File Permissions -

File permissions in Linux control who can read, write, or execute a file or directory. These permissions are crucial for maintaining the security and proper functioning of a system.

Permission Types

Each file and directory in Linux has three types of permissions:

Read (r): Allows you to view the contents of a file or list the contents of a directory.
Write (w): Allows you to modify or delete a file. For directories, it allows you to add, delete, or rename files within them.
Execute (x): Allows you to run a file as a program or script. For directories, it allows you to enter the directory and access files within it.

Permission Categories

Permissions are divided into three categories, each applying to different users:

Owner (User): The person who owns the file or directory. Typically, the user who created the file.
Group: A group of users who share the same permissions for the file or directory.
Others (World): Everyone else who is not the owner or in the group.

The first character: Represents the file type:

'-' - Regular text file.

'd' - Directory.

'l' - Symbolic links.

The next nine characters: Represent the permissions:

rwx: The first set of three characters indicates the owner's permissions (read, write, execute).

rw-: The second set of three characters indicates the group's permissions (read, write).

r--: The third set of three characters indicates the permissions for others (read only).

File Permission Chart

Permission	Numeric Value	Symbolic Representation	Description
None	0	---	No permissions
Execute	1	--x	Execute only
Write	2	-w-	Write only
Write + Execute	3	-wx	Write and execute
Read	4	r--	Read only
Read + Execute	5	r-x	Read and execute
Read + Write	6	rw-	Read and write
Read + Write + Execute	7	rwx	Read, write, and execute

How to Change Permissions in Linux?

Chmod - The chmod command is used to change the access mode of a file. The name is an abbreviation of change mode. Which states that every file and directory has a set of permissions that control the permissions like who can read, write or execute the file. In this the permissions have three categories: read, write, and execute simultaneously represented by r, w and x. These letters combine together to form a specific permission for a group of users.

Syntax of chmod Command -

Let's do some examples pratice to know it better:

In above example, file doesn't have execute permission to the file, Let's give execute permission to it.

we can see in above example, after giving execute permission the file color got changed and turned into green.

In this example let's try to give execute permission to the group and see the changes.

In above screenshot we can see that in group permission there is x (execute permission and file got turned into green.

we can also set the permission using numeric method.

Example Permissions

Symbolic	Octal (Numeric)	Meaning
`rwxr-xr-x`	`755`	Owner: Read, Write, Execute. Group & Others: Read, Execute.
`rw-r--r--`	`644`	Owner: Read, Write. Group & Others: Read only.
`rwx------`	`700`	Owner: Full permissions. Group & Others: No permissions.
`rwxrwxrwx`	`777`	Everyone: Full permissions.
`r--r--r--`	`444`	Everyone: Read only.

In above example, we added read, write and execute permission to group and for others we added read and execute only.

Chgrp And Chown -

In Linux, chgrp and chown are commands used to change the group ownership and user ownership of files and directories, respectively.

Before changing permissions through chgrp and chown we have to use sudo for super ulitility.

chgrp (Change Group)

The chgrp command is used to change the group ownership of a file or directory.

This command changes the group ownership of File.txt to the group Actors.

Change Group Ownership Recursively:

You can apply the group change to all files and directories within a directory using the -R (recursive) option:

chown (Change Ownership)

The chown command is used to change the user ownership, and optionally the group ownership, of a file or directory.

This command changes the user ownership of File.txt to Lucky. The group ownership remains unchanged. Earlier we had ubuntu as a owner but we changed to " Lucky".

Access Control Lists -

Access control files, also known as Access Control Lists (ACLs), provide a more flexible way to manage file permissions beyond the basic read, write, and execute permissions. ACLs allow you to define permissions for multiple users or groups on a single file or directory.

Standard Linux permissions (rwx) apply only to the owner, group, and others. ACLs allow you to specify permissions for any user or group.

ACLs can be applied to individual files or directories, providing customized access control.

Viewing ACLs

You can view the ACLs of a file or directory using the getfacl command:

In above example, we can see the File.txt file has what all permissions

Setting ACLs

You can set ACLs using the setfacl command:

Grant Read Permission to a User:

This "+" denotes that the file File.txt got the permission of execute by using setfacl command.

This command allows the user ubuntu to execute File.txt.

Removing ACLs

To remove an ACL entry, use:

In above example, first i removed the execute permission and tried to run the File.txt file (./File.txt) but getting Permission denied. so setfacl -x is used to remove the permission.

This removes the ACL for the user ubuntu on File.txt .

Removing All ACLs

To remove all ACLs from a file, use:

By using (setfacl -b filename) it removed all the permission which we gave through setfacl.

Day 6 Task: File Permissions and Access Control Lists

Table of contents