Linux File Permission

Linux File Permissions And Permission Examples

File permission is a Security Feature in Linux. Let’s assume an example if you maintaining a server and on that server lots of users and you give read, write and execute FILE PERMISSION to a suspicious user then you will increase your server being tempered. That suspicious user can edit any configuration file or delete that file. So only give read permission to other users and only trusted person you should give write and execute FILE PERMISSION IN LINUX. Let’s Explore Linux file Permission with example.

File Permission Image
File Permission Image

In Linux file permission has two types:

File Ownership
File Permission

To check file or directory permission, Use ‘ls -l ‘ command. you can read full ls command in my previous blog. you can click here to read that blog

FILE OWNERSHIP: Linux define his file permissions from three permission group which we called file ownership. the group are the following:
First is the OWNER/USER.
Second is the Group.
Third is Other/All.

Owner: By default who creates file or directory has become the owner of the file or directory.

user and group permission
user and group permission

on first dialog permission is for d is for directory and – dash sign is for file. first rwx for owner permission second r-x is for group permission in there – dash means no permission. same as third dialog r-x for other users permission

Group: Groups can contain multiple users. group users have the same permission which you set to group permission. it’s handy to set group permission instead to set user permission

to assume you have an accounting department that has 100 users to set permission. so it is easy to set permission to account group you just have to create a group account and add all users in that group and set that file or directory permission to the account group.

Other: Other user is a user who is not in the same group this user belongs to a different group of user or a single user which is not in the group. it is like you have two or three groups in a server account group sales group and BackOffice group etc. This permission is to give how sales group user, access account group file. This is how Ownership works in Linux now let’s see how FILE PERMISSION works in Linux.

Linux File Permission

Every file and directory has three types of permission Read, Write and Execute
To Check Linux File Permission Run Command “ls -l ” Example

File Permission "ls -l" example
File Permission “ls -l” example

Read permission on file you can read or see file content. and read permission on the directory you can list file content but this only show file name it will not show you file permission and with only read permission you can’t change into the directory. In the image, you can see file name .txt and directory name public has read permission

Write permission: on file only write permission gives you nothing, means you can’t see file content so how can you modify that so if you want to give write permission on the file you have to give read permission with that.
On directory only write permission you cant list directory content you cant change to directory

if you want to see directory content you have to give read and write permission.

Execute Permission: on file execute permission is to run the program file but remember only execute permission give your work done with executing read permission is also want to run program
On directory with execute permission, you can go that directory.

After all the file permission Now the Question is how Linux set Default Permission. Because when you create a file or directory you can see default permission on that file or directory?

Umask Value In Linux

The answer is for default permission is UMASK VALUE. For now, I just tell you how can you check your umask value because umask is a different topic which I cover later on my blogs. to check your umask value for FILE PERMISSION open your terminal and type command umask – S and hit enter

U mask Value in Linux File Permission Output Image
Umask Value in Linux

Here is the output you see on your terminal. you can see in image user/ file owner has full permission on that file and for that group-user has only read and execute to file and for other users also have only read and execute permission on file. Linux default permission didn’t give write permission for group user and other user only owner of file can modify that file who create.

After all this information about what is File ownership and File permission now the time is to know how can you change File Permission and File Ownership.

Change File Permission in Linux there are two ways:

  • Symbolic
  • Numeric

To change File Permission the command is chmod

User DenotationUser Effect
uuser/Owner
gGroup
oother/all

Permission In Symbolic Mode

Symbolic PermissionPermission Effect
rread
wwrite
xexecute

Symbolic:
In a symbolic way, you can change Permission with letter rwx where r for read w for write and x for execute. if you want to give other users to execute permission for the file so did you remember? with execute permission you have to give read permission. to give permission in a symbolic way to add permission + plus sign you will give and to remove permission – minus sign is used. Here is a command to give permission to other users to read and execute permission chmod o+rw (here your file name).

"ls -l" example
File Permission “ls -l” example

on this image you see first I check Permission with ‘ls -l’ command the file name file has no permission for other so I run chmod command to give read and execute permission and after that, I check permission with ‘ls -l’ now the file is read and execute permission for other.

And if you want to remove permission just replace + plus sign with – minus sign and your permission will remove.

Numeric :
In this mode, file permissions are not represented as characters but a three-digit octal number.and in this mode because of octal you did not want to give the user denotation

The table below gives numbers for all permissions types:

Permission typeEffect on PermissionNumber value
No Permission0
Execute–x1
Write-w-2
Execute+Write-wx3
readr–4
Execute+Readr-x5
Read+Writerw-6
Read+Write=Executerwx7

So in a numeric way suppose your Owner wants to give self for full permission and group for read and execute and for others read and execute. Then the chmod command is for in Numeric way is chmod 755 (filename/Directory)that’s all, you don’t need to give any user denotation of any plus or minus sign. This is how you change File Permission in Numeric way.

Changing Ownership and Group

To change ownership and group the command is chown

only change owner command is chown (owner name ) file name.
To change owner and group command is chown (owner name):(group name) (filename)

File Permission owner Image
Linux File Permission owner

on the above image, you can see the file that the owner has wolverine so I run chown command with new owner name root. then after the run command, I again check with ‘ls -l’ so now the file owner has changed.

Linux Permission group
Linux File Permission group

chown (owner):(new group) (filename) you can see after running the command file owner and group changed to root.

On the above image first, I check the owner and group so the owner of the file is root but the file belongs to the wolverine group so now I have to change the group to root so I run command. That how File Permission and File Ownership works in Linux

Some important facts:

To see System Generated default Groups run command (groups)
To make new group run command:- newgrp (group name)
Two different groups can not own the same file.

There are some more advance File Permission which I cover in another blog.

Reference: ask ubuntu Redhat

Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above.

Leave a Comment

Your email address will not be published. Required fields are marked *