Linux: File Permissions
Linux’s robust and secure nature is attributed to its sophisticated file permission system. This article serves as a comprehensive guide to Linux file permissions, aimed at beginners and experienced users alike. It covers the core concepts, terminology, and syntax of file permissions, providing step-by-step instructions and troubleshooting tips.
The guide explores the three permission categories: user, group, and others, along with their access levels. It also explains symbolic and numerical representations of permissions, including special permissions like setuid and setgid.
Practical examples and scenarios are included to facilitate practical application.
By the end, readers will have the knowledge and confidence to effectively manage file permissions, ensuring system integrity and data security in the Linux environment.
Steps
Navigate to your working directory(folder) or create a new one and navigate to it using the following command
mkdir file_permissions && cd file_permissionsCreate a directory by the name sample_folder and a file called sample_file inside the file_permissions directory.. Use the following command
mkdir sample_folder && touch sample_fileYou can verify that the two items are created by listing the contents of the folder using the following command
lsYour output should be as follows
~$ ls
sample_folder sample_fileYou are now set up to start learning about file permissions. Lets get started.
Lets start by executing our sample_file from the terminal. Run the following command on the terminal
./sample_file
Auto (Bash)./sample_fileYou should get an error similar to the one shown below
bash: ./sample_file: Permission deniedBash is the default shell on most linux versions.
You may be wondering why you are denied the permission to execute the file yet you created it yourself
Lets take a step back
Lets list the long version of the contents in the file_permissions directory. We use the following command to accomplish this
ls -lThe output should look as shown below
~$ ls -l
total 4
-rw-rw-r-- 1 sam sam 0 Jun 3 20:59 sample_file
drwxrwxr-x 2 sam sam 4096 Jun 3 20:59 sample_folderIn the above output, we can see the permissions present on the file and folder, on the far right we can see the names of the file and folder.
The permissions on the file are represented as -rw-rw-r —- and the permissions on the folder are represented as drwxrwxr-x . What do these letters and dasshes mean? Lets explore their meaning
- represents absence of permission
r represents the read permission
w represents the write permission
x represents the execuution permission
d represents a directoryA — at the beginning of a permission represents a permission for a file
There are three groups of permissions for both files and directories:
- User permissions
- Group permissions and,
- Other permissions
See the below image for more clarification of the groupings
Now with this understanding, we can investigate why it was not possible for us to execute our file.
After listing the long version of the contents of the file_permissions directory, we can see that our sample_file has the following output
-rw-rw-r-- 1 sam sam 0 Jun 3 20:59 sample_fileThis indicates that it does not have execution permission on either user, group or other.
We can change the mode of the file to add the execution permission
We accomplish that using the following command
chmod +x sample_fileIf we list the long version contents of the file_permissions directory, we can see that the sample_file now has the execution permission
~$ ls -l
-rwxrwxr-x 1 sam sam 0 Jun 3 20:59 sample_fileThis means that we can now execute this file without facing any issues. lets verify this. Use the following command
./sample_fileThere is no output on the terminal implying that this empty file was executed successfully.
We can also remove permissions from a file using the — sign. Lets remove the execution permission for the group for our sample_file .
chmod g-x sample_file g represents the group
If we list the long version of the contents of the file_permissions folder, we can see that the group for sample_file no longer has the execution permissions. See output below
-rwxrw-r-x 1 sam sam 0 Jun 3 20:59 sample_fileWe can also remove the read and execution permissions from the other as shown below
chmod o-rx sample_fileo represents other
Our output should now look as shown below once we list the contents of the file_permissions folder
-rwxrw---- 1 sam sam 0 Jun 3 20:59 sample_fileWe no longer have read and execute permissions on other.
You can play around with the permissions for the different groups and see the outcome.
The read, write and execution permissions can also be represented numerically as follows
4 read permission for a specific group
2 write permission for a specific group
1 execute permission for a specific groupThis implies that in order to have read, write and execute permissions on a specific group, you add the three numerical numbers 4 + 2 + 1 which will give you 7 .
6 represents both read(4) and write(2) permissions for a specific group. i.e 4 + 2
3 represents write(2) and execute(1) permissions for a specific file. i.e 2 + 1
We can change the permissions for our sample_file and give only the user read, write and execute permissions and remove all permissions from the rest of the files as shown below
chmod 700 sample_fileIf we list the long version of the output, we can see that then permissions have been altered as shown below
-rwx------ 1 sam sam 0 Jun 3 20:59 sample_fileCongratulations!
If this article was helpful to you, kindly follow me and share.
You can leave your questions or comments in the comment section and I will respond accordingly.
