Understanding Linux File permissions

howtouselinux
3 min readDec 6, 2022

When working with servers most of the time you will work with linux servers (Ubuntu, Debian, etc.).

In order to change, view or create files you need the right permissions. To get a basic understanding of what that means, I will tell you how to view, read and interpret these file permissions.

Viewing Permissions

An easy way to view permissions for files inside a folder you can use the ls command with the o or l flag like so:

ls -o
#or
ls -l

Move to a directory that has files in it and type the above command into your terminal. It will generate multiple lines of output that look similar to this:

# permissions   hard links  user    group of user   file size    change date     file/folder name
drwxrwxr-x 9 toscani toscani 288 11 Nov 09:07 public

The important part are the first ten letters drwxrwxr-x. They describe the permissions. These characters are broken down into four groups.

  1. The first letter, in this case d
  2. Letters two to four rwx
  3. Letters five to seven rwx
  4. and finally eight to ten r-x

Group one states if the entry describes a file -, a directory d or a link l. The other three groups describe the permissions each type of user has. On Linux we distinguish between the user, the group and others - in this order. Hence drwxrwxr-x means:

  1. It is a directory which can be
  2. read, written and executed by the user
  3. read, written and executed by the group the user is in
  4. read and executed by the others

You are maybe wondering what “executing a directory” means. It basically lets the you open that directory. “Reading a directory” on the other hand means “to be able to see” the directory, e.g. being able to list it with the ls command.

reference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/assembly_managing-file-permissions_configuring-basic-system-settings

Changing permissions

Now that you know how to view file permissions, I will tell you how to change them. For this we use the chmod (change mode) command. There are two different methods for this. The symbolic method and the absolute method.

If you have ever seen the chmod command in a tutorial before the symbolic method is the one with the letters, the absolute method is the one with the numbers ;).

Symbolic method

The symbolic method combines an access class with an operator and an access type to set permissions. A common example is to make a file executable for everybody:

chmod a+x my_file.sh
# or, as `a` is the default
chmod +x my_file.sh

Access classOperatorAccess Typeu, user+, to add accessr, readg, group-, remove accessw, writeo, other=, set exact accessx, executea, all

These parameters can be combined in many different ways. Although I can´t tell you what the right configuration for a specific use case is, the following examples might help you to find that out yourself.

u always means the current user and g always refers to the group the current user is in.

# remove read and write permissions for all except you
chmod go-rw my_file.sh
# set access to only read for everybody
chmod a=r myfile.sh
# remove write access from and add execution rights for the group
chmod g-w+x myfile.sh
# grant read permission for a directory and all files in it to all
# -R is used as a flag, not as a parameter to describe the permissions
chmod -R +r mydir

Absolute method

In contrast to the symbolic method, the absolute method sets all permissions at once by using a three digit number. Each of the digits is the sum of it´s individual permissions. Let´s use the following example:

chmod 774 myfile.sh
| Permission  | Number  |
|--- |--- |
| 4 | read |
| 2 | write |
| 1 | execute |
| 0 | no permissions |

Combinations

PermissionNumber 7read, write and execute (4 + 2 + 1) 6 read and write (4 + 2) 5read and execute (4 + 1)3execute and write (1 + 2)

The first number represents the user, the second the group and the last represents others. Hence, the example above sets the following permissions:

  • read, write and execute for the user
  • read, write and execute for the group
  • read for others

Now you know how to read and change file and directory permissions on linux. If you need further information just consult the man page by typing man chmod into the command line.

If you have questions or feedback, please leave a comment :).

--

--

howtouselinux

www.Howtouselinux.com is a website that publishes Linux server tutorials. We will cover the Linux command line in detail.