Linux: File Permissions
Linux’s robust and secure nature is attributed to its sophisticated file permission system. This article serves as a comprehensive guide to Linux file permissions, aimed at beginners and experienced users alike. It covers the core concepts, terminology, and syntax of file permissions, providing step-by-step instructions and troubleshooting tips.
The guide explores the three permission categories: user, group, and others, along with their access levels. It also explains symbolic and numerical representations of permissions, including special permissions like setuid and setgid.
Practical examples and scenarios are included to facilitate practical application.
By the end, readers will have the knowledge and confidence to effectively manage file permissions, ensuring system integrity and data security in the Linux environment.
Steps
Navigate to your working directory(folder) or create a new one and navigate to it using the following command
mkdir file_permissions && cd file_permissions
Create a directory by the name sample_folder
and a file called sample_file
inside the file_permissions
directory.. Use the following command
mkdir sample_folder && touch sample_file
You can verify that the two items are created by listing the contents of the folder using the following command
ls
Your output should be as follows
~$ ls
sample_folder sample_file
You are now set up to start learning about file permissions. Lets get started.
Lets start by executing our sample_file
from the terminal. Run the following command on the terminal
./sample_file
Auto (Bash)./sample_file
You should get an error similar to the one shown below
bash: ./sample_file: Permission denied
Bash is the default shell on most linux versions.
You may be wondering why you are denied the permission to execute the file yet you created it yourself
Lets take a step back
Lets list the long version of the contents in the file_permissions
directory. We use the following command to accomplish this
ls -l
The output should look as shown below
~$ ls -l
total 4
-rw-rw-r-- 1 sam sam 0 Jun 3 20:59 sample_file
drwxrwxr-x 2 sam sam 4096 Jun 3 20:59 sample_folder
In the above output, we can see the permissions present on the file and folder, on the far right we can see the names of the file and folder.
The permissions on the file are represented as -rw-rw-r —-
and the permissions on the folder are represented as drwxrwxr-x
. What do these letters and dasshes mean? Lets explore their meaning
- represents absence of permission
r represents the read permission
w represents the write permission
x represents the execuution permission
d represents a directory
A —
at the beginning of a permission represents a permission for a file
There are three groups of permissions for both files and directories:
- User permissions
- Group permissions and,
- Other permissions
See the below image for more clarification of the groupings
Now with this understanding, we can investigate why it was not possible for us to execute our file.
After listing the long version of the contents of the file_permissions
directory, we can see that our sample_file
has the following output
-rw-rw-r-- 1 sam sam 0 Jun 3 20:59 sample_file
This indicates that it does not have execution permission on either user, group or other.
We can change the mode of the file to add the execution permission
We accomplish that using the following command
chmod +x sample_file
If we list the long version contents of the file_permissions
directory, we can see that the sample_file
now has the execution permission
~$ ls -l
-rwxrwxr-x 1 sam sam 0 Jun 3 20:59 sample_file
This means that we can now execute this file without facing any issues. lets verify this. Use the following command
./sample_file
There is no output on the terminal implying that this empty file was executed successfully.
We can also remove permissions from a file using the —
sign. Lets remove the execution permission for the group for our sample_file
.
chmod g-x sample_file
g
represents the group
If we list the long version of the contents of the file_permissions
folder, we can see that the group for sample_file
no longer has the execution permissions. See output below
-rwxrw-r-x 1 sam sam 0 Jun 3 20:59 sample_file
We can also remove the read and execution permissions from the other as shown below
chmod o-rx sample_file
o
represents other
Our output should now look as shown below once we list the contents of the file_permissions
folder
-rwxrw---- 1 sam sam 0 Jun 3 20:59 sample_file
We no longer have read and execute permissions on other.
You can play around with the permissions for the different groups and see the outcome.
The read, write and execution permissions can also be represented numerically as follows
4 read permission for a specific group
2 write permission for a specific group
1 execute permission for a specific group
This implies that in order to have read, write and execute permissions on a specific group, you add the three numerical numbers 4 + 2 + 1
which will give you 7
.
6
represents both read(4) and write(2) permissions for a specific group. i.e 4 + 2
3 represents write(2) and execute(1) permissions for a specific file. i.e 2 + 1
We can change the permissions for our sample_file
and give only the user read, write and execute permissions and remove all permissions from the rest of the files as shown below
chmod 700 sample_file
If we list the long version of the output, we can see that then permissions have been altered as shown below
-rwx------ 1 sam sam 0 Jun 3 20:59 sample_file
Congratulations!
If this article was helpful to you, kindly follow me and share.
You can leave your questions or comments in the comment section and I will respond accordingly.