Linux create file with permissions

permissions to create file in directory [duplicate]

I’ve read here that in order to create a file inside a directory in Linux, one should have write permission to that directory. However when examining this (in Ubuntu Server 14) it did not worked.

only after adding execute permissionto mydir I could touch that file. So execute permissions are also needed in order to touch a file?

EDIT: from @Pablo Bianchi ref I learn that

The ability to rename files in the directory, create new files, or delete existing files, if you also have Execute permissions. If you don’t have execute perms, then write perms are meaningless.»

So I guess that execute perms are ndeed required in order to use write perms to create new files.

2 Answers 2

A directory is nothing else than a file, but it is a special file which contains a list of hardlinks to the files and subdirectories (which are also indeed files).

If you have read permissions for a directory, you are able to read the list of hardlinks.

If you have write permissions for a directory you are able to modify the list of hardlinks.

The execute permission is like a door to the next level, if you have execute permission, the door is open. If you don’t have execute permission, the door is closed.

If you want to create a file in a directory, you need to be able to modify the list of hardlinks, thus you need write permission for the directory. But that’s just a directory-entry, the file itself will reside behind the door, so you need execute permission to open the door.

Imagine a room with a table inside it. On the door is a list with the furniture in the room, the list contains only the word ‘table’. Now you want to add a chair to the table in the room. You add the word ‘chair’ to the list on the door. And you need to open the door to bring the chair inside.

Источник

Ubuntu Documentation

Understanding and Using File Permissions

In Linux and Unix, everything is a file. Directories are files, files are files and devices are files. Devices are usually referred to as a node; however, they are still files. All of the files on a system have permissions that allow or prevent others from viewing, modifying or executing. If the file is of type Directory then it restricts different actions than files and device nodes. The super user «root» has the ability to access any file on the system. Each file has access restrictions with permissions, user restrictions with owner/group association. Permissions are referred to as bits.

To change or edit files that are owned by root, sudo must be used — please see RootSudo for details.

If the owner read & execute bit are on, then the permissions are:

There are three types of access restrictions:

Permission

Action

chmod option

There are also three types of user restrictions:

User

ls output

Note: The restriction type scope is not inheritable: the file owner will be unaffected by restrictions set for his group or everybody else.

Folder/Directory Permissions

Directories have directory permissions. The directory permissions restrict different actions than with files or device nodes.

Permission

Action

chmod option

(view contents, i.e. ls command)

(create or remove files from dir)

(cd into directory)

read restricts or allows viewing the directories contents, i.e. ls command

write restricts or allows creating new files or deleting files in the directory. (Caution: write access for a directory allows deleting of files in the directory even if the user does not have write permissions for the file!)

execute restricts or allows changing into the directory, i.e. cd command

» height=»16″ src=»/moin_static198/light/img/icon_cool.png» title=»Info » width=»16″/> Folders (directories) must have ‘execute’ permissions set (x or 1), or folders (directories) will NOT FUNCTION as folders (directories) and WILL DISAPPEAR from view in the file browser (Nautilus).

Permissions in Action

Using the example above we have the file «/etc/hosts» which is owned by the user root and belongs to the root group.

What are the permissions from the above /etc/hosts ls output?

Changing Permissions

The command to use when modifying permissions is chmod. There are two ways to modify permissions, with numbers or with letters. Using letters is easier to understand for most people. When modifying permissions be careful not to create security problems. Some files are configured to have very restrictive permissions to prevent unauthorized access. For example, the /etc/shadow file (file that stores all local user passwords) does not have permissions for regular users to read or otherwise access.

Источник

How are file permissions applied to newly created files?

I have a directory that has the following permissions set:

On the desktop, I access this folder and right click to create a new file call foo.txt . Then using the terminal, I created another file using the command $ touch bar.txt .

When I check the permissions for these files, I have:

I was expecting -rw-r——. user group . How did the extra write permission for group and read permission for others come about?

1 Answer 1

setguid

There are 2 forces here at work. The first is the setgid bit that’s enabled on the folder, folder .

That’s the s in the pack of characters at the beginning of this line. They’re grouped thusly:

The r-s means that any files or directories created inside this folder will have the group automatically set to the group group .

