Linux Files and directories permissions - Tips4ever

Latest

Hi this is Mahesh, Tips4ever is my IT Journey to technology, computers, software, Internet and much more....

Jun 8, 2010

Linux Files and directories permissions

    
Linux operation system different from other operating system it has a multi-tasking and
multi-user operating in a same time. Linux is a UNIX like operating system. This operation same to UNIX and Linux.

    This topic will cover about the giving permissions for files & Directories on the
Linux/Unix Operation System with following commands:
  • chmod
    - modify file access rights
  • su
    - temporarily become the superuser
  • chown
    - change file ownership
  • chgrp
    - change a file's group ownership
me@linux:~$ ls -l some_file

-rw-rw-r-- 1 me me 1097374 Sep 26 18:48 some_file

    In above you see that have 10 dashes first dash is related to identify that is file or directory ('- ' means file or 'd' means directory). 2-4 dashes permissions related to owner of the file who creates the file or directory , 5-7 dashes permissions related to group of the file and directory, and 8-9 dashes permissions related to other user of the file and directory.
drwx rwx rwx = 111 111 111
-rw- rw- rw-   = 110 110 110
-rwx --- ---      = 111 000 000
- --- --- ---       = 000 000 000
- or d= id directory or not 
r   = Read the file or Directory
w = write the file or Directory
x  = Execute the file or Directory

And it is easy to:
rwx = 111 in binary = 7
rw- = 110 in binary = 6
r-x = 101 in binary = 5
r-- = 100 in binary = 4
--- = 000 in binary = 0
example:
me@linux:~$ chmod 754 file
me@linux:~$ls
--rwxr-xr-- 1 me me 1097374 Sep 26 18:48 file
me@linux:~$

In above first dash ('-') indicates the directory or not like follows

me@linux:~$ls
--rwxr-xr-- 1 me me 1097374 Sep 26 18:48 file
drwxr-xr--  1 me me 1097374 Sep 26 18:48 dir1
me@linux:~$

In above list first one is the file and second one is directory so it
indicate as “drwxr-xr--”.

Files permissions

Value Meaning
777 (rwxrwxrwx) No restrictions on permissions. Anybody may do anything. Generally
not a desirable setting.
755 (rwxr-xr-x) The file's owner may read, write, and execute the file. All others
may read and execute the file. This setting is common for programs
that are used by all users.
700 (rwx------) The file's owner may read, write, and execute the file. Nobody
else has any rights. This setting is useful for programs that only
the owner may use and must be kept private from others.
666 (rw-rw-rw-) All users may read and write the file.
644 (rw-r--r--) The owner may read and write a file, while all others may only
read the file. A common setting for data files that everybody may
read, but only the owner may change.
600 (rw-------) The owner may read and write a file. All others have no rights. A
common setting for data files that the owner wants to keep
private.

Directory permissions

Value Meaning
777 (rwxrwxrwx) No restrictions on permissions. Anybody may list files, create new
files in the directory and delete files in the directory.
Generally not a good setting.
755 (rwxr-xr-x) The directory owner has full access. All others may list the
directory, but cannot create files nor delete them. This setting
is common for directories that you wish to share with other users.
700 (rwx------) The directory owner has full access. Nobody else has any rights.
This setting is useful for directories that only the owner may use
and must be kept private from others.


SU Command - temporarily become the superuser.

    It is often useful to become the superuser to perform important system administration tasks, but as you have been warned (and not just by me!), you should not stay logged on as the superuser. In most distributions, there is a program that can give you temporary access
to the superuser's privileges. This program is called
su (short for substitute user) and can be used in those cases when you need to be the superuser for a small number of tasks. To become the superuser, simply type the su command. You will be prompted for the superuser's password:

me@linux:~$ su
Password:
root@linux#
    After executing the su command, you have a new shell session as the superuser. To exit the
superuser session, type
exit and you will return to your previous session. 
     It is different in some distributions like Ubuntu. We can perform SU alternative type as sudo and some command as like follow

me@linux:~$ sudo
some_command

Password:
me@linux:~$ continue with commands as root user

chown - change file ownership.

    We can change the ownership of the files and directories by using the chown
command as follows

me@linux:~$ su
Password:
root@linux#chown you some_file
root@linux# exit
me@linux:~$
For Ubuntu users

me@linux:~$ sudo chown you some_file
Password:
me@linux:~$

Notice that in order to change the owner of a file, you must be the
superuser. To do this, our example employed the su command, then we
executed chown, and finally we typed exit to return to our previous
session.
chown works the same way on directories as it does on files.

Chgrp - change a files and directories group ownership.

we can change group ownership of the files and directories.
me@linux:~$ chgrp
new_group some_file
If a file or directory relative to root user you change to su or add sudo
on above, we changed the group ownership of some_file from its previous group to "new_group". You must be the owner of the file or directory to perform a chgrp.