File Permissions in Linux

File Permissions in Linux

File Permissions in Linux: A Brief Guide to Using Chmod

In Linux, file permissions are used to control access to files and directories. There are three permission classes that can be assigned to files and directories: read, write, and execute. In this guide, we will cover how to display file permissions and how to use the chmod command to change them.

Displaying File Permissions

To display the file permissions for a file or directory, you can use the ls command with the -l option. The output will include a series of letters and symbols that represent the file's permissions.

Here is an example output:

-rw-r--r-- 1 user group 0 May 5 12:34 example.txt

The first character (-) indicates the type of file (in this case, a regular file). The next three characters (rw-) represent the read and write permissions for the file owner. The next three characters (r--) represent the read permission for the group, and the final three characters (r--) represent the read permission for others.

Using Chmod to Change File Permissions

To change the file permissions, we can use the chmod command. The chmod command can modify the permissions for the owner, group, and others, and can also set or clear the setuid, setgid, and sticky bits.

Here is an example of how to use chmod:

 touch example.txt
 chmod 644 example.txt
 ls -l example.txt

 #OUTPUT
 -rw-r--r-- 1 user group 0 May 5 12:34 example.txt

This command adds (+) the execute permission (x) to the file owner (u) for the file example.txt.

Here is a table of some common chmod commands:

CommandMeaning
chmod u+xAdd execute permission for the file owner
chmod g+rAdd read permission for the file group
chmod o-wRemove write permission for others
chmod 755Set the permissions to rwxr-xr-x

In the last example, 755 sets the permissions to read, write, and execute for the owner, and read and execute for the group and others.

Changing User File and Group Ownership

In Linux, ACLs are used to define permissions that go beyond the traditional file permission system. They allow you to set permissions for specific users or groups on a file or directory, which can be more granular than the standard owner, group, and other permissions.

To enable ACLs on a file system, you need to mount it with the acl option. For example, if you have a file system mounted at /mnt/data, you can enable ACLs by adding acl to the mount options in /etc/fstab:

UID=1234-5678 /mnt/data ext4 defaults,acl 0 2

Once ACLs are enabled on a file system, you can use the setfacl command to set ACLs on files and directories. Here are some examples:

To add a new user to the ACL of a file:

setfacl -m u:alice:rwx file.txt

To add a new group to the ACL of a file:

setfacl -m g:developers:rw file.txt

To remove a user from the ACL of a file:

setfacl -x u:bob file.txt

To view the ACL of a file:

getfacl file.txt

ACLs can also be inherited from parent directories. For example, if you set an ACL on a directory, all new files and subdirectories created in that directory will inherit the ACL. To enable ACL inheritance, use the default keyword:

setfacl -m d:u:alice:rwx /mnt/data/docs

This sets the default ACL for the /mnt/data/docs directory, so that any new files or directories created in it will automatically inherit the ACL.

In conclusion, Access Control Lists (ACLs) provide a powerful tool for managing file permissions in Linux. They allow for fine-grained control over access to files and directories, and can be used to set permissions for specific users or groups. By enabling ACLs on a file system and using the setfacl command, you can take advantage of this feature to manage access to your files and directories.