Linux Permissions Explained

May 15, 2024

Introduction

Linux, like other Unix-like operating systems, allows multiple users to work on the same server simultaneously without disrupting each other. Individuals sharing access to files pose a risk of exposing classified information or even data loss if other users access their files or directories.

To address this issue, Unix added the file permission feature to specify how much power each user has over a given file or directory.

In this tutorial, you will learn how to view and change file permissions in Linux.

Linux permissions explained.

Prerequisites

  • A machine running Linux.
  • A user account with root privileges.
  • Access to the terminal.

How to Check Permissions in Linux

Before modifying file permissions, you have to find the current Linux permission settings. There are two ways to check the permissions: using the graphical user interface (GUI) or the command-line interface (CLI).

Check Permissions Using GUI

Finding the file or directory permissions via the graphical user interface is simple. Follow the steps below:

1. Open File Explorer and locate the file or directory you want to examine. Right-click the icon and select Properties.

2. Click the second tab labeled Permissions.

File properties in Linux.

3. The Permissions tab shows the permissions for each file divided into three categories:

  • Owner (the user who created the file/directory).
  • Group (which the owner belongs to).
  • Others (all other users).

For each file, the owner can grant or restrict access to users according to the categories they fall in.

Checking file permissions in Linux.

In our example, the owner of the test.txt file has access to read and write, while other members of its group and all other users have read-only access. Therefore, they can only open the file, but cannot make any modifications.

Check Permissions in Command-Line with ls Command

If you prefer using the command line, use the ls command to list information about files/directories. You can also add the -l option to the command to see the information in a long list format.

The syntax is:

ls -l [file_name]

For instance, the command for the previously mentioned file is:

ls -l test.txt
Checking file permissions with the ls command.

The output provides the following information:

  • File permissions.
  • The owner (creator) of the file.
  • The group to which that owner belongs.
  • The creation date.

How to Read Linux Permissions

Linux permissions are represented by a series of symbols that indicate which users can read, write, or execute a file or directory. Understanding these permissions is crucial for managing access to your system's resources.

Permissions are organized into three categories:

  • The owner of the file or directory.
  • The group associated with the file or directory.
  • All other users on the system.

Each category has three permission types: read (r), write (w), and execute (x). These permissions determine what actions can be performed on a file or directory.

The following example shows the permissions for a file:

-rw-r--r--
  • The first character indicates the file type - a regular file (-), directory (d), symbolic link (i), etc.
  • The next three characters represent the user's (owner's) permissions.
  • The three characters after that are the group's permissions.
  • The final three characters are the permissions for all other users.
Linux file permission syntax explained.

Permission Groups

The three distinct user-based permission groups in Linux are: owner, group, and all users.

  • Owner. The owner of a file or directory is the user who created it. By default, the owner has full control over the file or directory, including the ability to read, write, and execute it.
  • Group. Every file and directory in Linux is associated with a specific group. Users who belong to this group have the permissions defined for the group category. Groups provide a more granular control over access to files and directories, especially in environments with multiple users.
  • All users. The last set of symbols in the permission string represents the permissions for all other users on the system, excluding the group owner. These permissions apply to anyone who is not the owner or a member of the group associated with the file or directory.

Permission Types

The three basic permission types found in Linux file and directory permissions are: read, write, and execute.

  • Read. (r) The read permission allows users to view the contents of a file or list the contents of a directory.
  • Write. (w) The write permission allows users to modify a file's contents or add, remove, or rename files within a directory.
  • Execute. (x) The execute permission allows users to execute a file or traverse (i.e., enter) a directory. For files, execute permission is required to run the file as a program or script. For directories, execute permission is required to access the contents of the directory.

Special Permissions

In addition to the standard read, write, and execute permissions, Linux also supports special permissions that provide additional control over how files and directories are accessed.

setuid (Set User ID)

The setuid permission allows a user to execute a file with the permissions of the file's owner, rather than the permissions of the user executing the file. setuid is commonly used for executable files that need to be run with elevated privileges.

setgid (Set Group ID)

Similar to setuid, the setgid permission allows a user to execute a file with the permissions of the file's group, rather than the permissions of the user executing the file. setgid is often used for directories to ensure that files created within the directory inherit the group ownership of the directory.

sticky bit

The sticky bit permission, when applied to a directory, ensures that only the owner of a file within that directory or the root user can delete or rename the file, even if other users have write permissions on the directory. This is commonly used for directories such as /tmp to prevent unauthorized users from tampering with files.

