Why do you need permissions in Linux?
There are many things in Linux that you are responsible for, and sometimes you need permission to perform certain tasks, but we’ll investigate why?
Linux is not only a multi-tasking system but also a multi-user system. What does the multi-user system mean? In other words, more than one person can use the computer at once, but you’re probably wondering how it is possible for one computer to be used by more than one person at the same time.
Let’s understand this with an example
Imagine a computer connected to the internet and any remote user can log in via SSH and operate it. The remote users can execute graphical applications and see the graphical output on a remote display.
WHAT IS SSH
A secure shell or secure socket shell is a network protocol by which any user can access a computer over an unsecured network.
Evolution of multi-user system in Linux
Linux is designed with a multi-user system as an integral part of its design, not something new. Yes ago before computers were personal when they were used by large firms military and universities. For example, In large firms, each computer is connected to a central computer located in a common area. Several users can be seated on the same computer at the same time, so the concept of permissions is introduced in the multi-user computer as a way to protect them from each other and also the central computer.
The purpose of this article ( series of articles ) is to help us understand what Linux permissions actually are and how they work
Table of Content
- what is permission in Linux means?
- Why are we not allowed to read some of the files in Linux?
- Topics of the next article?
What is permission in Linux means?
We will first understand who is the user, who are the group members and others. For that let's go to the terminal and navigate to the root directory
cd /
and do ls
command and your output will look following
acer@acer-Aspire-A515-51G:~$ cd /
acer@acer-Aspire-A515-51G:/$ ls
bin dev lib libx32 mnt root snap sys var
boot etc lib32 lost+found opt run srv tmp
cdrom home lib64 media proc sbin swapfile usr
Navigate to any of the directories listed above, in my case I'll navigate to /boot directory cd /boot
In /boot directory enter ls -l
ls -l
→ display files and directories in long listing format
As a result, you’ll have something similar to the following image
As you see there are a couple of files, now let's examine some of them
Enter the following command to examine any of the files you like to
acer@acer-Aspire-A515-51G:/boot$ file config-5.13.0-40-genericconfig-5.13.0-40-generic: Linux make config build file, ASCII text
file command → Gives the generally overview of file, simply help to know the type of file
Great now I got an overview of the file which I have selected, its a Linux config build file ( ASCII text ), and let's try to read it
acer@acer-Aspire-A515–51G:/boot$ less config-5.13.0–40-generic
you have easily read the above file without any problem.
Now let's try to do the same thing with another file. Now I want you to try any of the files that start with this “-rw — — — -” or you can follow me but feel free to experiment.
acer@acer-Aspire-A515-51G:/boot$ file System.map-5.13.0-40-genericSystem.map-5.13.0-40-generic: regular file, no read permission
OK !!! our command works fine but we got something new this time “ no read permission” why it is showing “ no read permission” let’s try to read it and see what happens
acer@acer-Aspire-A515-51G:/boot$ less System.map-5.13.0-40-genericSystem.map-5.13.0-40-generic: Permission denied
Oops 😧 !!! looks like we are not allowed to read this file. Now maybe you are getting curious and asking yourself “why the heck I am not allowed to read a file on my own computer who the hell do they think they are”. Remember what I told you at the beginning? let me quote it again
the concept of permissions is introduced in the multi-user computer as a way to protect them from each other and also the central computer.
Now, I think you got the point, you are not allowed to read some of the files on your “OWN” computer 🖥️ because these files are important ones any kind of mistakes may crash the whole computer. So to protect you and others, the concept of permission is introduced.
But we are Linux users so there is nothing like rules, permission, and restrictions on us. We are our own boss 😎, there is nothing you can’t do in Linux. You are superman 🦸, the only difference is you don’t wear underwear over your pants. JOKES apart 🤣 let’s move forward and understand it properly
Why are we not allowed to read some of the files in Linux 🤷🏻♀️?
Because we are just regular user ( not superuser ), who is not allowed to read such kind of files like a middle-class man is not allowed to afford the luxury. Nevertheless, Linux allows you to do anything you want, but before we move ahead, let’s understand some basics so we won’t burn our house down.
In Linux, there are Users, Groups, and others, the complete Linux system is divided among them
Users 🎅 → They own files and directories
Groups 👨👩👧👧 → One or more users forms groups
Others 👥→ Anyone that is neither a user nor a member of a group in the system is referred to as others.
All together they form their own world, each of them has a different set of rules and rights. I’m sure you would like to know your identity, so let’s proceed to the terminal. Then, we can figure it out by ourselves.
In terminal enter id command
acer@acer-Aspire-A515-51G:/boot$ iduid=1000(acer) gid=1000(acer) groups=1000(acer),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),121(lpadmin),132(lxd),133(sambashare)
Your result might look different if you are not using Ubuntu, but don’t worry the main thing is “uid” and “gid” which is basically user id and group id assigned to the user.
Apart from these two, all the other outputs are groups that are associated with Linux users. So what’s the source of this information & where are they coming from 🤔?
User accounts are defined in /etc/passwd
file
Groups are defined in /etc/groups
file.
When users and groups are created their information like passwords is stored in /etc/shadow
file. Oh !!! that sounds great, what do you think should we go read this file and do something naughtiness. Ok I am up for it, lets go
acer@acer-Aspire-A515-51G:/$ less /etc/shadow/etc/shadow: Permission denied
What the heck 🤯 !!! Come on man, not again not this time I really wanna read it 😟 and I hope you also want to read it 🥺.OK, It doesn’t matter how we do it, there will be no stopping us 😈. We are going to read it ( without crashing our system ) in the next post.
In the next post, I’ll cover permissions in Linux in great detail. The following topics will be discussed in the next article
- Reading, writing, and executing files
- Gaining access to restricted files
- File types and Permission attributes
- How to change the permission of the file
Till then stay naughty 😝, go to a party 🥳, and do whatever you want ✌🏻.
Keep Experimenting with linux