Linux Security

Linux file/folder privileges/permissions commands made Simple

Aug 1, 2018 4 min read
Linux file/folder privileges/permissions commands made Simple
Why I made this guide

I personally want to learn as fast as possible minimizing memorization, can you relate? Sometimes we may be working in a project and forgot something, are we going back to read a whole manual just for that? Absolutely not. We need a simple way to understand permissions and have it as a sheet cheat. The end goal of this article is to provide such thing in the most concise and accurate and fastest way possible.

Getting started

I will divide the guide in the following way: The more you go down, the more detailed. Of course, for simplicity, the top 1st part will tell you all you need to know very simple.

Let's start by knowing that with ls -ld /path/to/dir you can know the permissions of the file/folder.

1. What does 1, 2, 4 means?

Let's go with the very basics. We have three different permissions, Read (r), Write (w) and Execute (x). Each of these permissions is assigned a number as follows:

  • r (read) - 4
  • w (write) - 2
  • x (execute) - 1

We have three different "categories":

  • Users
  • Group: located in /etc/group
  • Everyone

If you wanted to give a user, let's say 'Arturo', full access to a folder and no one else access, then his permissions would be 7, why? 4 + 2 + 1 = 7 (read the number above).

Since no one else would have access, Groups and Everyone would have access 0. The total access would be 700.

Here is a graphical representation:

linux-introduction-file-permissions-6

Easy enough right? Let's get deeper:

2. Permissions to Folders/Files

Let's take a look at how to set permissions, make a user/group own a folder and change group ownership.

Information about user management? Go here

The chmod changes permissions of files/directories for users, groups, and everyone.
Examples:

  1. chmod u=rwx,g=rx,o=r myfile This example uses symbolic permissions notation. The letters u, g, and o stand for "user", "group", and "other". The equals sign ("=") means "set the permissions exactly like this," and the letters "r", "w", and "x" stand for "read", "write", and "execute", respectively. The commas separate the different classes of permissions, and there are no spaces in between them.
  2. chmod u=rw example.jpg Change the permissions for the owner of example.jpg so that the owner may read and write the file. Do not change the permissions for the group, or for others.
  3. chmod 754 document.txt Same as above but in octal notation.

The chown command changes ownership of files and directories.
Examples:

  1. Let's say you own a file as root and you want to give it to 'Arturo', then type: sudo chown Arturo myfile.txt. Now Arturo is the owner of that file.
  2. To give the file to user and change the file's group ownership to userGroup, type: sudo chown user:userGroup myfile.txt
  3. All the files and directories are owned by your username and group sudo chown -R myuser:mygroup otherfiles will change the ownership of every file and subdirectory.
  4. chown :myGroup file1 changes the owning group of file2 to group othergroup. Notice that this is the only command in these examples which may be run without sudo.

The chgrp changes group ownership of a file or files.
Examples:

  1. chgrp -hR staff foldeName changes the owning group of folderName, and all subdirectories, to the group staff.
  2. chgrp staff file.txt changes the owning group of the file file.txt to the group named staff.

Easy enough right? Let's get deeper:

3. Understanding the meaning of 'rwx' lines if ls -l

If you type on the terminal ls -lah you'll get to view the long listing of files (-l) + hidden files (-a) + you can show the file size in human readable format (-h), for example 10K, 12M, 2G.

To view the permissions of a specific file/folder, you can also simply type: ls -ld folderName (Assuming you are in the path where the folder is). The (-d) lists the directory entries instead of content.

(the colors are just to represent my point)
linux-introduction-file-permissions-2

  • yellow: file & directory names
  • green: time and date of creation.
  • purple: file size in bytes
  • orange: shows the permissions. Every file in Linux is 'owned' by a particular user...
  • cyan: unique file system identifier for the file
  • red: containing the '-rwx----w-' characters. These are the actual permissions set for the particular file or directory.

linux-file---folder-permissions

Examples:

-r--r--r-- :This means that owner, group and everyone else has only read permissions to the file (remember, if there's no 'd' or 'l', then we are talking about a file).

-rw-rw-rw- : This means that the owner, group and everyone else has read and write permissions.

-rwxrwxrwx : Here, the owner, group and everyone else has full permissions, so they can all read, write and execute the file (-).

References:
link1
link2

I hope it's clear enough, if you have questions/suggestions, leave a comment below :)

Published by
Arturo
Arturo
I'm like IronMan, if he was minimalistic, did normal programming and actually care about money 🤓
You might also like
Great! Next, complete checkout for full access to ArturoFM.
Welcome back! You've successfully signed in.
You've successfully subscribed to ArturoFM.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.