Introduction
Linux, like other Unix-like operating systems, allows multiple users to work on the same server simultaneously without disrupting each other. Individuals sharing access to files pose a risk of exposing classified information or even data loss if other users access their files or directories.
To address this issue, Unix added the file permission feature to specify how much power each user has over a given file or directory.
In this tutorial, you will learn how to view and change file permissions in Linux.
Prerequisites
- A machine running Linux.
- A user account with root privileges.
- Access to the terminal.
How to Check Permissions in Linux
Before modifying file permissions, you have to find the current Linux permission settings. There are two ways to check the permissions: using the graphical user interface (GUI) or the command-line interface (CLI).
Check Permissions Using GUI
Finding the file or directory permissions via the graphical user interface is simple. Follow the steps below:
1. Open File Explorer and locate the file or directory you want to examine. Right-click the icon and select Properties.
2. Click the second tab labeled Permissions.
3. The Permissions tab shows the permissions for each file divided into three categories:
- Owner (the user who created the file/directory).
- Group (which the owner belongs to).
- Others (all other users).
For each file, the owner can grant or restrict access to users according to the categories they fall in.
In our example, the owner of the test.txt file has access to read and write, while other members of its group and all other users have read-only access. Therefore, they can only open the file, but cannot make any modifications.
Check Permissions in Command-Line with ls Command
If you prefer using the command line, use the ls command to list information about files/directories. You can also add the -l option to the command to see the information in a long list format.
The syntax is:
ls -l [file_name]For instance, the command for the previously mentioned file is:
ls -l test.txt
The output provides the following information:
- File permissions.
- The owner (creator) of the file.
- The group to which that owner belongs.
- The creation date.
How to Read Linux Permissions
Linux permissions are represented by a series of symbols that indicate which users can read, write, or execute a file or directory. Understanding these permissions is crucial for managing access to your system's resources.
Permissions are organized into three categories:
- The owner of the file or directory.
- The group associated with the file or directory.
- All other users on the system.
Each category has three permission types: read (r), write (w), and execute (x). These permissions determine what actions can be performed on a file or directory.
The following example shows the permissions for a file:
-rw-r--r--- The first character indicates the file type - a regular file (
-), directory (d), symbolic link (i), etc. - The next three characters represent the user's (owner's) permissions.
- The three characters after that are the group's permissions.
- The final three characters are the permissions for all other users.
Permission Groups
The three distinct user-based permission groups in Linux are: owner, group, and all users.
- Owner. The owner of a file or directory is the user who created it. By default, the owner has full control over the file or directory, including the ability to read, write, and execute it.
- Group. Every file and directory in Linux is associated with a specific group. Users who belong to this group have the permissions defined for the group category. Groups provide a more granular control over access to files and directories, especially in environments with multiple users.
- All users. The last set of symbols in the permission string represents the permissions for all other users on the system, excluding the group owner. These permissions apply to anyone who is not the owner or a member of the group associated with the file or directory.
Permission Types
The three basic permission types found in Linux file and directory permissions are: read, write, and execute.
- Read. (r) The read permission allows users to view the contents of a file or list the contents of a directory.
- Write. (w) The write permission allows users to modify a file's contents or add, remove, or rename files within a directory.
- Execute. (x) The execute permission allows users to execute a file or traverse (i.e., enter) a directory. For files, execute permission is required to run the file as a program or script. For directories, execute permission is required to access the contents of the directory.
Special Permissions
In addition to the standard read, write, and execute permissions, Linux also supports special permissions that provide additional control over how files and directories are accessed.
setuid (Set User ID)
The setuid permission allows a user to execute a file with the permissions of the file's owner, rather than the permissions of the user executing the file. setuid is commonly used for executable files that need to be run with elevated privileges.
setgid (Set Group ID)
Similar to setuid, the setgid permission allows a user to execute a file with the permissions of the file's group, rather than the permissions of the user executing the file. setgid is often used for directories to ensure that files created within the directory inherit the group ownership of the directory.
sticky bit
The sticky bit permission, when applied to a directory, ensures that only the owner of a file within that directory or the root user can delete or rename the file, even if other users have write permissions on the directory. This is commonly used for directories such as /tmp to prevent unauthorized users from tampering with files.
Symbolic and Octal Notation
This section explains both symbolic and octal notation methods used to represent Linux file permissions.
Symbolic Notation
Symbolic notation represents permissions using symbols (r, w, x, and -) to indicate read, write, and execute permissions, respectively. It also includes additional symbols (u, g, o, and a) to specify whether permissions apply to the owner, group, others, or all users. For example, u+x means to add execute permission for the owner.
Octal Notation
Octal notation represents permissions using a three-digit number, where each digit corresponds to the sum of the permissions for the owner, group, and others, respectively. Each permission type is assigned a numeric value: read (4), write (2), and execute (1). For example, 755 means read, write, and execute permissions for the owner, as well as read and execute permissions for the group and others.
How to Change Permissions in Linux
There are two primary methods for changing permissions in Linux:
- Absolute mode and
- Symbolic mode.
Each method offers its own approach to specifying permissions and provides flexibility in access control. The command used in both methods is the chmod command.
Its basic syntax is:
chmod [permission] [file_name/directory]The sections below explain each method for managing permissions in your Linux environment.
Symbolic Mode
To specify permission settings using alphanumerical characters, you need to define accessibility for the user/owner (u), group (g), and others (o).
Type the initial letter for each class, followed by the equal sign (=) and the first letter of the read (r), write (w) and/or execute (x) privileges.
For example, to set a file public for reading, writing, and executing, use:
chmod u=rwx,g=rwx,o=rwx [file_name]To set the permissions as in the previously mentioned test.txt to be:
- Read and write for the user.
- Read for the members of the group.
- Read for other users.
Use the following command:
chmod u=rw,g=r,o=r test.txtNote: There is no space between the categories. Use commas to separate them.
Absolute Mode
Another way to specify permission is by using the octal/numeric format. This option is faster, as it requires less typing, although it is not as straightforward as the symbolic mode.
Instead of letters, the octal format represents privileges with numbers:
r(ead) has the value of4.w(rite) has the value of2.- (e)
x(ecute) has the value of1. - no permission has the value of
0.
The privileges are summed up and depicted by one number. Therefore, the possibilities are:
7- for read, write, and execute permission.6- for read and write privileges.5- for read and execute privileges.4- for read privileges.
As you have to define permission for each category (user, group, owner), the command includes three numbers (each representing the summation of privileges).
For instance, let’s look at the test.txt file that we symbolically configured with the chmod u=rw,g=r,o=r test.txt command.
The same permission settings can be defined using the octal format with the command:
chmod 644 test.txtNote: For an in-depth guide on how to use chmod In Linux to change file permissions recursively, read our Chmod Recursive guide.
How to Change File or Directory Ownership in Linux
Aside from changing file and directory permissions, you may also need to change the user ownership or even group ownership. Both of these tasks require superuser privileges. Follow the steps below to change a file or directory ownership:
Change File Ownership
To change the file ownership, use the chown command. The syntax is:
chown [user_name] [file_name/directory]Replace [user_name] with the name of the user you want to make the new owner of the file or directory.
Change Group Ownership
To change the group ownership, use the chgrp command. The syntax is:
chgrp [group_name] [file_name/directory]Replace [group_name] with the name of the group you want to make the new file/directory owner.
Conclusion
Learning how to check and change permissions of Linux files and directories is an essential skill all Linux users should master. This article showed how to read and change file or directory permissions or ownership in Linux.
Next, see how to show hidden files in Linux or learn to delete files with the rm command.