That’s what caused the files foo.txt and bar.txt to be created like so:

permissions & umask

The permissions you’re seeing are another matter. These are governed by the settings for your umask . You can see what your umask is set to with the command umask :

NOTE: these bits are also called «mode» bits.

It’s a mask so it will disable any of the bits related to permissions which are enabled. In this example the only bit I want off is the write permissions for other.

The representation of the «bits» in this command are in decimal form. So a 2 equates to 010 in binary form, which is the write bit. A 4 (100) would mean you want read disabled. A 7 (111) means you want read/write/execute all disabled. Building it up from here:

Would disable the read/write/execute bits for other users.

So then what about your files?

Well the umask governs the permissions that will get set when a new file is created. So if we had the following umask set:

And started touching new files, we’d see them created like so:

If we changed it to something else, say this:

It won’t have any impact on files that we’ve already created though. See here:

So then what’s going on with the file browser?

The umask is what I’d called a «soft» setting. It is by no means absolute and can be by-passed fairly easily in Unix in a number of ways. Many of the tools take switches which allow you to specify the permissions as part of their operation.

Take mkdir for example:

With the -m switch we can override umask . The touch command doesn’t have this facility so you have to get creative. See this U&L Q&A titled: Can files be created with permissions set on the command line? for just such methods.

Other ways? Just override umask . The file browser is most likely either doing this or just completely ignoring the umask and laying down the file using whatever permissions it’s configured to do as.

Источник

Setting default permissions for newly created files and sub-directories under a directory in Linux?

I have a bunch of long-running scripts and applications that are storing output results in a directory shared amongst a few users. I would like a way to make sure that every file and directory created under this shared directory automatically had u=rwxg=rwxo=r permissions.

I know that I could use umask 006 at the head off my various scripts, but I don’t like that approach as many users write their own scripts and may forget to set the umask themselves.

I really just want the filesystem to set newly created files and directories with a certain permission if it is in a certain folder. Is this at all possible?

Update: I think it can be done with POSIX ACLs, using the Default ACL functionality, but it’s all a bit over my head at the moment. If anybody can explain how to use Default ACLs it would probably answer this question nicely.

5 Answers 5

To get the right ownership, you can set the group setuid bit on the directory with

This will ensure that files created in the directory are owned by the group. You should then make sure everyone runs with umask 002 or 007 or something of that nature—this is why Debian and many other linux systems are configured with per-user groups by default.

I don’t know of a way to force the permissions you want if the user’s umask is too strong.

Here’s how to do it using default ACLs, at least under Linux.

First, you might need to enable ACL support on your filesystem. If you are using ext4 then it is already enabled. Other filesystems (e.g., ext3) need to be mounted with the acl option. In that case, add the option to your /etc/fstab . For example, if the directory is located on your root filesystem:

Then remount it:

Now, use the following command to set the default ACL:

All new files in /shared/directory should now get the desired permissions. Of course, it also depends on the application creating the file. For example, most files won’t be executable by anyone from the start (depending on the mode argument to the open(2) or creat(2) call), just like when using umask. Some utilities like cp , tar , and rsync will try to preserve the permissions of the source file(s) which will mask out your default ACL if the source file was not group-writable.

Источник

Create file in folder: permission denied

I have a problem copying files to a directory on Ubuntu 12.04. I create a directory in the home directory so that the path where I want to copy to is:

But when ini run the following command in the terminal to create a sample file as follows:

I can not copy files directly in that directory. How can I assign permissions with the chown & chmod commands to copy the files?

I do not know which user and group to use.

3 Answers 3

First of all you have to know that the default permission of directories in Ubuntu is 644 which means you can’t create a file in a directory you are not the owner.

you are trying as user:francisco-vergara to create a file in a directory /home/sixven/camp_sms/inputs which is owned by user:sixven .

So how to solve this:

You can either change the permission of the directory and enable others to create files inside.

This command will change the permission of the directory recursively and enable all other users to create/modify and delete files and directories inside.

You can change the owner ship of this directory and make user:francisco-vergara as the owner

But like this the user:sixven can’t write in this folder again and thus you may moving in a circular infinite loop.

So i advise you to use Option 1.

Or if this directory will be accessed by both users you can do the following trick:

change ownership of the directory to user:francisco-vergara and keep the group owner group:sixven .

Like that both users can still use the directory.

But as I said you before It’s easiest and more efficient to use option 1.

Источник