Symbolic and Octal Notation

This section explains both symbolic and octal notation methods used to represent Linux file permissions.

Symbolic Notation

Symbolic notation represents permissions using symbols (r, w, x, and -) to indicate read, write, and execute permissions, respectively. It also includes additional symbols (u, g, o, and a) to specify whether permissions apply to the owner, group, others, or all users. For example, u+x means to add execute permission for the owner.

Octal Notation

Octal notation represents permissions using a three-digit number, where each digit corresponds to the sum of the permissions for the owner, group, and others, respectively. Each permission type is assigned a numeric value: read (4), write (2), and execute (1). For example, 755 means read, write, and execute permissions for the owner, as well as read and execute permissions for the group and others.

How to Change Permissions in Linux

There are two primary methods for changing permissions in Linux:

  • Absolute mode and
  • Symbolic mode.

Each method offers its own approach to specifying permissions and provides flexibility in access control. The command used in both methods is the chmod command.
Its basic syntax is:

chmod [permission] [file_name/directory]

The sections below explain each method for managing permissions in your Linux environment.

Symbolic Mode

To specify permission settings using alphanumerical characters, you need to define accessibility for the user/owner (u), group (g), and others (o).

Type the initial letter for each class, followed by the equal sign (=) and the first letter of the read (r), write (w) and/or execute (x) privileges.

For example, to set a file public for reading, writing, and executing, use:

chmod u=rwx,g=rwx,o=rwx [file_name]

To set the permissions as in the previously mentioned test.txt to be:

  • Read and write for the user.
  • Read for the members of the group.
  • Read for other users.

Use the following command:

chmod u=rw,g=r,o=r test.txt

Note: There is no space between the categories. Use commas to separate them.

Absolute Mode

Another way to specify permission is by using the octal/numeric format. This option is faster, as it requires less typing, although it is not as straightforward as the symbolic mode.

Instead of letters, the octal format represents privileges with numbers:

  • r(ead) has the value of 4.
  • w(rite) has the value of 2.
  • (e)x(ecute) has the value of 1.
  • no permission has the value of 0.

The privileges are summed up and depicted by one number. Therefore, the possibilities are:

  • 7 - for read, write, and execute permission.
  • 6 - for read and write privileges.
  • 5 - for read and execute privileges.
  • 4 - for read privileges.

As you have to define permission for each category (user, group, owner), the command includes three numbers (each representing the summation of privileges).

For instance, let’s look at the test.txt file that we symbolically configured with the chmod u=rw,g=r,o=r test.txt command.

The same permission settings can be defined using the octal format with the command:

chmod 644 test.txt

Note: For an in-depth guide on how to use chmod In Linux to change file permissions recursively, read our Chmod Recursive guide.

How to Change File or Directory Ownership in Linux

Aside from changing file and directory permissions, you may also need to change the user ownership or even group ownership. Both of these tasks require superuser privileges. Follow the steps below to change a file or directory ownership:

Change File Ownership

To change the file ownership, use the chown command. The syntax is:

chown [user_name] [file_name/directory]

Replace [user_name] with the name of the user you want to make the new owner of the file or directory.

Change Group Ownership

To change the group ownership, use the chgrp command. The syntax is:

chgrp [group_name] [file_name/directory]

Replace [group_name] with the name of the group you want to make the new file/directory owner.

Conclusion

Learning how to check and change permissions of Linux files and directories is an essential skill all Linux users should master. This article showed how to read and change file or directory permissions or ownership in Linux.

Next, see how to show hidden files in Linux or learn to delete files with the rm command.

Was this article helpful?
YesNo
Bosko Marijan
Having worked as an educator and content writer, combined with his lifelong passion for all things high-tech, Bosko strives to simplify intricate concepts and make them user-friendly. That has led him to technical writing at PhoenixNAP, where he continues his mission of spreading knowledge.
Next you should read
How To Install and Use Linux Screen, With Commands
April 7, 2022

Screen is a powerful tool for working in the command line. It lets you create, monitor, and switch between...
Read more
How to Remove (Delete) a File or Directory in Linux
May 15, 2024

This article lists the most commonly used commands and tools to remove unwanted files and directories from...
Read more
How to Create a File in Linux Using Terminal/Command Line
July 11, 2024

Creating a file in Linux might seem straightforward, but there are some surprising and clever techniques. In...
Read more
How to Copy Files and Directories in Linux
December 28, 2023

Want to learn how to copy files in Linux OS? This guide will show you how to use the Linux commands to copy...
Read more