As an open source, accessing a file requires more security in Linux. This has been maintained by providing file permissions and access modes. These are applicable for all files and directory.

File Permissions:

    The file permissions tells who all have access to the files.There are 3 attributes in file permissions classified as,
  1. Owner Permission
  2. Group Permission
  3. Other or world Permission
Owner Permission:

    The owner permission defines the action that can be done to the files by the Owner.

Group Permission:

    The Group permission defines the action that can be done to the files by the users on the group.

Other or world Permission:

    The Other permissions defines the action that can be done to the files by the world or public.

File Modes:

    The file modes defines what kind of access are provided to the users. There are 3 attributes in file modes as well,
  1. read
  2. write
  3. execute
read   - The read mode allows to view the file( Readable ). The value for read access is 4
write  - The write mode allows to modify the file ( Readable, Writable and Removable ). The value for write access is 2
execute - The execution mode allows to run the file as a program( Mostly applied to bash files in Linux ). The value for execute access is 1


   
     The above image shows the file permissions for files.
  • First will be the type of file. It may be a file, directory, or a link. 
  • Second three sets of value is assigned to the Owner of the file
  • The third three sets is assigned to the Group.
  • The final three sets is assigned to the public or world.
Printing the File permissions:

    To view file permissions and modes we can use either ls command with -l flag or ll command.

$ ls -l

$ ll

jhony@ljunix:~$ ls -l
total 16
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir1
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir2
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir3
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir4
lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir1 -> Dir1
lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir4 -> Dir4
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test1.txt
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test2.txt
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test3.txt
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test.sh

The file permission for a directory is always started with  d.
The file permission for a file is always started with  d.
The file permission for a link is always started with  l.

Changing the Ownership of a file:

    The Owner ship of the file can be changed in order to provide access to other users and groups. To obtain this we use  chown  command.

    Using chown command we can change the owner of the file at a time or user and group at the same time.

$ chown jhon Dir1 Dir3 test2.txt test.sh

$ chown jhon:newgroup Dir1 Dir3 test2.txt test.sh

jhony@ljunix:~$ chown jhon:newgroup Dir1 Dir3 test2.txt test.sh
jhony@ljunix:~$ ls -l
total 16
drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir1
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir2
drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir3
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir4
lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir1 -> Dir1
lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir4 -> Dir4
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test1.txt
-rw-r--r-- 1 jhon newgroup 0 Nov 15 01:25 test2.txt
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test3.txt
-rw-r--r-- 1 jhon newgroup 0 Nov 15 01:25 test.sh


Changing the group of a file:

    If you want to change the group-owner alone, you can use  chgrp  command

$ chgrp newgroup Dir4

jhony@ljunix:~$ chgrp newgroup Dir4
jhony@ljunix:~$ ls -l
total 16
drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir1
drwxr-xr-x 2 jhony ljunix 4096 Nov 15 01:25 Dir2
drwxr-xr-x 2 jhon newgroup 4096 Nov 15 01:25 Dir3
drwxr-xr-x 2 jhony newgroup 4096 Nov 15 01:25 Dir4
lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir1 -> Dir1
lrwxrwxrwx 1 jhony ljunix 4 Nov 15 01:26 link_to_Dir4 -> Dir4
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test1.txt
-rw-r--r-- 1 jhon newgroup 0 Nov 15 01:25 test2.txt
-rw-r--r-- 1 jhony ljunix 0 Nov 15 01:25 test3.txt
-rw-r--r-- 1 jhon newgroup 0 Nov 15 01:25 test.sh


    If you wish to change the permissions to all the subdirectories use  -R  flag along the  chown  command. It will recursively change the permissions for all files inside the directory

$ chown jhon:newgroup Dir1/ -R

Changing File modes:

    As mentioned earlier the file modes defines the kind of access are provided to the users or groups to the file either the user has the right to read or write or delete.

    When comes to file mode there are two ways to change it.
  1. Absolute mode
  2. Symbolic mode
Absolute Mode:

    Absolute mode is also known as Numeric mode, file permissions are not represented as characters but a three-digit octal number. r=4, w=2 and x=1. Let us view how the values are defined on the following table.

Symbol RepresentsValueFor Absolute modePermission Type
---00No Permission
--x11Execute
-w-22Write
-wx2 + 13Execute + Write
r--44Read
r-x4 + 15Read + Execute
rw-4 + 26Read +Write
rwx4 + 2 + 17Read + Write +Execute

    We will see the changing the file mode through absolute mode. On the following example we will provide 761 permission for a file.


$ chmod 760 test1.txt

jhony@ljunix:~$ chmod 760 test1.txt
jhony@ljunix:~$ ls -l test1.txt
-rwxrw---- 1 jhony ljunix 0 Nov 15 01:25 test1.txt


 For the test1.txt file the permissions are as follows,

Owner - File Owner jhony can read,write and execute the file.
Group - Users under the group ljunix can read and write the file.
Others - Rest of the users cannot access the file.

Symbolic mode:

    The symbolic mode allows us to modify permissions for a specific owner. It uses mathematical operators to modify the file permissions.

    In Symbolic mode we use some user denotations to change the permission along with the operators.

u stands for Owner
g stands for Group
o stands for Others
a stands for all

For Operators the permissions will be,


OperatorPermissions
                     +Adds a permission to a file or directory
-Removes the permission
                     =Sets the permission and overrides the permissions set earlier.

We will see this with an example, initially we will set the permissions to null for our test file

$ jhony@ljunix:~$ chmod 000 test.sh
$jhony@ljunix:~$ ls -l test.sh
---------- 1 1 jhon newgroup 0 Nov 15 01:25 test.sh

Now we will apply using symbolic mode,

$ chmod +x test.sh

    Without defining a user denotations the permissions will set to all the owner.

jhony@ljunix:~$ chmod +x test.sh
jhony@ljunix:~$ ls -l test.sh
---x--x--x 1 jhon newgroup 0 Nov 15 01:25 test.sh

    We will add read and write access to the Owner of the file,

$ chmod u+rw test.sh

jhony@ljunix:~$ chmod u+rw test.sh
jhony@ljunix:~$ ls -l test.sh
-rwx--x--x 1 1 jhon newgroup 0 Nov 15 01:25 test.sh

    These are the methods followed in changing the permissions for files using absolute mode and symbolic mode.

    Hope this articles helps you. Feel free to ask if you have any questions.

Comments

  1. Be the first to add a comment.