Linux, as a powerful and secure operating system, relies on a robust system of file and directory permissions to control access to resources. Knowing how to manage these permissions is crucial for system administrators and users.

Permission Basics

Linux file and directory permissions are primarily governed by three permission levels:

  1. Read (r): Allows a user to view the contents of a file or list the contents of a directory.
  2. Write (w): Permits a user to modify a file’s content or create, delete, and rename files in a directory.
  3. Execute (x): Grants permission to execute a file or traverse a directory.

These permissions apply to three categories of users:

  1. Owner (u): The user who owns the file or directory.
  2. Group (g): The user group associated with the file or directory.
  3. Others (o): All other users on the system.

Permission Notation

In Linux, permissions are often represented using a notation that combines these levels and categories. This notation appears as a series of characters, such as rwxr--r--. Here’s what each character represents:

  • The first character indicates the type of the resource (file or directory).
  • The following three characters represent the owner’s permissions.
  • The next three characters are for the group’s permissions.
  • The last three characters pertain to permissions for others.

Examples

Let’s examine some practical examples to see how permissions work in Linux:

1. Checking Permissions

To check the permissions of a file or directory, you can use the ls -l command. This command displays detailed information, including permissions. For example:

1
2

$ ls -l my_file.txt
-rw-r--r-- 1 user user 36 Oct 1 12:34 my_file.txt

In this example, my_file.txt is a file with -rw-r--r-- permissions.

2. Changing Permissions

You can change permissions using the chmod command. To grant read and write permissions to the owner of my_file.txt, use:

1

$ chmod u+rw my_file.txt

To add execute permission for the owner:

1

$ chmod u+x my_script.sh

3. Changing Permissions Using Numeric Mode

You can also set permissions numerically. For example, to give the owner read, write, and execute permissions:

1

$ chmod 700 my_script.sh

In this case, 7 signifies read (4) + write (2) + execute (1), and 0 means no permissions for the group and others.

4. Changing Group Ownership

To change the group ownership of a file or directory, use the chown command. For instance:

1

$ chown :staff my_directory

This changes the group of my_directory to staff.

5. Changing File Ownership

To change the owner of a file or directory, use the chown command with the owner and group specified. For example:

1

$ chown new_owner:new_group my_file.txt

This sets the owner to new_owner and the group to new_group.

6. Directory Permissions

Directories have unique permissions. To grant full access to the owner, group, and others on a directory:

1

$ chmod 777 my_directory

Be cautious with this approach, as it can be a security risk.

Excercises

These exercises will help reinforce your understanding of permissions and provide hands-on experience:

Exercise 1: Check Permissions

  • Use the ls -l command to display the permissions of a files present in home directory

Exercise 2: Change Permissions

  • Create confidential.doc in your home directory and Change the permissions of a file to allow read access to the owner, read access to the group, and no access to others.

Exercise 3: Add Execute Permission

  • Create a shell script file names my_script.sh and then execute permission to a script file for the owner, allowing the owner to execute the script.

Exercise 4: Restrict Permissions

  • Create private_folder and then restrict permissions on a directory so that only the owner can read and write to it.

Exercise 5: Numeric Permissions

-Create data.csv file in home directory abd set the permissions of a file to 644 using numeric mode.

Exercise 6: Change Group Ownership

  • Create project_files in home directory and change the group ownership of a directory “project_files” to a group called “engineering.”

Exercise 7: Change Owner and Group

  • Change the owner of a file named “shared_file.txt” to “new_owner” and the group to “new_group.”

Exercise 8: Directory Permissions

  • Create a directory named “public” and set its permissions to 755 to allow read, write, and execute access to the owner and read and execute access to others.

Exercise 9: Group Write Access

  • Add write access to the group for a file named “team_notes.txt.”

Exercise 10: Remove All Permissions

  • Remove all permissions from a directory named “restricted” so that neither the owner, group, nor others have any access.