In the previous post we have seen type of files and file permissions in Linux. In this post we will learn file permissions in detail. Every file in Linux has set of properties like permission, owner, group, created date, modified date size, name, type, etc. We will user one of the most important command “ls -l” to find these properties of a file in Redhat Enterprise Linux6.
It is important to note that Linux is a multi-user operating system, it is important to secure files as different users can have different grants on a same file. Some users can have read-write grants on a file while others an only read it but not edit it or delete it. To maintain this security Linux operating system uses file permissions.
Every file/directory in Linux is owned by a user and a group so file permissions are defined for user, group and other.
- User: It is the username of the person who owns the file and by default the user who created the file is the owner.
- Group: A group who owns the file. Group can be same as the user or different and can contain more than one user.
- Other: A user who is not the owner of the file and also does not belong to group owner.
Every class of user (user, group and other) has three types of permissions:
- Read (r): For a file, this means it can be opened and read. For a directory, this means you can list contents of that directory.
- Write (w): For a file, this means you can edit a file (remove or add contents) but you cannot remove or rename the file. For Directory, this means that you can add, remove and rename the files within that directory.
- Execute(x): For a file, this means you can execute the file as program/script. For directory, this means that you can execute files/directories (change directory) within that directory.
To view file permissions we can user directory listing command ls with -l opthon.
[root@PawanS1 ~]# ls -l test_file.txt
-rwxrw-r-- 1 root root 12 Aug 25 19:50 Test_File.txt
-rwxrw-r-- 1 root root 12 Aug 25 19:50 Test_File.txt
In the above command we can see different properties of a file named “Test_File.txt”. File permissions are represented by 10 bits (the first 10 characters of the output of ls -l command -rwxr-xr-x).
First bit is file type “-“ for file and “d” for directory.
Second to fourth bits are Owner’s permission (User).
Fifth to seventh bits are Group’s permission.
Eighth to tenth bits are Other’s permission.
And if we represent permissions in octal notation:
User: rwx = in binary 111 = 7 = 4+2+1
Group: r-x = in binary 101 = 5 = 4+0+1
Other: --x = in binary 001 = 1 = 0+0+1
So permissions are -rwxr-x--x which are equivalent to 751. But for better understanding we assume:
- r = read = 4
- w = write = 2
- x = execute = 1
By combining above mentioned permissions we can give Owner, Group and Others different permissions as we require. For example –rwxr-xr-- shown that it is a regular file with read, write and execute permissions to Owner; read and execute permissions to Group and only read permission to Others.
We can change these permissions using chmod command. We will discuss this command in the next post.
Some examples of octal combination of permissions:
Owner: rwx = 4+2+1 = 7
Group: r-x - 4+0+1 = 5
Other: --x = 0+0+1 = 1
So permissions are -rwxr-x--x which are equivalent to 751
So to change files permissions to -rwxr-x—x(751) we need to execute command:
# chmod 0751 filename
Or
# chmod 751 filename
The above commands do the same, but it is important to note the first octal notation which is “0” in this case, this is used to set SUID bit, GID bit and Sticky bit on a file which we will discuss in some other post.
For any queries please post comments.
No comments:
Post a Comment