Linux System Administration

0 of 77 lessons complete (0%)

Overview of Permissions & Process Management

Overview of Permissions in Linux

You don’t have access to this lesson

Please register or sign in to access the course content.

Linux Permissions Overview

Linux File & Directory Permissions

Understanding Who Can Do What

Introduction to Permissions

In Linux, security and control over files and directories are managed through a robust permission system. Every file and directory has specific permissions that dictate who can read, write, or execute it. Understanding these permissions is fundamental for system security and proper operation.

This guide will provide an overview of Linux permissions, how they are structured, and how to view and change them.

Overview of Permissions

Permissions dictate who can read, write, or execute a file or directory. Processes run as specific users, and their ability to interact with files depends on these permissions.

File Permissions (rwx)

Linux permissions are represented by three characters:

  • `r` (read): Permission to view the contents of a file or list the contents of a directory.
  • `w` (write): Permission to modify or delete a file, or create/delete files within a directory.
  • `x` (execute): Permission to run a file (if it’s a program/script) or enter a directory.

These permissions are assigned to three categories of users:

  • **Owner**: The user who owns the file/directory.
  • **Group**: Users belonging to the group associated with the file/directory.
  • **Others**: All other users on the system.

Viewing Permissions (`ls -l`)

Use the `ls -l` command to see detailed information about files and directories, including their permissions.

ls -l /home/youruser/
# Example Output:
# drwxr-xr-x 2 youruser youruser 4096 Jul 28 10:00 Desktop
# -rw-r--r-- 1 youruser youruser 1024 Jul 28 10:05 myfile.txt
# -rwxr-xr-x 1 youruser youruser  128 Jul 28 10:10 myscript.sh

**Explanation of the permission string (e.g., `drwxr-xr-x`):**

  • **First character (`d` or `-`)**: Indicates file type (`d` for directory, `-` for regular file).
  • **Next 3 characters (`rwx`)**: Permissions for the **owner**.
  • **Next 3 characters (`r-x`)**: Permissions for the **group**.
  • **Last 3 characters (`r-x`)**: Permissions for **others**.
In the example `drwxr-xr-x`: * `d`: It’s a directory. * `rwx`: Owner has read, write, execute permissions. * `r-x`: Group has read, execute permissions (no write). * `r-x`: Others have read, execute permissions (no write).

Changing Permissions (`chmod`)

The `chmod` command is used to change file and directory permissions. There are two main ways to specify permissions: Symbolic and Numeric (Octal) notation.

Symbolic Notation:

In symbolic notation, you use letters (`u` for user/owner, `g` for group, `o` for others, `a` for all) along with `+` (add), `-` (remove), or `=` (set exactly) and the permission letters (`r`, `w`, `x`).

# Example: Add write permission for the owner of file.txt
chmod u+w file.txt

# Example: Remove execute permission for group and others from myscript.sh
chmod go-x myscript.sh

# Example: Set read and write for owner, read-only for group and others on myfile.txt
chmod u=rw,go=r myfile.txt

Numeric (Octal) Notation:

In numeric notation, each permission type is assigned a value:

  • Read (`r`) = 4
  • Write (`w`) = 2
  • Execute (`x`) = 1
You sum these values for each category (owner, group, others) to get a three-digit octal number.

# Example: Owner (rwx = 4+2+1=7), Group (r-x = 4+0+1=5), Others (r-x = 4+0+1=5)
chmod 755 myscript.sh
# This sets permissions to rwxr-xr-x (owner has full, group/others have read and execute).

# Example: Owner (rw- = 4+2+0=6), Group (r-- = 4+0+0=4), Others (r-- = 4+0+0=4)
chmod 644 myfile.txt
# This sets permissions to rw-r--r-- (owner has read/write, group/others have read-only).

Special Permissions

  • **Setuid (`s`)**: When set on an executable file, it allows the file to be run with the permissions of the file’s owner, rather than the user who is executing it. This is often used for programs that need elevated privileges temporarily, like `passwd`.
  • **Setgid (`g`)**: Similar to Setuid, but for groups. When set on an executable file, it runs with the permissions of the file’s group. When set on a directory, new files/directories created within it will inherit the group of the parent directory, not the primary group of the user creating them.
  • **Sticky Bit (`t`)**: Applied to directories, it ensures that only the owner of a file within that directory (or the root user) can delete or rename it, even if others have write permissions to the directory. This is commonly seen on shared directories like `/tmp`.

Special permissions are represented by `s` or `t` in the `ls -l` output where `x` would normally be. If `x` is also present, it’s `s` or `t` (lowercase). If `x` is not present, it’s `S` or `T` (uppercase).

Changing Permissions and Ownership Commands

  • `chmod`: Command used to change file permissions (both symbolic and numeric notation).
  • `chown`: Command used to change the owner of a file or directory.
    sudo chown newuser myfile.txt
    sudo chown newuser:newgroup mydirectory/
  • `chgrp`: Command used to change the group associated with a file or directory.
    sudo chgrp newgroup myfile.txt

Conclusion

Understanding Linux file and directory permissions is a critical skill for managing any Unix-like system. It empowers you to control access, enhance security, and ensure that your applications and scripts run with the appropriate privileges.

Practice viewing and interpreting permissions in your virtual environment!

© 2025 Linux Permissions Guide. All rights reserved.