In the world of Linux, file permissions are extremely important. They dictate who can access your files and what they can do with them. In this beginner’s guide, we will discuss the basics of Linux file permissions and how to set them up correctly.
We will also cover some common scenarios that you may encounter in the real world. So if you’re new to Linux, or just want a refresher on file permissions, keep reading!
Why file permissions are important in Linux
In Linux, file permissions are a way of controlling who can access your files and what they can do with them. By default, only the owner of a file can read or write to it. Other users on the system are usually prevented from reading or modifying your files.
This may seem like a bad thing at first, but it’s actually a very important security feature. Imagine if every user on a Linux system could read and write to every other user’s files. It would be very easy for someone to accidentally delete or modify critical system files, which could cause the entire system to crash.
File permissions also allow you to give different levels of access to different users. For example, you may want to allow all users to read a certain file, but only allow the owner to write to it. This is known as a “read-only” permission.
Understanding file permissions in Linux
In Linux, every file has an associated set of permissions that dictate who can access it and what they can do with it.
When you create a file or directory in Linux, it is assigned a set of default permissions. These permissions can be divided into three categories:
- Read: Allows a user to view the contents of the file.
- Write: Allows a user to modify the contents of the file.
- Execute: Allows a user to execute the file as a program.
Each of these categories can be further divided into three subcategories:
- User: Refers to the owner of the file. By default, the user who creates a file is also its owner.
- Group: Refers to a group of users who are allowed to access the file. By default, the group is set to the same group as the user who creates the file.
- Others: Refers to all other users on the system who are not the owner or part of the group.
So a file with read and write permissions for the user, read and execute permissions for the group, and read permissions for others would be represented as follows:
The first character indicates the type of file. In this case, the “-” indicates a regular file. Other possible values include “d” for a directory and “l” for a symbolic link.
The next nine characters represent the permissions for the three categories (user, group, and others). Each category is represented by three characters. The first character indicates read permissions, the second character indicates write permissions, and the third character indicates execute permissions.
So in the example above, the file has read, write, and execute permissions for the user (rwx), read and execute permissions for the group (r-x), and read permissions for others (-r–).
The first character is file type. It is usually a “-” if the file is a regular file, but it can also be a “d” if the file is a directory.
Understanding file permission numbers in Linux
In Linux, you can also represent file permissions using numbers instead of characters. This is often easier to understand, especially when working with scripts or programs that need to set file permissions.
Each permission can be represented by a number:
- Read = 4
- Write = 2
- Execute = 1
- No permission = 0
So the permissions for our example file would be represented as follows:
- User: 7 (4+2+1)
- Group: 5 (4+1)
- Others: 4 (4)
To calculate the total permission number for a file, you just need to add up the numbers for each category. So our example file would have a permission number of 754.
Understanding file permissions 777
One file permission that you will often see is “777.” This means that the file has read, write, and execute permissions for all users. This is known as a “world-writable” permission and it’s generally considered to be a bad idea.
The file permissions 777 look like this:
This is known as a “full” permission, because it gives all users full read, write, and execute access to the file. This is usually not recommended, because it can be a security risk. Any user on the system can modify or delete the file, which could cause serious problems.
If you need to give all users full access to a file, it is usually better to use a permission of 755. This gives the owner full access, but only allows members of the group and others to read and execute the file. They will not be able to modify it.
How to check file permissions in Linux
To view the permissions of a file or directory, you can use the ls command with the -l option:
This will list all files and directories in the current directory, along with their permissions. For example:
drwxr-xr-x 2 john users 4096 Apr 18 2022 documents
-rw-rw-r– 1 john users 0 Apr 18 2022 file1.txt
-rw-rw-r– 1 john users 0 Apr 18 2022 file2.txt
The first column shows the permissions, the second column shows the number of links, the third column shows the owner, the fourth column shows the group, the fifth column shows the size in bytes, and the sixth column shows the date and time of the last modification.
Let us check out the three files above.
- The first file in the list is a directory with read, write, and execute permissions for the user, read and execute permissions for the group, and read permissions for others.
- The second and third files are regular files with read and write permissions for the user and group, and read permissions for others.
How to change file permissions in Linux
To change the permissions of a file or directory in Linux, you can use the chmod command. For example, to give read and write permissions to the user, read permissions to the group, and no permissions to others for a file named “file1.txt”, you would use the following command:
chmod 640 file1.txt
The chmod command can also be used to set permissions for multiple files at once. For example, to give read and write permissions to the user, and read permissions to the group and others for all files in the current directory, you would use the following command:
chmod 644 *
This would change the permissions of all files in the current directory to read and write for the user, and read for the group and others.
Command (equivalent command using number system) Permissions
- chmod a=rwx myfile.txt chmod 777 myfile.txt rwxrwxrwx
- chmod o= myfile.txt chmod 770 myfile.txt -rwxrwx—
- chmod g=w myfile.txt chmod 720 myfile.txt -rwx-w—-
- chmod go=r myfile.txt chmod 744 myfile.txt -rwxr–r–
- chmod g+x myfile.txt chmod 754 myfile.txt -rwxr-xr–
- chmod o-r myfile.txt chmod 750 myfile.txt -rwxr-x—
To change the owner of a file or directory, you can use the chown command. For example, to change the owner of a file named “file1.txt” to the user “jane”, you would use the following command:
chown jane file1.txt
To change the group of a file or directory, you can use the chgrp command. For example, to change the group of a file named “file1.txt” to the group “sales”, you would use the following command:
chgrp sales file1.txt