File Ownership And Permissions In Linux/Unix

Linux and Unix are multi-user operating systems that means different users can access the operating system at a time and can use system resources simultaneously. So the files created by them will have different ownership. And also have different rights about reading, writing or execution of that file.

View file permissions

Type ls -l or ls -lah on your terminal. It will display the files/directories and permissions of those files/directories of the current directory. For better understanding view the terminal image below:

You can see the permissions are given in the red highlighted part for corresponding files and directories.

Or you can also check the permission for and individual file or directory by typing ls -l filename in your terminal.

Here is the detail of the information showing about filename in terminal

-rw-r--r-- is permission for different users of file (We will further discuss it in later part). In the next column, 1 is the number of hard links to the file. lalit lalit is file owner and group respectively. 20 is the size of file. Sep 4  is date and 12:23 is the time of file creation. And the final column contains the name of the file.

File access modes

A file or directory can be accessed in the following modes.

r (read) – It grants permission to read a file.

w(write)- A file granted with write permission can be edited.

x(execute)- A file with this permission can be run or executed. And a program files must be granted with x permission in order to execute it.

Levels of file ownership

Every file or directory in Linux or Unix have the following levels of ownership

1. User or owner permission –  A person who created the file is set as the owner of that file. The system’s root user can change these attributes of the file or directory.

The underlined part of -rw-r--r-- is the permission granted for an owner regarding a filename that means an owner has read, write permissions but not executing it. The first block is reserved for d (directory) in case of a directory otherwise it is left blank. And the next three blocks shows the permission for a user.

2. Group permissions – A group or team can have multiple users. And it can be used to grant shared access to the files or directories for group members as its a convenient way to do so. The permission granted for a group will be applicable to all the group members.

The underlined part of -rw-r--r-- shows group permission that means group has read permission only. The second three blocks after the user block resembles the permission for a group.

3. Other user permissions- Any other user who not created the file or not a member of any user group. By default permission to these users is permission for all.

The last three blocks are reserved for other user permission look at the underlined part in -rw-r--r-- it shows permission for other users that means other users have only read permission here.

Change file permission using chmod

To change the file and directory permission, we have to use chmod(change mode) command. The owner who created the file can change the permission for user, group, or other user by adding(+) or removing(-) the read, write or execute permissions.
There are two ways to use chmod command  –

1. Symbolic Method –

In this method, different symbols for access class i.e user(u), group(g), and others(o), operators and file access mode i.e read, write and execute are used with chmod command. Following is the list of symbols that can be used in this method

• Symbols for access class
  u (user)
  g (group)
  o(other)
  a(used for all of above)
• Symbols used for operator are-
  + (add)
  -(remove)
  =(set exact access)
• Symbols for file access mode
  r (read)
  w (write)
  x (execute)

Here are some example of using chmod in symbolic method-

$ chmod g+w filename

In this example, we are going to add write(w) permissions to group(g) for the filename. Now a group user can edit the filename.

$ chmod a-w filename

In this example write(w) permission will be removed for all(a) the access types.

$ chmod g-w+x filename

In the above example write(w) permission will be removed and execute(x) permission will be added for group users.

$ chmod -R o+r directory_name

where -R flag is used to change permission recursively in all the subdirectories under a specified directory, please. Note that you should have execute(x) permission for a directory in order to access it or use it with the cd command.

2. Absolute Method-

In this method, we use a set of numbers or sum of that number to change the permission of a file or directory

For example –

$ chmod 751 filename

user have all(4+2+1=7) the permissions, group have read and execute(4+0+1=5) permissions and other users have execute(0+0+1=1) permission only.

Changing Owner

To change ownership of a file or directory we will use chown command it stands for “change owner”. The basic syntax of chown is given below

chown user_name name_of_files

you can use UID that is user-id instead of user_name.

for example-

$ chown lalit filename

the above command will change the ownership of filename to lalit.

Changing group ownership

You can use chgrp command to change the group ownership of a file or directory. Following is the basic syntax of chgrp command-

chgrp group_name name_of_files

you can use GID that is group id instead of group_name.

for example-

$ chgrp developers_group filename

the above command will change the group of filename to developers_group.