Click on each book below to review & buy on Amazon.

As an Amazon Associate, I earn from qualifying purchases.

View on Amazon

View on Amazon

View on Amazon

View on Amazon

---

LPI Linux Essentials Exam 010-160 - Topic 5.3 - File Permissions

Understanding File Permissions in Linux

File permissions in Linux are an essential aspect of the operating system's security. They determine who can access files and directories and what they can do with them. In Linux, every file and directory is assigned access rights for three categories of users:

1. The owner of the file.
2. The group associated with the file.
3. All other users.

These permissions are critical for maintaining the security and integrity of the system. They help to prevent unauthorized access or modification of files, ensuring that only those with the right permissions can perform certain actions.

Types of Permissions

There are three basic types of permissions in Linux:

• Read (r): This permission allows a user to read the contents of a file or list the contents of a directory.
• Write (w): This permission enables a user to modify the contents of a file or add/remove files from a directory.
• Execute (x): This permission allows a user to run a file as a program or script. In the case of a directory, it permits the user to enter the directory and access its contents.

Representation of Permissions

Permissions are represented by a sequence of characters. For each category of users (owner, group, others), these characters indicate whether read, write, and execute permissions are granted. For example, rwx means all permissions are granted, while r-- means only read permission is granted.

Permission Groups

• User (u): The user permissions apply to the owner of the file or directory.
• Group (g): The group permissions apply to all users who are members of the file's group.
• Others (o): The others permissions apply to all users who are not the owner and not part of the group.

Understanding these permissions and how they work is fundamental to managing a Linux system effectively. It allows administrators and users to control access to files and directories, enhancing the overall security of the system. Proper permission management prevents accidental overwriting of important files, restricts sensitive data from unauthorized access, and ensures that executable files have the appropriate permissions to run correctly.

Lesson Setup

Before diving into the practical application of file permissions, it's beneficial to set up a controlled environment where you can experiment without affecting the rest of your system. This setup involves creating a dedicated directory with subdirectories and files to practice changing and viewing file permissions.

Creating the Practice Environment

1. Open your terminal.
2. Start by creating a main directory named permissions-practice. Inside this directory, create a nested structure of directories and files. You can do this using the mkdir and > commands.

Here's how you can set it up:

mkdir -p ~/permissions-practice/dir1/dir2
cd ~/permissions-practice
> script1.sh
> file1.txt
> dir1/script2.sh
> dir1/dir2/file2.txt

This sequence of commands will create a main directory permissions-practice with a subdirectory dir1 which itself contains another subdirectory dir2. Additionally, you will create a few files (script1.sh, file1.txt, script2.sh, and file2.txt) in various locations within this structure.

Understanding the Structure

• permissions-practice: This is the root directory for your practice session.
• dir1 and dir2: These are subdirectories created within the main directory.
• script1.sh, file1.txt, script2.sh, and file2.txt: These files are created for practicing permission changes.

This setup provides a practical and safe environment to learn about file permissions. By using this directory structure, you can experiment with various permission settings without the risk of altering or damaging critical system files or directories.

In the next section, we'll look at how to list file and directory permissions, a fundamental skill for understanding the current permissions set on files and directories.

List File & Directory Permissions

After setting up your practice environment, the next step is to learn how to view the permissions of files and directories. This is done using the ls command in Linux, which lists directory contents and, with the right options, shows detailed information including file permissions.

Using the ls -l Command

The ls -l command provides a long-format listing of directory contents, including permissions. Here's what you do:

1. Open your terminal.
2. Navigate to the permissions-practice directory if you're not already there.
3. Enter the command ls -l.

ls -l

This command will display a list of all files and directories in permissions-practice, along with detailed information such as permissions, number of links, owner name, group name, file size, and timestamp of last modification.

Understanding the Output

The output of ls -l will look something like this:

total 4
drwxrwxr-x 3 dtvlinux dtvlinux 4096 Dec 14 08:10 dir1
-rw-rw-r-- 1 dtvlinux dtvlinux    0 Dec 14 08:10 file1.txt
-rw-rw-r-- 1 dtvlinux dtvlinux    0 Dec 14 08:10 script1.sh

Here's a breakdown of what each part means:

• The first character indicates if it's a directory (d) or a file (-).
• The next nine characters represent the permissions for the owner (rwx), group (r-x), and others (r-x).
  • r stands for read permission.
  • w stands for write permission.
  • x stands for execute permission.
• The number after the permissions is the number of links to the file.
• The next two parts show the file's owner and group.
• The file size is shown next.
• The last part shows the date and time of the last modification.
• Finally, the name of the file or directory.

The -R Option for Recursive Listing

If you want to view the permissions of all files and directories within a directory recursively, you can use the -R option with ls -l.

ls -lR

This command will list all files and directories in permissions-practice and its subdirectories, showing their permissions and other details.

