Linux Filesystem Permissions

Introduction

Linux filesystem permissions are a fundamental part of the operating system's security model. They determine who can read, write, or execute files and directories.

Types of Permission

In Linux, permissions are divided into three categories:

• Owner: The user who owns the file or directory.
• Group: A set of users who share the same permissions.
• Others: All other users on the system.

Each category can have different permissions assigned to it.

Permission Types

• Read (r): Allows viewing the contents of a file or listing a directory.
• Write (w): Allows modifying the contents of a file or creating/deleting files in a directory.
• Execute (x): Allows running a file as a program or accessing a directory.

Permission Structure

Permissions are represented as a string of 10 characters. For example:

-rw-r--r--

• The first character indicates the file type (- for a file, d for a directory).
• The next nine characters are grouped into three sets of three, representing permissions for the owner, group, and others.

Understanding Permission Notation

Permissions can be represented in symbolic or numeric notation:

• Symbolic Notation: Uses letters (r, w, x) to represent permissions.
• Numeric Notation: Uses numbers (0-7) to represent permissions. For example, 7 represents rwx.

Numeric representation is calculated by adding the values of the permissions:

• r = 4
• w = 2
• x = 1

For example, rwx (read, write, execute) is represented as 4 + 2 + 1 = 7.

Setting Permissions

Permissions can be set using either symbolic or numeric notation. For example:

chmod u+x filename

This adds execute permission for the owner of the file.

Or using numeric notation:

chmod 755 filename

This sets the permissions to rwxr-xr-x.

Changing Permissions

Use the chmod command to change file permissions. For example:

chmod 755 filename

This sets the permissions to rwxr-xr-x.

Umask value

The umask command sets default permissions for newly created files and directories. The default value is usually 022, which means new files will have rw-r--r-- permissions.

To change the umask value, use the following command:

umask 027

This sets the default permissions to rwxr-x--- for new files.

To check the current umask value, use:

umask

Output:

0022

This indicates the current umask value.

Changing Ownership

Use the chown command to change the owner of a file or directory. For example:

chown user:group filename

This changes the owner to user and the group to group.

To change the owner recursively for a directory and its contents, use:

chown -R user:group directory

This changes the owner and group for all files and subdirectories within directory.

Changing Group Ownership

Use the chgrp command to change the group ownership of a file or directory. For example:

chgrp groupname filename

This changes the group ownership of filename to groupname.

To change the group ownership recursively for a directory and its contents, use:

chgrp -R groupname directory

This changes the group ownership for all files and subdirectories within directory.

Viewing Permissions

Use the ls -l command to view file permissions. For example:

ls -l

Output:

-rw-r--r-- 1 user group 1234 Oct 10 12:34 filename