Access and Permissions - Linux


The owner of the file or directory determines who can access the file and for what purposes. The type of access can be read, write or execute the file privileges.

User/Group/Other

With respect to file and directory access, the user community is divided into 3 categories: user (or owner), group and other.

 user (u) The owner of the files or directories

 group (g) Group members. Groups are users who agree to share certain files and
   directories. Groups are usually formed along project or business
   organizational lines.

 other (o) All other users of the system.

Each file has a set of values stored in its inode that specifies its permissions. An inode is an entry in the table of inodes that describes the file or directory. The Table of Inodes is Unix's version of DOS's File Allocation Table.

Read/Write/Execute

The permissions indicate, for each category of user, the kind of access allowed. Permission is also called the file's protection mode or simple mode.

Type  File Action     Directory Access

read (r) Allows file to be viewed  Allows directory to be listed
  copied and printed

write (w) Allows file to be moved,  Allows files to be created in
  removed and modified   directory

execute (x) Allows file to be run as a  Allows directory to be searched
  command

Unix displays a file's permissions in the following order:

 rwx where "r" is read, "w" is write and "x" is execute

It is also expressed in Octal Code:

 Mode Octal Binary Descriptions
 --- 0 000 No permissions allowed
 --x 1 001 Execute only
 -w- 2 010 Write only
 -wx 3 011 Write and execute only
 r-- 4 100 Read only
 r-x 5 101 Read and execute only
 rw- 6 110 Read and write only
 rwx 7 111 Read, Write and Execute

It is important to know the octal code or how to figure out the octal code if you need to change permissions.

When listing a directory using the "ls -l" long directory listing, the files permissions will appear:

  ls -l

  total 8
  drwxr-xr-x  2 rocky  other 96  Dec 26  23:16 .
  drwxrwxr-x 7 root  sys 96 Dec 24 07:40  ..
  -rw-r--r--  1 rocky  other 613 Nov 2 12:30  readme.txt
  drwxr-xr-x  2 rocky  other 234 Feb 28 03:40  x-files

The long directory lists all of the rights associated with the file or directory. The mode bits are organized as follows:

The default permissions when you create a file are 777 which is 111 111 111 in binary or (rwxrwxrwx). When a directory is created, the default permissions are 666 which is 110 110 110 or (rw-rw-rw-).

Changing Permissions

When a file is first created, it is created with the default permissions 777 (rwxrwxrwx). This means that anyone can read, write or execute the new file. Unix provides a command to modify the default permissions: umask. "umask" works by deselecting the permissions that you do not want from the default permissions. "umask" by itself reports what the current mask is.

Ex umask  will report current mask

 000  000 indicates no mask and default permissions exist

Ex umask 027 will set the mask to 0278 or 000 010 1112

     000  010  111
 777 (default permission) rwx  rwx  rwx
 027 corresponds to   ---  -w-  rwx permissions deselected

 Resulting permissions:  rwx  r-x  ---

     user has rwx (all permissions) 000
     group has r-x (read and execute only) 010
     other has --- (no permissions) 111

The umask command is used during your shell startup script or login script. You set it once during logging into the system and normally won't have to use it again.

chmod

If you need to change a resource (file or program rights) , use chmod to alter the permissions. chmod is the more common method of changing permissions. You can alter the permissions 2 ways: use the read/write/execute switches or use octal coding.

Ex. chmod +r index.txt changes the permission for user, group &
    other to read.

 chmod u +r index.txt changes the permission for only the user

 chmod 755 index.txt changes the permission to rwxr-xr-x

Notice that chmod works the opposite of unmask. You set the permissions that you want.

Changing Ownership & Group

You can change the owner of a file by using the chown (change owner) command. You must be the current owner of the file to change its owner.

Ex. chown bullwinkle help.rocky.txt This changes the owner of the file
help.rocky.txt to
     "bullwinkle"

Similarly, you can change the group identification of the file by running chgrp (change group). You must be the owner of the files or a user who has group write privileges to change the group ownership of files.

Ex. chgrp brains mr.peabody.doc  This changes the group of the file
     mr.peabody.doc to the group "brains".

Note: You can remove a file that you don't own if it is in a directory in which you have write permission.

If this page has helped you, please consider donating $1.00 to support the cost of hosting this site, thanks.

Return to

TelecomWorld 101

Copyright July 2013 Eugene Blanchard