.:
total 4
drwxrwxr-x 3 dtvlinux dtvlinux 4096 Dec 14 08:10 dir1
-rw-rw-r-- 1 dtvlinux dtvlinux    0 Dec 14 08:10 file1.txt
-rw-rw-r-- 1 dtvlinux dtvlinux    0 Dec 14 08:10 script1.sh

./dir1:
total 4
drwxrwxr-x 2 dtvlinux dtvlinux 4096 Dec 14 08:10 dir2
-rw-rw-r-- 1 dtvlinux dtvlinux    0 Dec 14 08:10 script2.sh

./dir1/dir2:
total 0
-rw-rw-r-- 1 dtvlinux dtvlinux 0 Dec 14 08:10 file2.txt

By regularly using these commands, you'll gain a better understanding of how permissions are structured and displayed in Linux. This knowledge is fundamental when it comes to changing permissions, ensuring that you know the current state before making modifications.

In the following section, we'll delve into how to set and change file and directory permissions using the chmod command.

Set & Change File & Directory Permissions

Having learned how to list permissions, it's now time to learn how to modify them. In Linux, the chmod (change mode) command is used to set or change the permissions of files and directories. Understanding how to use this command effectively is essential for managing access to files and maintaining system security.

Basic Syntax of chmod

The chmod command follows this basic structure:

chmod [options] mode file(s)

• options: These are additional settings that modify how chmod works. Common options include -v (verbose, to show an output of the action) and -R (recursive, to change permissions for all files and directories within a directory).
• mode: This is where you specify the new permissions. You can use either symbolic or octal notation.
• file(s): The target files or directories for the permission change.

Symbolic Mode

Symbolic mode is a user-friendly way to set permissions. It uses letters (u, g, o, a) and symbols (+, -, =) to modify permissions. Here's how it works:

• Targets:
  • u for the user (owner).
  • g for the group.
  • o for others.
  • a for all (user, group, and others).
• Operators:
  • + to add a permission.
  • - to remove a permission.
  • = to set exact permissions.
• Permissions:
  • r for read.
  • w for write.
  • x for execute.

For example, chmod g+w file.txt adds write permission for the group to file.txt.

Examples in Symbolic Mode

1. Add Write Permission to others on file1.txt

   chmod -v o+w file1.txt
   

   This command adds write permission to others on file1.txt.

   mode of 'file1.txt' changed from 0664 (rw-rw-r--) to 0666 (rw-rw-rw-)
   

2. Remove Read Permission for group on dir2

   chmod -v g-r dir1/dir2
   

   This command removes read permission for the group owner on the dir2 directory.

   mode of 'dir1/dir2' changed from 0775 (rwxrwxr-x) to 0735 (rwx-wxr-x)
   

3. Set Exact Permissions for the Owner on script1.sh

   chmod -v u=rwx script1.sh
   

   This sets read, write, and execute permissions for the owner on script1.sh.

   mode of 'script1.sh' changed from 0664 (rw-rw-r--) to 0764 (rwxrw-r--)
   

Octal Mode

Octal mode uses numbers to represent permissions. Each permission type has a number: 4 for read, 2 for write, and 1 for execute. To set permissions, you add up these numbers for each category (user, group, others).

For example, chmod 755 file.txt sets read, write, and execute permissions for the owner, and read and execute permissions for the group and others.

Examples in Octal Mode

1. Permissions on script1.sh

   chmod -v 751 script1.sh
   

   This sets read, write, and execute permissions for the owner, read and execute for the group, and only read for others on script1.sh.

   mode of 'script1.sh' changed from 0764 (rwxrw-r--) to 0751 (rwxr-x--x)
   

2. Permissions for Directory dir1

   chmod -v 755 dir1
   

   This command sets full permissions for the owner and read and execute permissions for group and others on dir1.

   mode of 'dir1' changed from 0775 (rwxrwxr-x) to 0755 (rwxr-xr-x)
   

3. Change Permissions on file1.txt

   chmod -v 660 file1.txt
   

   This sets read and write permissions for the owner and group, and no permissions for others on file1.txt.

   mode of 'file1.txt' changed from 0666 (rw-rw-rw-) to 0660 (rw-rw----)
   

By using the chmod command, you can effectively manage who can access your files and directories and what they can do with them. This is vital for maintaining the security and functionality of your system.

---

Support DTV Linux

Click on each book below to review & buy on Amazon. As an Amazon Associate, I earn from qualifying purchases.

View on Amazon

View on Amazon

View on Amazon

View on Amazon

NordVPN ®: Elevate your online privacy and security. Grab our Special Offer to safeguard your data on public Wi-Fi and secure your devices. I may earn a commission on purchases made through this link.