Linux Fundamentals 5: Users Permissions

To view permissions file and directory permissions use the ls command

ls -l

The permission set is defined by the string in the first column. The first character denotes file type (-) is a file and (d) is a directory.

The remaining bit are grouped into 3 sets of 3. User permissions, group permissions and then other permissions. The bits are represented as follows.

r: readable
w: writable
x: exectuable
-: empty.

For testing purposes, I will create a test log file.

sudo touch test.log

And then check the permissions

To understand the bits more clearly you can split them up so its easier to read

-|rw-|r--|r--|

- Means this is a file
rw- User permissions has read/write but not executable.
r-- Group permissions, has read and not write or executable.
r-- Other permissions, has read and not write or executable.

How to add and remove permissions.

Use the chmod command to change permissions. For example

chmod u+w test.log

Use "+" or "-" to remove permissions and use the following to specify the permissions type

o - other permissions
g - for group,
u - for user,
a - for all.

To add executable user permissions to are test file run the following.

sudo chmod u+x test.log

I can see that the executable permissions(x) was added to the user bits.

And to remove the executable permission for the user I will use.

sudo chmod u-x test.log

Symbolic Permissions.

You can set all the permissions in one using the following.
0 No permission
1 Execute
2 Write
3 Execute and Write
4 Read
5 Read and Execute
6 Read and Write
7 Read, Write and Execute

To apply read, write and execute permissions to users, groups, and other all at the same time you can run the following command.

sudo chmod 777 test.log

Change File Ownership

To check users you can use

cat /etc/passwd

I can see my account in the users list, lets go ahead give myself ownership of the test file using the chown command.

sudo chown kjohnson test.log

Checking the file permissions again with ls -l  we can see the owner has been changed.

Change Group Permissions

Lets check groups

cat /etc/group

And now use the chgrp command to change the group permissions on the test file.

sudo chgrp users test.log

Checking the file permissions again with ls -l  we can see the group is now changed to users.

SUID  (Set User Id)

Set User Id allows the user to run a program as the owner of the program rather than themselves.

Lets add this to our test file.

sudo chmod u+s test.log

We can see that the additional 's' bit has been added to the test file.

The Sticky Bit

The sticky bit (t) is most useful in shared directories, it means only the owner or the root can change the file. Lets add it to our test file

sudo chmod +t test.log

And to up  lets clean up the test file.

sudo rm test.log