Understanding File Permissions in Linux (Unix)
In this tutorial we will introduce you to file permissions or access modes in Linux. Whenever we create a file in linux or create a directory in linux, a set of flags are associated to the file or directory which represents the permission or mode or mode of access for that particular file or directory. The permissions are set to protect the files and directories. These permissions or mode of access determines which user can perform what all actions on the file.
There are three different types of users:
The file owner, who created the file (Owner).
Then there is the defined user ownership group (Group)
And everyone else (Other)
And following are the actions allowed to the user or the type of access a user gets:
Reading the contents of the file ("Read").
Writing contents to the file ("Write").
Execute the file ("Execute").
These permissions are represented as r for read, w for write and x for execute. And for all the different type of users, these access are defined, and together it makes the file permissions.
How is Permission represented?
Well, when you use the
ls -l command to list down files and directories present inside a directory, you will see the information about the file like the user who created it, the size of the file, the time of creation and the file permissions, for example:
dr--r--r-- 2 nobody nobody 6 Jul 3 10:31 dir1
drwxrwxr-x 2 nobody nobody 6 Jul 3 16:56 dir2
drw-r--r-- 2 nobody nobody 6 Jul 3 16:56 dir3
drwx------ 2 nobody nobody 6 Jul 3 16:57 dir4
Here, the file permissions are represented as:
dr--r--r-- for dir1, where the first d represents that this is a directory(in case of a regular file it will be a - (dash) in the beginning) and the rest of it is the permissions. Here, r--r--r-- means that all the three classes of users, which is the owner, the user group and others all can just read the content of the directory.
In the permission representation we have 10 characters, first one is to represent whether its for a regular file or a directory, and the next 9 characters, 3 each for every user class, represents the permissions, where r stands for read, w stands for write, x stands for execute and a dash(-) in place of any permissions means that permission is not granted to the user class.
To verify this, create a directory by running the following command:
mkdir -m 444 dir1
And then try to create a new file inside this directory using the touch command:
And you will get the following output:
touch: cannot touch dir1/text.txt: Permission denied
Similarly, the permission rwxrwxr-x means that the owner of the directory has the permission rwx(read, write and execute), user group has permission rwx(read, write and execute) and others have the permission r-x(read and execute).
The dash (-) in the permission representation means, that particular permission is not granted to the user class.
|rwx||Means all the permissions - read, write and execute are granted to the user class.|
|r-x||Means the user can read and execute the file/directory but cannot write content to it.|
|r--||Means the user can only read the contents of the file/directory.|
Permission representation in Octal
When we created a new directory using the
mkdir command, we provided the permission as 444, then how did this number got converted into permissions?
Well just like we have -r--r--r-- representation, in binary form we can represent it as 100100100, which in octal number is 444, here 1 represent that the permission is granted and 0 means that the permission is not granted.
Similarly, permission 755 means 111101101, which is 111 for file owner, which means the file owner has all the permissions(read, write and execute), the user group has permission 101 which is just read and execute and others also have permission 101 which means read and execute.
Similarly, we can represent the permissions in octal numbers too. Infact, when we have to change the permission of any file of any directory we use the chmod command which takes input in form of octal numbers to change the permission of the file or directory in Linux.
So this is all about permissions in Linux or any other Unix based operating system. It is a bit tricky, but once you understand it and start seeing the pattern you will know which file has what permission just by looking at the permission representation.