Permissions for Linux file and folder permissions control who can read, write, and execute files and directories. Whether you’re protecting sensitive data, sharing files with others, or running scripts, understanding permissions is essential for maintaining security and functionality.
– Understanding file permissions and ownership.
– Viewing permissions with
ls -l.– Changing permissions with
chmod.– Changing ownership with
chown.– Special permissions like
setuid, setgid, and the sticky bit.
Why Learn Linux File and Folder Permissions?
Mastering Linux file and folder permissions ensures secure and efficient system management. Permissions control who can read, write, or execute files, critical for file access control in multi-user environments. This chapter builds on Chapters 3 (ls), 4 (touch), and 6 (redirection), teaching beginners to manage access confidently.
Understanding Permissions
Basics of File Access Control
Every file and directory has three permission types:
- Read (r): View file contents or list directory contents.
- Write (w): Modify files or add/remove directory contents.
- Execute (x): Run files as programs or enter directories.
Permissions apply to three user categories:
- Owner: File owner.
- Group: Group owning the file.
- Others: All other users.
Viewing Permissions
Using ls to Check Permissions
$ ls -l displays permissions:
$ ls -l
Output: -rw-r--r-- 1 user group 4096 Jun 5 05:11 example.txt
drwxr-xr-x 2 user group 4096 Jun 5 05:11 my_folder
Interpretation:
- File Type:
-(file),d(directory). - Permissions:
rw-r--r--(owner: read/write, group/others: read). - Owner/Group:
user/group.
Changing Permissions with chmod
Modifying Linux File and Folder Permissions
$ chmod adjusts permissions using symbolic or numeric modes.
Symbolic Mode
Use letters: u (owner), g (group), o (others), a (all), + (add), - (remove), = (set).
Examples:
$ chmod u+x example.txt
Output: Adds execute for owner (-rwxr--r--).
$ chmod o-w example.txt
Output: Removes write for others.
$ chmod ug=rw example.txt
Output: Sets read/write for owner/group (-rw-rw-r--).
Numeric Mode
Use numbers: 4 (read), 2 (write), 1 (execute), summed per category.
Examples:
$ chmod 744 example.txt
Output: Owner: read/write/execute, others: read (-rwxr--r--).
$ chmod 644 example.txt
Output: Owner: read/write, others: read (-rw-r--r--).
Changing Ownership with chown
Managing File Ownership
$ chown changes owner/group, often requiring sudo. Caution: Use sudo carefully to avoid system issues.
Changing Owner
$ sudo chown new_owner example.txt
Output: Sets new_owner as owner.
Changing Group
$ sudo chown :new_group example.txt
Output: Sets new_group as group.
Changing Owner and Group
$ sudo chown new_owner:new_group example.txt
Output: Updates both owner and group.
Special Permissions
Advanced File Access Control
Special permissions enhance security.
Setuid (s)
Execute file as owner:
$ sudo chmod u+s /usr/bin/passwd
Output: Adds setuid (-rwsr-xr-x).
Setgid (s)
Inherit directory group:
$ sudo chmod g+s /shared_directory
Output: Adds setgid (drwxr-sr-x).
Sticky Bit (t)
Restrict deletions:
$ sudo chmod +t /shared_directory
Output: Adds sticky bit (drwxr-xr-t).
Advanced Permission Management
Granular Control with ACLs and umask
Access Control Lists (ACLs) and umask offer precise file access control.
ACLs:
$ setfacl -m u:user:rwx file.txt
Output: Grants user read/write/execute on file.txt.
umask:
$ umask 022
Output: Sets default permissions (files: 644, directories: 755).
Note: Compared to chmod (standard permissions, see Chapter 3), setfacl provides granular ACLs, allowing specific user permissions for complex setups.
Installation Note: setfacl requires the acl package, which may not be installed by default in Debian 12. Install with: $ sudo apt install acl. See Debian APT.
Glossary of Commands and Tools
Reference: For detailed command documentation, visit Linux Manpages. For package installation, search on Debian APT.
| Command/Tool | Description |
|---|---|
| ls | Lists directory contents with permissions. |
| chmod | Changes file/directory permissions. |
| chown | Changes file/directory owner and group. |
| setfacl | Sets Access Control Lists for granular permissions. |
| umask | Sets default permissions for new files/directories. |
| setuid | Executes file with owner’s permissions. |
| setgid | Inherits directory group for new files. |
| sticky bit | Restricts file deletions in directories. |
Practice Linux File and Folder Permissions
Test your skills:
$ ls -l ~: View file permissions in home directory.$ chmod u=rw,g=r,o=r example.txtor$ chmod 644 example.txt: Setrw-r--r--.$ sudo chown new_user example.txt: Change owner (usesudocautiously).$ sudo chmod +t /tmp: Set sticky bit on a directory, test deletion restrictions.
Conclusion
You’ve mastered Linux file and folder permissions, from chmod to setfacl, ensuring robust file access control. Practice these to secure your system. Next, we’ll explore process management! (See Chapters 3–6 for exploration and redirection.)
That’s it for Chapter 9! You’ve now learned how to manage file permissions and ownership in Linux. In the next chapter, we’ll dive into processes—understanding and managing running programs. Until then, practice working with permissions to secure and organize your files.
Previous : Chapter 8 | Next: Chapter 10