Linux permission to change permissions

Linux File Permission Tutorial: How to Check and Change Permissions

Home » SysAdmin » Linux File Permission Tutorial: How to Check and Change Permissions

Linux, like other Unix-like operating systems, allows multiple users to work on the same server simultaneously without disrupting each other.

Individuals sharing access to files pose a risk exposing classified information or even data loss if other users access their files or directories. To address this, Unix added the file permission feature to specify how much power each user has over a given file or directory.

In this tutorial, you will learn how to view and change file permissions in Linux.

How to View Check Permissions in Linux

To start with file permissions, you have to find the current Linux permission settings. There are two options to choose from, depending on your personal preference: checking through the graphical interface or using the command.

Check Permissions using GUI

Finding the file (directory) permission via the graphical user interface is simple.

1. Locate the file you want to examine, right-click on the icon, and select Properties.

2. This opens a new window initially showing Basic information about the file.
Navigate to the second tab in the window, labeled Permissions.

3. There, you’ll see that the permission for each file differs according to three categories:

• Owner (the user who created the file/directory)
• Group (to which the owner belongs to)
• Others (all other users)

For each file, the owner can grant or restrict access to users according to the categories they fall in.

In our example, the owner of the file test.txt has access to “Read and write”, while other members of its group, as well as all other users, have “Read-only” access. Therefore, they can only open the file, but cannot make any modifications.

To alter the file configuration, the user can open the drop-down menu for each category and select the desired permission.

Additionally, you can make the file executable, allowing it to run as a program, by checking the Execute box.

Check Permissions in Command-Line with Ls Command

If you prefer using the command line, you can easily find a file’s permission settings with the ls command, used to list information about files/directories. You can also add the –l option to the command to see the information in the long list format.
To check the permission configuration of a file, use the command:

For instance, the command for the previously mentioned file would be:

As seen in the image above, the output provides the following information:

• file permission
• the owner (creator) of the file
• the group to which that owner belongs to
• the date of creation.

It shows the permission settings, grouped in a string of characters (-, r, w, x) classified into four sections:

1. File type. There are three possibilities for the type. It can either be a regular file (–), a directory (d) or a link (i).
2. File permission of the user (owner)
3. File permission of the owner’s group
4. File permission of other users

The characters r, w, and x stand for read, write, and execute.
The categories can have all three privileges, just specific ones, or none at all (represented by –, for denied).

Users that have reading permission can see the content of a file (or files in a directory). However, they cannot modify it (nor add/remove files in a directory). On the other hand, those who have writing privileges can edit (add and remove) files. Finally, being able to execute means the user can run the file. This option is mainly used for running scripts.

In the previous example, the output showed that test.txt is a regular file with read and write permission assigned to the owner, but gives read-only access to the group and others.

Using Chmod Command to Change File Permissions

As all Linux users, you will at some point need to modify the permission settings of a file/directory. The command that executes such tasks is the chmod command.

The basic syntax is:

There are two ways to define permission:

1. using symbols (alphanumerical characters)
2. using the octal notation method

Define File Permission with Symbolic Mode

To specify permission settings using alphanumerical characters, you’ll need to define accessibility for the user/owner (u), group (g), and others (o).

Type the initial letter for each class, followed by the equal sign (=) and the first letter of the read (r), write (w) and/or execute (x) privileges.

To set a file, so it is public for reading, writing, and executing, the command is:

To set permission as in the previously mentioned test.txt to be:
• read and write for the user
• read for the members of the group
• read for other users

Use the following command:

Note: There is no space between the categories; we only use commas to separate them.

Another way to specify permission is by using the octal/numeric format. This option is faster, as it requires less typing, although it is not as straightforward as the previous method.

Instead of letters, the octal format represents privileges with numbers:

• r(ead) has the value of 4
• w(rite) has the value of 2
• (e)x(ecute) has the value of 1
• no permission has the value of 0

The privileges are summed up and depicted by one number. Therefore, the possibilities are:

• 7 – for read, write, and execute permission
• 6 – for read and write privileges
• 5 – for read and execute privileges
• 4 – for read privileges

As you have to define permission for each category (user, group, owner), the command will include three (3) numbers (each representing the summation of privileges).

For instance, let’s look at the test.txt file that we symbolically configured with the chmod u=rw,g=r,o=r test.txt command.

The same permission settings can be defined using the octal format with the command:

Define File Permission in Octal/Numeric Mode

Note: If you need a more in-depth guide on how to use Chmod In Linux to change file permissions recursively, read our Chmod Recursive guide.

Changing User File and Group Ownership

Aside from changing file permissions, you may come across a situation that requires changing the user file ownership or even group ownership.

Performing either of these tasks requires you first need to switch to superuser privileges. Use one of the options outlined in the previous passage.

To change the file ownership use the chown command:

Instead of [user_name] type in the name of the user who will be the new owner of the file.

To change the group ownership type in the following command:

Instead of [group_name] type in the name of the group that will be the new owner of the file.

