Skip to Content

A Beginner’s Guide to Linux File Permissions

This article is part of the following series.

 

In the world of Linux, file permissions are extremely important. They dictate who can access your files and what they can do with them. In this beginner’s guide, we will discuss the basics of Linux file permissions and how to set them up correctly.

We will also cover some common scenarios that you may encounter in the real world. So if you’re new to Linux, or just want a refresher on file permissions, keep reading!

Why file permissions are important in Linux

In Linux, file permissions are a way of controlling who can access your files and what they can do with them. By default, only the owner of a file can read or write to it. Other users on the system are usually prevented from reading or modifying your files.

This may seem like a bad thing at first, but it’s actually a very important security feature. Imagine if every user on a Linux system could read and write to every other user’s files. It would be very easy for someone to accidentally delete or modify critical system files, which could cause the entire system to crash.

File permissions also allow you to give different levels of access to different users. For example, you may want to allow all users to read a certain file, but only allow the owner to write to it. This is known as a “read-only” permission.

Understanding file permissions in Linux

In Linux, every file has an associated set of permissions that dictate who can access it and what they can do with it.

When you create a file or directory in Linux, it is assigned a set of default permissions. These permissions can be divided into three categories:

  • Read: Allows a user to view the contents of the file.
  • Write: Allows a user to modify the contents of the file.
  • Execute: Allows a user to execute the file as a program.

 

Each of these categories can be further divided into three subcategories:

  • User: Refers to the owner of the file. By default, the user who creates a file is also its owner.
  • Group: Refers to a group of users who are allowed to access the file. By default, the group is set to the same group as the user who creates the file.
  • Others: Refers to all other users on the system who are not the owner or part of the group.

 

So a file with read and write permissions for the user, read and execute permissions for the group, and read permissions for others would be represented as follows:

-rwxr-xr–

The first character indicates the type of file. In this case, the “-” indicates a regular file. Other possible values include “d” for a directory and “l” for a symbolic link.

The next nine characters represent the permissions for the three categories (user, group, and others). Each category is represented by three characters. The first character indicates read permissions, the second character indicates write permissions, and the third character indicates execute permissions.

So in the example above, the file has read, write, and execute permissions for the user (rwx), read and execute permissions for the group (r-x), and read permissions for others (-r–).

The first character is file type. It is usually a “-” if the file is a regular file, but it can also be a “d” if the file is a directory.

Understanding file permission numbers in Linux

In Linux, you can also represent file permissions using numbers instead of characters. This is often easier to understand, especially when working with scripts or programs that need to set file permissions.

Each permission can be represented by a number:

  • Read = 4
  • Write = 2
  • Execute = 1
  • No permission = 0

 

So the permissions for our example file would be represented as follows:

  • User: 7 (4+2+1)
  • Group: 5 (4+1)
  • Others: 4 (4)

 

To calculate the total permission number for a file, you just need to add up the numbers for each category. So our example file would have a permission number of 754.

Understanding file permissions 777

One file permission that you will often see is “777.” This means that the file has read, write, and execute permissions for all users. This is known as a “world-writable” permission and it’s generally considered to be a bad idea.

The file permissions 777 look like this:

-rwxrwxrwx

This is known as a “full” permission, because it gives all users full read, write, and execute access to the file. This is usually not recommended, because it can be a security risk. Any user on the system can modify or delete the file, which could cause serious problems.

If you need to give all users full access to a file, it is usually better to use a permission of 755. This gives the owner full access, but only allows members of the group and others to read and execute the file. They will not be able to modify it.

How to check file permissions in Linux

To view the permissions of a file or directory, you can use the ls command with the -l option:

ls -l

This will list all files and directories in the current directory, along with their permissions. For example:

drwxr-xr-x 2 john users 4096 Apr 18 2022 documents
-rw-rw-r– 1 john users 0 Apr 18 2022 file1.txt
-rw-rw-r– 1 john users 0 Apr 18 2022 file2.txt

The first column shows the permissions, the second column shows the number of links, the third column shows the owner, the fourth column shows the group, the fifth column shows the size in bytes, and the sixth column shows the date and time of the last modification.

Let us check out the three files above.

  • The first file in the list is a directory with read, write, and execute permissions for the user, read and execute permissions for the group, and read permissions for others.
  • The second and third files are regular files with read and write permissions for the user and group, and read permissions for others.

 

How to change file permissions in Linux

To change the permissions of a file or directory in Linux, you can use the chmod command. For example, to give read and write permissions to the user, read permissions to the group, and no permissions to others for a file named “file1.txt”, you would use the following command:

chmod 640 file1.txt

The chmod command can also be used to set permissions for multiple files at once. For example, to give read and write permissions to the user, and read permissions to the group and others for all files in the current directory, you would use the following command:

chmod 644 *

This would change the permissions of all files in the current directory to read and write for the user, and read for the group and others.

Command (equivalent command using number system) Permissions

  • chmod a=rwx myfile.txt chmod 777 myfile.txt rwxrwxrwx
  • chmod o= myfile.txt chmod 770 myfile.txt -rwxrwx—
  • chmod g=w myfile.txt chmod 720 myfile.txt -rwx-w—-
  • chmod go=r myfile.txt chmod 744 myfile.txt -rwxr–r–
  • chmod g+x myfile.txt chmod 754 myfile.txt -rwxr-xr–
  • chmod o-r myfile.txt chmod 750 myfile.txt -rwxr-x—

 

To change the owner of a file or directory, you can use the chown command. For example, to change the owner of a file named “file1.txt” to the user “jane”, you would use the following command:

chown jane file1.txt

To change the group of a file or directory, you can use the chgrp command. For example, to change the group of a file named “file1.txt” to the group “sales”, you would use the following command:

chgrp sales file1.txt

FAQ about file permissions in Linux

What does r w x mean for a file in Linux?

For a file, the r permission allows you to read the contents of the file. This means that you can use commands like cat or less to view the contents of the file.

The w permission allows you to write to the file. This means that you can use commands like echo or tee to modify the contents of the file, or use the > operator to overwrite the file.

The x permission allows you to execute the file as a program. This means that you can run the file as a command by typing the name of the file at the command prompt.

What does r w x mean for a directory in Linux?

For directories, the x permission is often referred to as “search permission”. This is because it allows you to search the directory.

A directory is a file, and “read” permission means you can read it. But you really cannot do very much without x permission as well.

Without the x permission, you will not be able to use the directory in a file path or change into the directory using the cd command.

With directories, you usually have both read and execute permission or neither.  You need x to use a directory in a pathname.

So if you try “cat /etc/passwd”, you will need x on / and /etc. You also need x to cd into a directory.

Suppose you have read but not search (x) permission on a directory. What can you do? Not much. You can use “ls” to view the file names. Even “ls -l” will not work. Read access without search permission is not very useful.

The r permission is used to allow reading of the directory contents. This means that you can use the ls command to list the files and directories within the directory, but you will not be able to access the contents of those files or directories.

The w permission is used to allow writing to the directory. This means that you can create, delete, or rename files and directories within the directory.

Resolving the Permission Denied Error in Linux Caused by the noexec Mount Option - howtouselinux

Friday 8th of December 2023

[…] a file having executable permissions (`x`), attempting to run a script or binary on a `noexec` mounted filesystem results in a […]