Permissions¶
- File and directory permissions are based on user class and access mode
- User classes
- User (u): File owner
- Group (g): Other users in the group
- Other (o): All other users
-
User class permissions
- Read (r)
- Write (w)
- Execute (x)
-
Permission information can be listed with ls command
File types¶
- The first symbol in permission information presentes file type of a file
- Below is the table including possible file types for files
Symbol | File type | Description |
---|---|---|
- | Ordinary file | Files such as text, image, database, binary, and so on |
d | Directory | A special file that can contain other files |
l | Symbolic link | A shortcut or reference to another file |
b | Block device | Devices that can send and receive buffered or random data such as CD, DVD, and hard disks |
c | Character device | Devices that can send and receive data in a sequence of characters, such as modems and virtual terminals |
s | Sockets | Files used for communication within processes in the local system without using network protocols |
p | Named pipe | Pipes represented in the filesystem |
File and directory permissions¶
- As stated earlier, there are three user class permissions in Unix-based operating systems: Read, Write and Execute
- Table below describes how these permissions allow the usage of files and directories
Permission | File | Directory |
---|---|---|
Read | The content of the file can be read | The content of a directory can be listed (for example with ls command) |
Write | File can be created, edited or deleted | Permission to create, edit or delete the directory |
Execute | Program or script can be executed | Permission to enter and use the directory |
- User must have the execute permission (x) for all subdirectories inside a directory in order to use all files in subdirectories
- If user has write permission (w) for the directory, user can delete a file from that directory even if user has no permissions for the file itself
CHMOD (Change File Access Permissions)¶
- chmod command is user for setting or modifying file and directory permissions
- Syntax for single file or directory: chmod
file/directory name - Permissions can be shown from file like in the example figure below
- Permissions can be set by using either numerical or symbolic format
-
Numerical format has the following options:
- r (read) = 4
- w (write) = 2
- x (execute) = 1
- - (no access) = 0
-
Setting permissions for each user class with numerical format requires adding all permissions together like in the example below
- Full permissions → 4 (r) + 2 (w) + 1 (x) = 7
- Read and write permissions → 4 (r) + 2 (w) = 6
- Read permissions → 4 (r) = 4
-
Example: Set all permissions for the file owner, read and write permission for the group and read permission for all other users using numeric format
testuser@ubuntu-PC:~$ ls -l
drw-r----- 2 testuser testuser 4096 Aug 20 10:55 sensors.txt
testuser@ubuntu-pc:~$ chmod 764 sensors.txt
testuser@ubuntu-pc:~$ ls -l
drwxrw-r-- 2 testuser testuser 4096 Aug 20 10:55 sensors.txt
- This same permission modification can be also done with symbolic format
- The following notation for user classes can be used with symbolic format:
- u = user
- g = group
- o = other
- a = all (user, group and other)
-
Permissions are either set or modified with the following operators:
- + add permission
- - remove permission
- = set permission
-
Example for using symbolic format
testuser@ubuntu-pc:~$ ls -l
-rw-r--r-- 2 testuser testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ chmod u+x server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxr--r-- 2 testuser testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ chmod g+x,o+r server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxr-xr-- 2 testuser testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ chmod a=rwx server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxrwxrwx 2 testuser testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ chmod g-x,o-wx server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 testuser testuser 0 Aug 20 10:55 server1.log
- When setting permissions for a directory, all subdirectories and files inside the directory can also be covered by using -R option
- Example: Set read permissions for directory owner and group including all content inside the directory
testuser@ubuntu-PC:~$ chmod 440 -R sensor_data/
CHOWN (Change File Owner)¶
- Files and directories always has an owner which can be changed with chown command
- Command syntax is the following:
chown <user> file/directory
chown <user> -R directory
chown :<group> file/directory
- Example of changing file and directory owner
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 testuser testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ sudo chown root server1.log
[sudo] password for testuser:
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 root testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ sudo chown mark:mark server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 mark mark 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ sudo chown :testuser server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 root testuser 0 Aug 20 10:55 server1.log
Links¶
- There are two types of links used in Linux:
- Symbolic (soft) link
- Hard link
-
Symbolic link (symlink) is a shortcut for another file
- This particular file does not necessarily need to exist
- Symbolic link is an alias name point to original file name, not to the actual file
- Symbolic links are used for example to shorten the pointing link for particular directory
- Permission modifications made for symbolic links are directed for the original file which symbolic link is pointing
- Broken symbolic link is marked with red color when ls command is used
-
Hard link points to the file that must exist
-
Hard link can only point to a file and the following cannot be pointed:
- Directories
- Files on another system partition
-
To sum the difference between symbolic and hard links:
- Hard link must always point to an existing file on a same system partition
- Symbolic link target does not have to exists
-
Syntax for creating a symbolic link: ln -s
-
Syntax for creating a hard link: ln
-
Example of listing directories with links
testuser@ubuntu-pc:~$ ls -l /bin/*nano
-rwxr-xr-x 1 root root 245872 Mar 6 2018 /bin/nanol
rwxrwxrwx 1 root root 4 Mar 6 2018 /bin/rnano -> nano
testuser@ubuntu-pc:~$ ls -l /sbin/mod*
lrwxrwxrwx 1 root root 9 Nov 12 2018 /sbin/modinfo -> /bin/kmod
lrwxrwxrwx 1 root root 9 Nov 12 2018 /sbin/modprobe-> /bin/kmod
- Example of creating a hard link
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 root testuser 0 Aug 20 10:55 server1.log
testuser@ubuntu-pc:~$ ln server1.log server-file-link
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 root testuser 0 Aug 20 10:55 server1.log
-rwxrw-r-- 2 root testuser 0 Aug 20 10:55 server-link-file
testuser@ubuntu-pc:~$ rm server1.log
testuser@ubuntu-pc:~$ ls -l
-rwxrw-r-- 2 root testuser 0 Aug 20 10:55 server-link-file.log
- Example of creating a symbolic link
testuser@ubuntu-pc:~$ ln -s /tmp/server1.log server-file-link
lrwxrwxrwx 2 testuser testuser 0 Aug 20 10:55 server-file-link -> /tmp/server1.log
testuser@ubuntu-pc:~$ rm /tmp/server1.log
testuser@ubuntu-pc:~$ ls -l
lrwxrwxrwx 2 testuser testuser 0 Aug 20 10:55 server-file-link -> /tmp/server1.log
testuser@ubuntu-pc:~$ cat /tmp/server1.log
cat: server1.log: No such file or directory