Learning how to check and change permissions of Linux files and directories are basic commands all users should master. To change file’s group permissions, you might find helpful our article on how to use the chgrp command.

No matter whether you prefer using the GUI or command-line, this article should help you better understand how to use file permissions.

Источник

How to Change Permissions in Linux

On Linux and Unix, the security starts with file permissions. On a very basic level, file and directory permissions play a vital role in the security of a system. When you create a file or directory on Linux systems, it comes with default permissions.

The file permissions are applied on three levels: the owner , group members and others . The chmod command is used in Linux to change these permissions.

In this tutorial, we will discuss how to change file permissions in Linux using chmod command.

1) Change permissions using Numeric (octal) method

Permissions (access modes) can be changed with the chmod command by using some operators (-, + or =) to assign permissions (r, w or x) to a specific user (u, g, o or a). The command accepts either numerical (octal) or symbolic access mode specifications.

Numerical method is the most commonly used way of setting permissions for files and directories. To do this, enter chmod numeric_permission filename .

Each permission is represented by a number and the permission for a specific entity is finally represented by a set of three columns.

In the above diagram,

The ‘User’ is given (4 2 1 ) permission where user has read, write and execute.

The ‘Group’ is given (4 2 0) permission where group members can read and write.

The ‘Other (world)’ is given (4 0 0) permission where others can only read.

In the numeric method, all the permissions are changed at once.

755 : set read+write+execute permission to the user , set read+execute permission to the group and set read+execute permission to the others .

476 : set only read permission to the user , set read+write+execute permission to the group and set read+write permission to the others .

500 : set read+execute permission to the user , set no permissions to the group and set no permissions to the others .

When using the numeric method, you should always specify three values (owner, group, and others).

2) Change permissions using symbolic mode

Numerical access mode is more preferred by most Linux users. However, some people prefer to use symbolic forms because they usually modify an existing mode instead of completely replacing it.

Symbolic mode is used as chmod entity=permissions filename . Symbolic mode specifications have three parts, made up of individual characters and uses a letter to identify the part:

• Entity : User owner = u, group owner = g, other = o, and all = a
• Operation : + to add, — to remove, or = to assign (remove the other existing permissions)
• Permissions to set : r = read, w = write, and x = execute

Some examples to make you understand.

chmod +x : Add execute permission for all the entity user, group and other. It is used to make a script or a program executable in order to run it

Now you can run your script as below

u+x : Add execute permission for the user only

go-w : Remove write permission from group and other classes only.

a=rw : Set read and write, but not execute, permissions for everyone.

g-x,o-rx : Remove execute permission for the group and remove read+execute permission for the other .

Note: Don’t use space after the comma (,)

Let’s verify permission using ls command:

When you using the symbolic method it is possible to do combinations to manipulate some entities at the same time.

Keep in mind, when using the symbolic mode, the permissions that you are not specifying stay as they were before executing the chmod command

3) Change permissions recursively

When you use chmod command on a directory without any option, it doesn’t affect the permissions on its subdirectories. It means that the permissions are only applied on the directory itself.

To change permissions of a directory with its subdirectories (recursively), we can use -R option.

For example, look our ‘asciiquarium_1.1’ directory on which we applied 500 permissions.

When we list the permission for file and directories inside ‘asciiquarium_1.1’ directory, we can it’s not set to ‘500’.

Now let’s use chmod -R command with the same permissions on ‘asciiquarium_1.1’ directory using the following command:

Now let’s verify files and directories permission as follows:

You can see that permissions have set on files and subdirectories.

4) Special bit permissions

Most of the tasks you will complete with permissions will be with the read, write, and execute permissions. However, there are several other special permissions that you can assign to files and directories in your file system. These special permissions are referenced as an extra digit added to the beginning of the file or directory’s mode.

The following special bits are available for Linux file system use:

• SUID: the Set User ID permission allows users to run a program as if they were the user owner of the program; in most cases the user owner is the root user. The numeric value of this permission set is 4XXX (where “XXX” is replaced by the numeric values for the set of three mentioned previously).
• SGID: When set on a directory, the Set Group ID permission automatically gives group ownership of all new files created in the directory to the group owner of the directory (numeric = 2XXX). When set on a file, the SGID allows users to run a program as if they were the group owner of the file.
• Sticky bit: this permission set is used to keep “nonowners” from deleting files in a common directory (numeric = 1XXX). In a sticky bit directory, only the owner of the file or the owner of the directory can delete the file (root always can delete files as well).

To understand let me give you one example:

We will apply SUID permission on a file using the following command:

Conclusion

When changing permissions you can always use either the numeric method or the symbolic method. Numeric permissions are the most often used, and they appear every time. As a rule, I recommend using the numeric mode to set or force permissions on an object, as opposed to making small changes to permissions. You should have root or sudo user access to change permissions for files and directories owned by others otherwise its only possible to change permissions of files and directories you own.

Источник