The best way to understand the Linux permissions, is with an example. If we run the command ls -l we get an output like this:
1 2 3 4 5 6 7 8 - rw-r----- 1 user users 8 ene 24 11:01 f.txt d rwxr-xr-x 2 root root 4096 ene 24 12:14 dir
which maps to
Numbers from 1 to 8 are not really in the output, but are here to clarify every field.
- First character specifies the type of the file. In the example above the hyphen (-) in the first character indicates that this is a normal file, and the d indicates that this other file is a directory. List with all file types
- Next 9 characters specifies the files permission. Each 3 characters refers to the read, write and execute permissions for user, group and others. In this example, rw-r----- indicates read-write permission for user, read permission for group, and no permission for others.
- Number of links, in this case is 1 for the file f.txt and 2 for the directory dir.
- Owner, in this example, user for the file, and root for the directory.
- Group, in this example, users for the file, and root for the directory.
- Size of the file.
- Last modified time.
- File name.
Difference in access permission between files and folders are:
|Read||File contents can be read||Directory listing can be obtained|
|Write||File contents can be changed||Directory content can be changed|
|Execute||File can be executed||Directory can be accessed|
Remember, give execute permission to a folder if you want to access it.
Instead of use the values r, w and x, you can use numeric values, where
It is possible combine this values, a table with all the possibilities:
|0||---||All types of access are denied|
|1||--x||Execute access is allowed|
|2||-w-||Write access is allowed|
|3||-wx||Write and execute access are allowed|
|4||r--||Read access is allowed|
|5||r-x||Read and execute access are allowed|
|6||rw-||Read and write access are allowed|
|7||rwx||Everything is allowed|
To change the permissions you can use the command chmod, which has this syntax:
Let's see some examples, to give read and write access to everyone, you can use this two equivalent commands:
To give read and write access to user and group, but no access to others, you can use this two equivalent commands:
If you want to change the access permissions of a folder recursively never use the -R option. Chmod doesn't differentiate between folders and files, and this is really important, because execution access has different meanings for files and folders. Instead use this:
To finish, if you want to change the file owner, you can use the command chown, with this syntax:
To change the owner recursively, use the option -R If you just want to change the group, use the command chgrp.