This week I would like to discuss permissions in Linux. Permissions are an incredibly important aspect of using any operating system, but they can seem really complicated in a Linux command line environment. Today we are going to cut through the confusion and give you a quick and dirty guide on what you need to know to work with permissions in the Linux command line.
First, we will discuss the three types of permissions in Linux: Read, Write, and Execute.
The read permission allows an associated user to open and read a file or list the files in a directory.
The write permission allows an associated user to modify the contents of a file or add, remove, and rename files in a directory.
The execute permission allows an associated user to run a file or open and access any file in a directory. As you can see, this is a very powerful permission.
Next, we will discuss how a permission is applied to a file or directory.
There are three ways to associate permissions with a file or directory. You can associate them by Owner, Group, or Other.
If a permission is associated by the Owner property, these permissions will only apply to the user that created the file or now owns the file or directory.
If a permission is associated by the Group property, these permissions will only apply to users which belong to the group associated with the file or directory.
If a permission is associated by the Other property, these permissions will apply to any other user that has access to a designated file or folder and does not have explicit permissions set with the Owner or Group property. These are consider implicit.
In the terminal, we can view these permissions by typing…
$ ls -l
Which will return an output similar to…
d rwx r-x r-x 2 home home 80 Sep 6 08:30 Desktop
In the example above, the permissions are grouped into three triplets. Each triplet represents Owner, Group, and Other, in that respective order. Each triplet grouping is assigned permissions with the letter “r” representing “read,” the letter “w” representing “write,” the letter “x” representing “execute,” and a dash demonstrating a permission is not applied. The leading letter “d” represents “directory.” If there is a dash in that place or it is blank, this lets us know we are working with a file.
Lastly, we will discuss modifying permissions in the Linux command line.
We can modify these permissions with a simple command called “chmod.” This command stands for Change/Modify and it is how we will work with permissions on files and folders in the command line. The syntax is simple:
$chmod permissions filename.ext
There are two ways to assign permissions with this command, either absolutely or symbolically.
When assigning permissions in absolute mode, we type a three-digit number that represent the permissions we want to apply. For example, a dangerous permission to assign a file or folder is 777, which gives read, write, and execute permissions to Owner, Group, and Other. For a table of which number, 0-7, represents which permission, we have included a link in our show notes.
Assigning permissions in symbolic mode could be considered easier, as there is a little less to remember. Instead of using absolute numbers, we will use operators to add, subtract, or set permissions to a file or folder. The plus symbol adds a permission, the subtract symbol removes it, and the equal sign sets a permission explicitly. Permissions that can be assigned are “u” for User/Owner, “g” for Group, “o” for Other, and “a” for All.
An example for Symbolic usage would be…
$ chmod u+x filename.sh
This example uses chmod to modify the User/Owner and add the execute permission. This is far simpler than trying to remember the correct string of numbers to set those permissions explicitly and correctly.
With your new found knowledge you will be a Linux permissions guru before you know it! Remember to practice to keep these commands fresh in your head and be weary of the permissions assigned to the Other users group. More information can be found in the show notes with links and this article will be posted to our blog so you can follow along while you listen.