $jhony@ljunix:~$ ls -l test.sh ———- 1 1 jhon newgroup 0 Nov 15 01:25 test.sh
Now we will apply using symbolic mode,
$ chmod +x test.sh
Without defining a user denotations the permissions will set to all the owner.
jhony@ljunix:~$ chmod +x test.sh jhony@ljunix:~$ ls -l test.sh —x–x–x 1 jhon newgroup 0 Nov 15 01:25 test.sh
We will add read and write access to the Owner of the file,
$ chmod u+rw test.sh
jhony@ljunix:~$ chmod u+rw test.sh jhony@ljunix:~$ ls -l test.sh -rwx–x–x 1 1 jhon newgroup 0 Nov 15 01:25 test.sh
These are the methods followed in changing the permissions for files using absolute mode and symbolic mode.
Hope this articles helps you. Feel free to ask if you have any questions.
Linux World 
Leave a comment