Linux

Master linux file and directory permissions

If there is one aspect that stands out about Linux compared to other systems, such as Windows, it is security. And we are not only talking about vulnerabilities and privacy, but also about the way in which it manages the personal files of its users. Each file and each folder has defined permissions, without which no one will be able to access the file in question. And, if we are learning to use Linux, permissions is one of the aspects that we must know and learn.

The file system that Linux uses is much more advanced, and at the same time simple, than that used by other systems, such as Windows. This is based on specifying whether the owner, user group, or anyone can read, write, or execute the file. Without a doubt, it is a very effective way to keep each user of the system under control, preventing them from accessing the data of others without permission.

It is true that this permission system can seem somewhat complicated. But, below, we explain what it is based on and how we can change these permissions to our liking.

What the “numbers” or “letters” mean in Linux permissions

Permissions in Linux can be reflected with both letters and numbers . Both ways are correct and just as functional. However, the most intuitive are the letters, since they allow us to better understand what permission it is. Numbers are more used by advanced users, being faster to specify.

Each file or folder that we find when listing the contents of a directory will be indicated with a symbol:

  • – indicates that it is a file.
  • d indicates that it is a directory.
  • l indicates that it is a link (shortcut, for example).

And each file or directory has three different permission levels : one for the owner, one for users in the same group as the owner, and one for other users. In turn, each of these levels can have 3 different values ​​depending on the degree of privileges that we specify in the system. These values ​​can be specified by the following letters:

  • r – read permission (allows to open, copy, etc).
  • w – write permission (allows to modify it, delete it, etc).
  • x – execute permission (if it is binary, it allows to execute it).

In this way, we have to choose the permissions (rwx) for each user level (owner, group and others).

For example, suppose we have a file called “softzone” on our Linux hard drive. We are going to configure that the owner has full control over it (rwx), the members of the group read only (r–) and the other users have no permission (-). In that case, the permissions would be the following:

Kind Owner Group Others
rwx r–

How Linux Permissions Work Using Numbers

If we don’t like the letters, we can also use the numeric code to change the Linux permissions . This code is nothing more than the value of the binary code according to the permissions that are used or not. Suppose that each of the permissions occupies a position in binary. In this case, rwx would be equivalent to 111 binary, which in decimal would be 7. r– would be 100 in binary, or what is the same, 4 in decimal. And – would be 000 in binary, 0 in decimal.

Following these guidelines, the permissions in the previous case example would be 740. The first digit corresponds to the owner of the file, the second to the group, and the third to everyone else. The permit numbers that we can find will be the following:

  • 0 = –
  • 1 = –x
  • 2 = -w-
  • 3 = -wx
  • 4 = r-
  • 5 = rx
  • 6 = rw-
  • 7 = rwx

Some examples of this would be:

  Owner Group Others Outcome
Letter code rwx r– rwxr —–
Numeric code 7 4 0 740
Letter code r– r ——–
Numeric code 4 0 0 400
Letter code rx rw- –x r-xrw — x
Numeric code 5 6 1 561

Both systems are just as effective, and each has its advantages and disadvantages. While the letters allow us to have a clearer view of the permission level, the numbers are much simpler, although you have to think a little more.

How to change permissions in Linux

To change permissions in Linux you need to use the “chmod” command . This command must be accompanied by the new level of privileges that we want to give to the new file or directory, as well as a “+” if what we are going to do is give it that new permission, or a “-” if what we are going to do is remove permissions. We can also change the permissions of the “group” and “other users” by adding the parameters “g” and “o” respectively. The owner would be indicated without this parameter, or with a “u”. And if we want to change the permissions to all at once, we can use the parameter “a”.

Starting from a “softzone” file, these are some examples to change the permissions using the letter code:

  • chmod + rwx softzone -> add read, write and execute permission to the owner.
  • chmod g + rwx softzone -> adds read, write and execute permission to the group of the owner user.
  • chmod o + rwx softzone -> add read, write and execute permission to other users.
  • chmod -x softzone -> removes the execute permission from the owner.
  • chmod g-wx softzone -> removes write and execute permissions from the owner user group.
  • chmod o-rwx softzone -> removes all permissions from other users.
  • chmod a + r -> add read permission to owner, group and other users.

We can also use the numeric code to change the permission level of any file as follows:

  • chmod 777 softzone -> rwx permission for owner, group and other users.
  • chmod 700 softzone -> rwx permission for owner, and group and users without permission.
  • chmod 327 softzone – write and execute permission for owner, write for group and rwx for other users.

To change the privileges to a directory, the commands are the same, with the difference that instead of the file name we will have to specify the directory in question.

Change the owner or group of a file or directory

In addition to changing the permissions of the files or directories, if we have problems we can also change the owner or the group to which any of them belongs.

For example, we can change the group of a file (or directory) using the command “chgrp groupname file” (changing “groupname” by the name of the group we want to add, and “file” by the name of the file or directory that corresponds ).

We can also change who owns any file. To do this, we will use the “chown” command followed by the name of the new owner of the file, and the name of the file or directory on which to make the change.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button