In Linux, every file and folder has permissions that control access. These permissions are assigned to three categories of users: the owner, the group, and others. Permissions determine whether users can read, write, or execute a file or folder. Managing these permissions is crucial for maintaining security and access control within the system.
Permissions are represented by a string like drwxr-xr-x. The first character indicates if it’s a directory (d) or a file (-). The next nine characters are grouped into three sets, each representing the permissions for the owner (user), group, and others. Within each group, r stands for read, w for write, and x for execute, while a dash (-) indicates no permission.
Here is a quick reference table for understanding the permissions:
| Category | Letter | Permission | Octal | Read | Write | Execute |
|---|---|---|---|---|---|---|
| User (owner) | u | rwx | 7 | Yes | Yes | Yes |
| Group | g | r-x | 5 | Yes | No | Yes |
| Others | o | r-x | 5 | Yes | No | Yes |
Permissions can be represented in octal notation, with each digit corresponding to a combination of read, write, and execute permissions:
| Octal | Binary | Permission |
|---|---|---|
| 0 | 000 | none |
| 1 | 001 | execute |
| 2 | 010 | write |
| 3 | 011 | write, execute |
| 4 | 100 | read |
| 5 | 101 | read, execute |
| 6 | 110 | read, write |
| 7 | 111 | read, write, execute |
Understanding how to modify these permissions, using either symbolic representation (like u=rwx) or octal notation (like 755), is key for controlling access to files and folders in Linux.
There are other methods and layers of file and folder permissions in Linux such as ACL, SELinux and AppArmor. These however, are beyond the scope of this guide.
Steps to set file and folder permission on Linux:
- Check the current permissions of a file or folder.
$ stat -c "%a : %A" /var/www/html/index.html 644 : -rw-r--r--
The first number represents the octal permission, and the second shows the symbolic representation.
- Add write permission for the group.
$ sudo chmod g+w /var/www/html/index.html [sudo] password for user:
- Remove read permission for others.
$ sudo chmod o-r /var/www/html/index.html
- Set read and execute permissions for the owner (user).
$ sudo chmod u=rx /var/www/html/index.html
- Verify the current permissions of the file.
$ stat -c "%a : %A" /var/www/html/index.html 560 : -r-xrw----
- Set permissions using octal notation for all files in a directory.
$ sudo chmod 560 /var/www/html/*
Using wildcards applies permissions to all files in the directory.
- Apply permissions recursively to all files and folders.
$ sudo chmod -R 560 /var/www/html/
Be cautious when applying permissions recursively, as it can affect all subdirectories and files.
- Check the current permissions for all files and folders.
$ sudo ls -l /var/www/html/ total 20 dr-xrw---- 2 root root 4096 Jan 24 09:58 css -r-xrw---- 1 root root 10918 Jan 23 19:57 index.html dr-xrw---- 2 root root 4096 Jan 24 09:57 js
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
Comment anonymously. Login not required.