file permissions - Obsidian Publish

# Comprehensive Guide to File Permissions in Linux File permissions in Linux are an essential part of system security and management. They determine who can read, write, or execute a file or directory. Understanding and managing file permissions is crucial for maintaining a secure and efficient system. This guide covers the basics of file permissions, tools for viewing and managing them, and practical examples to help you master this critical aspect of Linux administration. ## Overview of File Permissions In Linux, each file and directory has associated permissions that define who can read, write, or execute them. These permissions are divided into three categories: 1. **User (Owner)**: The user who owns the file. 2. **Group**: The group that owns the file. 3. **Others**: Everyone else. Each of these categories can have three types of permissions: - **Read (r)**: Permission to read the file or list the directory contents. - **Write (w)**: Permission to modify the file or directory. - **Execute (x)**: Permission to execute the file or access the directory. ### Permission Representation Permissions are represented in two ways: 1. **Symbolic Representation**: Uses letters to represent permissions. - Example: `rwxr-xr--` - `rwx`: User (owner) permissions (read, write, execute). - `r-x`: Group permissions (read, execute). - `r--`: Others permissions (read). 2. **Octal Representation**: Uses numbers to represent permissions. - Example: `755` - `7` (User): Read (4) + Write (2) + Execute (1) = 7. - `5` (Group): Read (4) + Execute (1) = 5. - `5` (Others): Read (4) + Execute (1) = 5. ## Viewing File Permissions To view file permissions in Linux, use the `ls -l` command: ```bash ls -l filename ``` Example output: ``` -rwxr-xr-- 1 user group 4096 May 25 12:34 filename ``` - `-rwxr-xr--`: File permissions. - `1`: Number of hard links. - `user`: File owner. - `group`: File group. - `4096`: File size in bytes. - `May 25 12:34`: Last modification date and time. - `filename`: File name. ## Managing File Permissions ### Changing Permissions with `chmod` The `chmod` (change mode) command is used to modify file and directory permissions. #### Symbolic Mode Use letters to specify changes: - `+`: Adds a permission. - `-`: Removes a permission. - `=`: Sets exact permissions. Example: ```bash chmod u+rwx,g+rx,o+r filename ``` - `u+rwx`: Adds read, write, and execute permissions for the user. - `g+rx`: Adds read and execute permissions for the group. - `o+r`: Adds read permission for others. #### Octal Mode Use numbers to specify permissions: Example: ```bash chmod 755 filename ``` ### Changing Ownership with `chown` The `chown` (change owner) command is used to change the owner and group of a file or directory. Example: ```bash sudo chown user:group filename ``` - `user`: New owner. - `group`: New group. ### Changing Group with `chgrp` The `chgrp` (change group) command is used to change the group ownership of a file or directory. Example: ```bash sudo chgrp group filename ``` - `group`: New group. ## Practical Examples ### Example 1: Securing a Script Suppose you have a script `script.sh` that only you should execute: ```bash ls -l script.sh ``` Output: ``` -rw-r--r-- 1 user group 4096 May 25 12:34 script.sh ``` Change permissions to make it executable only by you: ```bash chmod 700 script.sh ``` Check the updated permissions: ```bash ls -l script.sh ``` Output: ``` -rwx------ 1 user group 4096 May 25 12:34 script.sh ``` ### Example 2: Shared Directory Suppose you have a directory `shared` that everyone in your group should read and write to, but others should only read: ```bash ls -ld shared ``` Output: ``` drwxr-xr-x 1 user group 4096 May 25 12:34 shared ``` Change permissions to allow group write access: ```bash chmod 775 shared ``` Check the updated permissions: ```bash ls -ld shared ``` Output: ``` drwxrwxr-x 1 user group 4096 May 25 12:34 shared ``` ### Example 3: Changing File Ownership Suppose you want to change the ownership of `file.txt` to user `alice` and group `developers`: ```bash sudo chown alice:developers file.txt ``` Check the updated ownership: ```bash ls -l file.txt ``` Output: ``` -rw-r--r-- 1 alice developers 4096 May 25 12:34 file.txt ``` ## Cheat Sheet - **View Permissions**: `ls -l filename` - **Change Permissions (Symbolic)**: `chmod u+rwx,g+rx,o+r filename` - **Change Permissions (Octal)**: `chmod 755 filename` - **Change Ownership**: `sudo chown user:group filename` - **Change Group**: `sudo chgrp group filename` ## Exercise 1. **View Permissions**: Check the permissions of a file named `example.txt`. 2. **Change Permissions**: Set the permissions of `example.txt` to `rw-r--r--`. 3. **Add Execute Permission**: Add execute permission for the user to `example.txt`. 4. **Change Ownership**: Change the ownership of `example.txt` to user `bob` and group `staff`. ### Solutions 1. **View Permissions** ```bash ls -l example.txt ``` 2. **Change Permissions** ```bash chmod 644 example.txt ``` 3. **Add Execute Permission** ```bash chmod u+x example.txt ``` 4. **Change Ownership** ```bash sudo chown bob:staff example.txt ``` This guide provides a comprehensive understanding of file permissions in Linux, including how to view and manage them. Mastering these concepts is essential for maintaining a secure and organized system environment.