As we know linux is a multi-user system. In such systems it becomes crucial to protect the files of the system from being altered, corrupted or deleted by unauthorised users. The Linux system divides authorisations in two levels: Ownership and Permissions.
(adsbygoogle = window.adsbygoogle || []).push({});Ownerships Determines types of users at authorization. There are three types of ownership to a file or directory in linux system.
- Owner : The user who created the file or directory.
- Group: Users authorised by owner to use file.
- Others : All other users of files who are neither owner nor are in group
But now question is how linux system distinguish between different users and how can it protect a file or directory from unauthorized access. For this purpose linux uses permissions. There are three types of permissions to a file or directory:
- Read = Read permission allows a user to read or view a file.
- Write = Write permission allows a user to modify contents of the file.
- Execute = Execute permission allows a user to execute or run a file.
Also Read : How to find, and read Log files in Linux?
These permissions are represented by following symbols.
- r = Read Permission
- w = Write Permission
- x = Execute Permission
- – = No Permission
When access the list of files and folders inside a linux directory. You see something like this.
Characters in the beginning of each line represents permissions of different types of user.
First character in list items represents weather its a file or directory.
Next 9 characters represents permissions for different types of users. First three of which is for owner. Second set of three characters represents permission for group, and last three character for all other users.
The ‘d’ symbol in the beginning suggests a directory, where ‘-’ symbol in the beginning represents a permissions for a file. rwx permission for a owner suggests that owner has read, write and execute permission for a file, rw- permission for group suggests that group has read and write permission but no permission for executing file.
How to change Permissions
File and directory permissions are changed using chmod( change mode) command. There are two ways to use chmod — the symbolic mode and the absolute mode.
Using chmod in Symbolic Mode
In symbolic mode you can add, delete, or specify the permission by using the following operators.
- ‘+’ to add the designated permission(s) to a file or directory.
- ‘-’ to remove the designated permission(s) from a file or directory.
- ‘=’ to set the designated permission(s).
$chmod o+wx,u-x,g = rx myfile
$ls -l myfile-rw-r-xrwx 1 ubuntu users 1024 Nov 2 00:10 myfile
Using chmod with Absolute Permissions
This is a way to modify permissions with the chmod command is to use a number to specify each set of permissions for the file.
Each permission is assigned a value, and the total of each set of permissions provides a number for that set. Check the following table.
Number | Octal Representation of Permission | Ref |
0 | No permission | — |
1 | Execute permission | –x |
2 | Write permission | -w- |
3 | Execute and write permission: 1 (execute) + 2 (write) = 3 | -wx |
4 | Read permission | r– |
5 | Read and execute permission: 4 (read) + 1 (execute) = 5 | r-x |
6 | Read and write permission: 4 (read) + 2 (write) = 6 | rw- |
7 | All permissions: 4 (read) + 2 (write) + 1 (execute) = 7 | rwx |
$ls -1 myfile-rwxrwx—1 ubuntu users 1024 Nov 2 00 : 10
To see the permission changes, each example chmod command from the preceding table is run on the myfile, followed by Is by Is -1.
$ chmod 755 myfile
$ls -1 755 myfile
$ls -1 myfile
-rwx-xr-x 1 ubuntu users 1024 Nov 2 00 : 10 myfile
$chmod 743 myfile
$ls -1 myfile-rwxr---wx
1 ubuntu users 1024 Nov 2 00:10 myfile
$chmod 043 myfile$ls -1 myfile----r---wx 1 ubuntu users 1024 Nov 2 00 :10 myfile
Changing Owners and Groups
While creating an account on Unix, each user is gets assigned a owner ID and a group ID. All permissions are also assigned based on the Owner and the Groups.
Changing Ownership.
Chown command is used to change the ownership of a user. Chown stands for ‘change owner’. Basic syntax for this is –
$ chown user filelist
The value of the user can be either the name of a user on the system or the user id (uid) of a user on the system.Understand this with following example −
$ chown ubuntu myfile
Changing group ownership
chgrp command is used to change the ownership of a group. Chown stands for ‘change owner’. Basic syntax for this is –
$ chgrp group filelist
The value of the user can be either the name of a group on the system or the id of a group (gid) on the system.Understand this with following example −
$ chgrp special myfile
Changes the group of the given file to special group.