File Ownership And Permissions In Linux/Unix
Linux and Unix are multi-user operating systems that means different users can access the operating system at a time and can use system resources simultaneously. So the files created by them will have different ownership. And also have different rights about reading, writing or execution of that file.
View file permissions
Type ls -l
or ls -lah
on your terminal. It will display the files/directories and permissions of those files/directories of the current directory. For better understanding view the terminal image below:
You can see the permissions are given in the red highlighted part for corresponding files and directories.
Or you can also check the permission for and individual file or directory by typing ls -l filename
in your terminal.
Here is the detail of the information showing about filename in terminal
-rw-r--r--
is permission for different users of file (We will further discuss it in later part). In the next column, 1
is the number of hard links to the file. lalit lalit
is file owner and group respectively. 20
is the size of file. Sep 4
is date and 12:23
is the time of file creation. And the final column contains the name of the file.
File access modes
A file or directory can be accessed in the following modes.
r
(read) – It grants permission to read a file.
w
(write)- A file granted with write permission can be edited.
x
(execute)- A file with this permission can be run or executed. And a program files must be granted with x
permission in order to execute it.
Levels of file ownership
Every file or directory in Linux or Unix have the following levels of ownership
1. User or owner permission – A person who created the file is set as the owner of that file. The system’s root user can change these attributes of the file or directory.
The underlined part of -rw-r--r--
is the permission granted for an owner regarding a filename that means an owner has read, write permissions but not executing it. The first block is reserved for d
(directory) in case of a directory otherwise it is left blank. And the next three blocks shows the permission for a user.
2. Group permissions – A group or team can have multiple users. And it can be used to grant shared access to the files or directories for group members as its a convenient way to do so. The permission granted for a group will be applicable to all the group members.
The underlined part of -rw-
r--
r--
shows group permission that means group has read permission only. The second three blocks after the user block resembles the permission for a group.
3. Other user permissions- Any other user who not created the file or not a member of any user group. By default permission to these users is permission for all.
The last three blocks are reserved for other user permission look at the underlined part in -rw-r--r--
it shows permission for other users that means other users have only read permission here.
Change file permission using chmod
To change the file and directory permission, we have to use chmod(change mode) command. The owner who created the file can change the permission for user, group, or other user by adding(+) or removing(-) the read, write or execute permissions.
There are two ways to use chmod
command –
1. Symbolic Method –
In this method, different symbols for access class i.e user(u)
, group(g)
, and others(o)
, operators and file access mode i.e read, write and execute are used with chmod
command. Following is the list of symbols that can be used in this method
- Symbols for access class
u
(user)
g
(group)
o
(other)
a
(used for all of above) - Symbols used for operator are-
+
(add)
-
(remove)
=
(set exact access) - Symbols for file access mode
r
(read)
w
(write)
x
(execute)
Here are some example of using chmod
in symbolic method-
$ chmod g+w filename
In this example, we are going to add write(w) permissions to group(g) for the filename. Now a group user can edit the filename.
$ chmod a-w filename
In this example write(w) permission will be removed for all(a) the access types.
$ chmod g-w+x filename
In the above example write(w) permission will be removed and execute(x) permission will be added for group users.
$ chmod -R o+r directory_name
where -R flag is used to change permission recursively in all the subdirectories under a specified directory, please. Note that you should have execute(x) permission for a directory in order to access it or use it with the cd
command.
2. Absolute Method-
In this method, we use a set of numbers or sum of that number to change the permission of a file or directory
Permission | Number |
---|---|
r(read) |
4 |
w(write) |
2 |
x(execute) |
1 |
For example –
$ chmod 751 filename
user have all(4+2+1=7) the permissions, group have read and execute(4+0+1=5) permissions and other users have execute(0+0+1=1) permission only.
Changing Owner
To change ownership of a file or directory we will use chown
command it stands for “change owner”. The basic syntax of chown
is given below
chown user_name name_of_files
you can use UID that is user-id instead of user_name.
for example-
$ chown lalit filename
the above command will change the ownership of filename to lalit.
Changing group ownership
You can use chgrp
command to change the group ownership of a file or directory. Following is the basic syntax of chgrp
command-
chgrp group_name name_of_files
you can use GID that is group id instead of group_name.
for example-
$ chgrp developers_group filename
the above command will change the group of filename to developers_group.
About author
You might also like
[SHELL] How to know in which shell you are working in Linux or FreeBSD
There are several ways to know the current shell on which you are working. We will be using some shell commands to know in which Shell you are working on.
How To Use Vi Text Editor An Easy Guide
5 / 5 ( 1 vote ) Introduction to vi Vi is a command based & standard Unix text editor. It is fast and powerful you need not remove your
Virtualization In Linux With Xen
Virtualization Technology Virtualization means creating a virtual version of something like computer hardware, storage devices, and network resources, etc. It allows you to create multiple simulated environments from a single
0 Comments
No Comments Yet!
You can be first to comment this post!