Permissions in Linux Operating System
Focused on how to manipulate file attributes using chmod.
Unix system provides a form of security for users, files, and directories. With some shell permission commands, you can display user identity, change file's mode, set default file permission, change file owner, and even group owners.
Basic shell permission command
id - DIsplay user identity
The id command displays the identity of the users.
chmod - Change a file's mode
All files and directory have read, write and execution mode with chmod command we can access and change these modes to suit us.
umask - The umask command Set the default file permissions for files and direfctories.
su - The su command allows you to Run a shell as another user. so user A can work on user B's shell using the su command .
sudo - The sudo command allows you to execute a command as another user.
chown - The chown is used to change the owner and group of a file or directory.
chgrp - The chgrp command is used to change group ownership of file.
CHMOD - change mode
Before we dive deep into the chmod command lets understand read, write and execute rights of a file.
Lets create a file called example.txt and then using the ls command with the option -l for long format we we get.
$ touch example.txt
$ ls -l example.txt
-rw-rw-r-- me me 0 2022-09-17 12:06 example.txt
The long format displays the access right of the file, the username of file owner, the username of the group that owns the file, date and time of last file modification, the name of file.
The first 10 character are called file attributes as there display the file access rights. The first character is the file type.
Attribute | File Type |
- | A regular file |
l | A symbolic link |
c | A character special file |
b | A block special file |
The remaining 9 character shows access right for the owner , group and any other users.
Owner | Group | World |
rwx | rwx | rwx |
Read(r) - This attribute allows a file to be open and read. it also allows the content in a directory to be listed if the execute attribute is also set.
Write(w) - This attribute allows a file to be written although files cannot be renamed or deleted. it allows file within a directory to be created, deleted and renamed.
Execute(x) - Allows files to be treated as a program and executed. it allows a directory to be entered.
The combination of these 10 characters sets the access right of a file or directory. remember the file attribute of our example.txt file we created.
-rw-rw-r-- me me 0 2022-09-17 12:06 example.txt
This means the file owner has read and write permission and group also has read and write access but any other person only has read acesss as they cannot edit the example.txt file. The access rights of files and directory can be change we can add and remove read, write or execute right from any file or directory using the chmod command.
Note: Only the file owner and the super user can change the mode of a file or directory.
There are two ways of changing a file mode, the octal number representation and the symobic representation.
The octal method of changing a file mode
In the octal representaion each mode is represented by a number in base 8. base 8 has numbers from 0 - 7.
Octal | File Mode |
0 | --- |
1 | --x |
2 | -w- |
3 | -wx |
4 | r-- |
5 | r-x |
6 | rw- |
7 | rwx |
using three octal digit we can set the file mode for the owner, group owner and world.
using this pattern we can set a read write and execute access for our example.txt for the file owner,group and world. to do this we simple use chmod 777 example.txt
$ ls -l example.txt
-rw-rw-r-- me me 0 2022-09-17 example.txt
$ chmod 777 example.txt
$ ls -l example.txt
-rwx-rwx-rwx me me 0 2022-09-17 example.txt
The Symobic method of changing a file mode
The octal method is relatively hard as one has to remember the all octal number and their specific file mode, to ease this stress the symbolic method become handy. Here various file mode are represented by alphabets and symbol.
Symbols | Meaning |
u | short for userbut mean the file or directory owner |
g | group owner |
0 | other but means world |
a | short for all . This is a combination of "u", "g", and "o" |
This operation may be a "+" indicating that apermissionis to be added , a "-" indicating that the permission is taken away and a "=" indicating that only the specified permission are to be applied and that all other are to be removed.
Example of symbolic representation
chmod u+x : will add execute permission for the owner
chmod +x : will add execute permission to the owner, group, and world. if u,g, o is not specified all is attributed.
chmod o-rw: remove read and execute permission from the group owner.
go = rw: set read and write permission to group owner and users.
CHOWN - Change file owner
The chown command is used to change the owner of a file or directory. The syntax of this command is
chown [owner][:[group]] file...
chown can change the file owner or the group.
Conclusion
Here is where I draw the curtain on today's article on file permission in linux operating system. This article is open to your questions, contributions and corrections.