understanding linux file permissions

Understanding The Linux File Permissions

In this tutorial we are going to explain the Linux file permissions in different Linux distributions such as Ubuntu, CentOS, Debian, and AlmaLinux. The Linux file permissions are very important to understand and use properly, due to security reasons and user access rights. The user access rights are controlled by the permissions, attributes, and ownership. This defines who will be the authorized users and which directories and files will be accessed by them.

In this blog post we will explain the permissions on Ubuntu 20.04 OS. You can choose by yourself which OS to use. Let’s get started!

Prerequisites

  • Fresh install of Ubuntu 20.04
  • User privileges: root or non-root user with sudo privileges

Update the System

If you have a fresh installation of Ubuntu 20.04 it is recommended to update the system to the latest packages available.

sudo apt update -y && sudo apt upgrade -y

Understanding Permission Types

The three permission types of the files and folders are read, write, and execute. These permission types controls which user can read the file, write the file or execute the file.

  • Read: The read permission defines if the user can or cannot read the content of the file.
  • Write: The write permission defines if the user can or cannot modify the content of the file or folder.
  • Execute: The execute permission defines if the user can or cannot execute the file. The files with execute permissions are known as script files.

Understanding Permission Groups

The three permissions groups that have every Linux file or folder are owner, group and users. These three groups are asocciated to a file or folder.

  • Owner: The owner permissions are applied only to the owner of the file and folder, and are not related to the actions of the other users. The list of Linux users are stored in /etc/passwd file.
  • Group: The group permissions are applied only to the assigned group of the file and folder, and are not related to the actions of the users. The list of Linux groups are stored in /etc/group file.
  • Other: The other user’s permissions are applied to the other users of the file and folder.

Managing the Permissions

In this section we are going to explain with real examples the permission types and permission groups of a file or folder and the procedure of changing them. For example list the root directory on your server with the following command:

ls -al

You should get the following output:

root@vps:~# ls -al
total 56
drwx------  6 root root  4096 Mar  6 15:53 .
drwxr-xr-x 19 root root  4096 Feb  5 13:27 ..
-rw-------  1 root root    42 Mar  6 15:53 .bash_history
-rw-r--r--  1 root root  3106 Dec  5  2019 .bashrc
drwx------  3 root root  4096 May  4  2020 .cache
drwx------  4 root root  4096 May  4  2020 .config
drwx------  3 root root  4096 May  4  2020 .local
-rw-------  1 root root     0 May  6  2020 .mysql_history
-rw-r--r--  1 root root   161 Dec  5  2019 .profile
-rw-r--r--  1 root root    72 May  3  2020 .selected_editor
drwx------  2 root root  4096 Mar  6 15:27 .ssh

As you can see there is information about if it is a file or directory, about the types and permission groups. To fully understand this pay attention to the following output:

-rw-r--r-- 1 root root 3106 Mar  6  2022 filename
|[-][-][-]-  [---][---][---]
| |  |  | |    |    |    |-----------> 8. Size
| |  |  | |    |    +----------------> 7. Group
| |  |  | |    +---------------------> 6. Owner
| |  |  | +--------------------------> 5. Alternate Access Method
| |  |  +----------------------------> 4. Others Permissions
| |  +-------------------------------> 3. Group Permissions
| +----------------------------------> 2. Owner Permissions
+------------------------------------> 1. File Type

Each write, read, and execute permissions have the following number value:

r (read) = 4
w (write) = 2
x (execute) = 1
no permissions = 0

For example if the permission types of the file are -rw-r–r–, to get the number of this we are going to sum the values of the permissions for that group.

Owner: rw- = 4 + 2 + 0 = 6
Group: r-- = 4 + 0 + 0 = 4
Others: rw- = 4 + 0 + 0 = 4

To change the permission of this file, and set the permissions to 755 for example, execute the command below:

chmod 755 filename

After listing the file again you should receive the following output:

root@host:~# ls -al filename
-rwxr-xr-x 1 root root 3106 Mar  6  2022 filename

To check if the correct number is 755 we are going to check this as explained in the example above:

Owner: rwx = 4 + 2 + 1 = 7
Group: r-x = 4 + 0 + 1 = 5
Others: r-x = 4 + 0 + 1 = 5

At the momment the owner of the file is the root user, and the group is root as well. To change the owner and group execute the command below:

chown www-data:www-data filename

List the file again and pay attention on the output:

root@vps:~# ls -al filename
-rwxr-xr-x 1 www-data www-data 3106 Mar  6  2022 filename

You can see that the owner and the group are set to www-data. Of course, you can set different owner and group to the file as long as that user and group exist in your system.

That’s it. This blog post has explained the basics of Linux File Permission. Of course, if you find it difficult to manage the permissions of the files or folders on your Linux VPS server, you can always contact our epic technical support. They are available 24/7 and they will help you with your request.

If you liked this post about “Understanding the Linux File Permissions”, please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

2 thoughts on “Understanding The Linux File Permissions

  1. The little explanation naming item 7 as “group” is straight up wrong.

    What is described as “6” is, on the left the owner and on the right the group. They just happen to be the same in this case.

    What is described as “7” is actually the file size.

    In linux, everything is a file. Even directories. And they all have sizes.

Leave a Reply

Your email address will not be published. Required fields are marked *