Click on each book below to review & buy on Amazon.
As an Amazon Associate, I earn from qualifying purchases.
RHCSA - Understand and Use Essential Tools: List, Set & change Standard ugo/rwx Permissions
Understanding File Permissions
File permissions in Linux are a security feature that determine the level of access and control users have over files and directories. Each file and directory is associated with three sets of basic permissions: one for the owner of the file, one for the group that the file belongs to, and one for all other users. These permissions are represented by the characters r (read), w (write), and x (execute), indicating whether the corresponding user or group has the ability to read, write, or execute the file or directory. By setting appropriate permissions, you can restrict or grant access to files and directories, ensuring the privacy and integrity of data while allowing authorized users to perform necessary operations.
The below table explains the Linux file permissions for read (r), write (w), and execute (x).
| Permission | Files | Directories | Octal |
|---|---|---|---|
| Read (r) | Allows reading/viewing the contents of the file. | Allows listing/viewing the filenames and metadata of the directory. | 4 |
| Write (w) | Allows modifying the contents of the file (editing, appending, deleting). | Allows creating, modifying, and deleting files and subdirectories within the directory. | 2 |
| Execute (x) | Allows executing the file as a program or script. | Allows accessing the directory, changing into it (using cd), and performing operations like searching for a file within the directory. |
1 |
The below table explains the Linux file permission abbreviations for user (u), group (g), and other (o):
| Abbreviation | Meaning |
|---|---|
| u | Refers to the user or owner of the file. This permission set applies specifically to the user who owns the file or directory. |
| g | Refers to the group associated with the file. This permission set applies to all users who belong to the same group as the file or directory. |
| o | Refers to others or everyone else. This permission set applies to all users who are neither the owner nor part of the group associated with the file or directory. |
When setting permissions, you can assign different access levels (read, write, execute) to each of these categories (u, g, o) separately, allowing for granular control over who can perform specific actions on a file or directory.
Lesson Setup
A separate folder and files to practice the objective in can be setup:
Create & change into lesson directory. Set up files and folders for linking to in upcoming exercises:
mkdir -p ~/permissions-practice/dir1/dir2
cd ~/permissions-practice
> script1.sh
> file1.txt
> dir1/script2.sh
> dir1/dir2/file2.txt
Make sure to follow the exercises in order.
List File & Directory Permissions
To list file and directory permissions you use the ls command with the -l option to give a long listing format. This format includes the permissions assigned to a file or directory. When wanting to recursively list files & directories use add the -R option.
Use the ls -lR command to provide a long listing format of the files and directory in the lesson folder:
ls -lR
The output should be similar to the below, where:
- directories have permissions read, write & execute
rwxfor the user (u), read & executer-xfor the group (g) and read & executer-xfor other users (o) - files have permissions read & write
rw-for the user (u), readr--for the group (g) and readr--for other users (o)
.:
total 0
drwxr-xr-x. 3 user group 36 Jul 3 08:15 dir1
-rw-r--r--. 1 user group 0 Jul 3 08:15 file1.txt
-rw-r--r--. 1 user group 0 Jul 3 08:15 script1.sh
./dir1:
total 0
drwxr-xr-x. 2 user group 23 Jul 3 08:15 dir2
-rw-r--r--. 1 user group 0 Jul 3 08:15 script2.sh
./dir1/dir2:
total 0
-rw-r--r--. 1 user group 0 Jul 3 08:15 file2.txt
Set & Change File & Directory Permissions
To set and change permissions you use the chmod command. The basic syntax of the chmod command is as follows:
chmod [options] mode file(s)
Here's an explanation of the components:
options: Thechmodcommand provides various options that allow you to customize its behavior. Some of those options are:-v,--verbose: Displays detailed output, indicating the changes made to the permissions of each file.-R,--recursive: Recursively modifies the permissions of files and directories within a directory.
mode: Specifies the permission mode to be set for the file(s). It can be specified in either symbolic or octal form.file(s): Specifies the file or directories for which the permissions should be modified.
Symbolic Mode
The symbolic mode is a human-readable way to specify the permissions using symbols and operators. It consists of three parts: the target, the operator, and the permissions. The target represents the user group for which the permissions are modified (u for user, g for group, o for others, or a for all). The operator can be + to add permissions, - to remove permissions, or = to set permissions explicitly. The permissions are represented by the symbols r (read), w (write), and x (execute).
Add write permissions for the group on a file1.txt:
chmod -v g+w file1.txt
Notice the output of the command advising of the permission change.
Remove read permission for others on dir2:
chmod -v o-r dir1/dir2
Set owner permissions to read, write & execute on a script file named script1.sh:
chmod -v u=rwx script1.sh
Remove execute for group and other users from both directories
chmod -v go-x dir1/dir2 dir1
Recursivly add execute for all directories to the other users, or for add execute permission to others if it already existed on a file (using capital X):
chmod -v -R o+X *
Study the output of this command carefully. You will see that script1.sh got execute added to others as it already had execute permission for the script owner set, whereas script2.sh had no change. All directories had execute permissions applied to others also.
Octal Mode
The octal mode represents the permissions using a three-digit octal number. Each digit corresponds to the permissions for the user, group, and others, respectively. Each digit is calculated by assigning a value of 4 for read, 2 for write, and 1 for execute, and summing up the values as per the desired permissions.
Set read, write, and execute permissions for the user, read and execute permissions for the group, and read permission for others on `script1.sh``:
chmod -v 751 script1.sh
Set read, write & execute permissions for the user and group, and read and execute permission for others on directory dir1:
chmod -v 775 dir1
Remove read permissions from others on file1.txt:
chmod -v 660 file1.txt
Support DTV Linux
Click on each book below to review & buy on Amazon. As an Amazon Associate, I earn from qualifying purchases.
NordVPN ®: Elevate your online privacy and security. Grab our Special Offer to safeguard your data on public Wi-Fi and secure your devices. I may earn a commission on purchases made through this link.