Linux File Permissions Summary

Source: Internet
Author: User

One of the most basic tasks in Linux is to set file permissions. Understanding how they are implemented is your first step into the Linux world. As you expected, this basic operation is similar in UNIX-like operating systems. In fact, the Linux file permissions system is directly taken from UNIX file permissions (www.itxdl.cn).

But don't assume that understanding file permissions takes a long time to learn. In fact it will be very simple, let's take a look at what you need to know and how to use them.

Basic concepts

The first thing you need to understand is what file permissions can be used for. What happens when you set permissions for a group? Let's start with it, the concept is really much simpler. So what exactly is authority? What is a grouping?

You can set the 3 kinds of permissions:

Read-Allows the group to read the file (denoted by R)

Write-allows the group to write files (denoted by W)

Execute-Allows the group to execute (run) files (denoted by x)

To better explain how this applies to a grouping, for example, you allow a group to read and write a file, but not execute it. Alternatively, you can allow a group to read and execute a file, but cannot write. You can even allow a group to have read, write, execute all permissions, or remove all permissions to remove permissions from that group.

Now, what is a grouping, with the following 4:

User-the actual owner of the file

group-user group to which the user resides

others-other users outside the user group

all-All Users

In most cases, you will only be working on the first 3 groups, all of which are just shortcuts (I'll explain later).

So far, so simple, right? Next we'll go deep into the first layer.

If you open a terminal and run the command ls-l, you will see a list of all the files and folders listed in the current working directory row by line

You'll notice that the leftmost column is like a-rw-rw-r–.

In fact, this list should look like this:

rw-rw-r–

As you can see, the list is divided into the following 3 parts:

rw-

rw-

R –

The order of permissions and groups is important, and the order is always:

Belongs to group other people-group

Read-Write execution-permissions

In the permissions list for the example above, the owning person has read/write permissions, the owning group has read/write permissions, and the other user has Read permission only. These groupings give execute permission, which is represented by an X.

Equivalent value

Next we make it more complicated, and each permission can be represented by a number. These numbers are:

Read-4

Write-2

Execution-1

Numeric substitution is not a replacement for one, you cannot do something like this:

-42-42-4–

You should add the value of each grouping to the user read and write permissions, you should use 4 + 2 to get 6. Give the user group the same permissions and use the same values. If you only want to read permissions to other users, set it to 4. The values are now represented as:

664

If you want to give a file 664 permissions, you can use the chmod command, such as:

chmod 664 FILENAME

FileName is the file name.

Change permissions

Now that you understand the file permissions, it's time to learn how to change those permissions. is implemented using the chmod command. The first step is to know if you can change file permissions, you must be the owner of the file or have permission to edit the file (or get permissions through Su or sudo). Because of this, you cannot switch directories and change file permissions arbitrarily.

Continue with our example (-rw-rw-r–). Suppose this file (named script.sh) is actually a shell script that needs to be executed, but you just want to have permission to execute the script. This time, you might think: "I need to be a file with permissions like-rwx-rw-r–". In order to set the X permission bit, you can use the chmod command like this:

chmod u+x script.sh

At this point, the list should show-rwx-rw-r–.

If you want to have both the user and the group owning the Execute permission at the same time, the command should:

chmod ug+x script.sh

Do you understand how this works? Let's make it more interesting. Whatever the reason, you accidentally gave all the grouping permissions to the file (-rwx-rwx-r-x in the list).

If you want to remove the execution rights of other users, simply run the command:

chmod o-x script.sh

If you want to completely delete the executable permissions of the file, you can do it in two ways:

chmod ugo-x script.sh

Or

chmod a-x script.sh

The above is all content, can make the operation more efficient. I would like to avoid actions that might cause some problems (such as the chmod command that you accidentally use a-rwx for script.sh).

Directory Permissions

You can also execute the chmod command on a directory. When you create a new directory as a user, the new directory typically has this permission:

Drwxrwxr-x

Note: The beginning of D indicates that this is a directory.

As you can see, users and their groups have permission to operate on folders, but this does not mean that files created in this folder also have the same permissions as the files they create (the permissions created by using the default system are-rw-rw-r–). But if you want to create a file in a new folder and remove the Write permission from the user group, you do not have to switch to that directory and use the chmod command for all files. You can use the chmod command with the parameter R (which means recursion) and change the permissions of all the files in the folder and its directory.

Now, suppose you have a folder test with some scripts, all of which (including the TEST folder) have permission-rwxrwxr-x. If you want to remove the Write permission from the user group, you can run the command:

Chmod-r g-w TEST

Run the command ls-l, and you can see that the permission information for the TEST folder listed is drwxr-xr-x. The user group is removed from the Write permission (as is the case with all files in its directory).

Summarize

You should now have an in-depth understanding of the basic Linux file permissions. It's easy to learn something more advanced, like Setgid, setuid, and ACLs. Without a good foundation, you will soon confuse the concept with ambiguity.

Linux file permissions have not changed much in the early days, and are likely to not change in the future.

Summary of Linux file permissions

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.