Why I made this guide
I personally want to learn as fast as possible minimizing memorization, can you relate? Sometimes we may be working in a project and forgot something, are we going back to read a whole manual just for that? Absolutely not. We need a simple way to understand permissions and have it as a sheet cheat. The end goal of this article is to provide such thing in the most concise and accurate and fastest way possible.
I will divide the guide in the following way: The more you go down, the more detailed. Of course, for simplicity, the top 1st part will tell you all you need to know very simple.
Let's start by knowing that with
ls -ld /path/to/dir you can know the permissions of the file/folder.
1. What does 1, 2, 4 means?
Let's go with the very basics. We have three different permissions, Read (r), Write (w) and Execute (x). Each of these permissions is assigned a number as follows:
- r (read) - 4
- w (write) - 2
- x (execute) - 1
We have three different "categories":
- Group: located in /etc/group
If you wanted to give a user, let's say 'Arturo', full access to a folder and no one else access, then his permissions would be 7, why? 4 + 2 + 1 = 7 (read the number above).
Since no one else would have access, Groups and Everyone would have access 0. The total access would be 700.
Here is a graphical representation:
Easy enough right? Let's get deeper:
2. Permissions to Folders/Files
Let's take a look at how to set permissions, make a user/group own a folder and change group ownership.
Information about user management? Go here
The chmod changes permissions of files/directories for users, groups, and everyone.
chmod u=rwx,g=rx,o=r myfileThis example uses symbolic permissions notation. The letters u, g, and o stand for "user", "group", and "other". The equals sign ("=") means "set the permissions exactly like this," and the letters "r", "w", and "x" stand for "read", "write", and "execute", respectively. The commas separate the different classes of permissions, and there are no spaces in between them.
chmod u=rw example.jpgChange the permissions for the owner of example.jpg so that the owner may read and write the file. Do not change the permissions for the group, or for others.
chmod 754 document.txtSame as above but in octal notation.
The chown command changes ownership of files and directories.
- Let's say you own a file as root and you want to give it to 'Arturo', then type:
sudo chown Arturo myfile.txt. Now Arturo is the owner of that file.
- To give the file to user and change the file's group ownership to userGroup, type:
sudo chown user:userGroup myfile.txt
- All the files and directories are owned by your username and group
sudo chown -R myuser:mygroup otherfileswill change the ownership of every file and subdirectory.
chown :myGroup file1changes the owning group of file2 to group othergroup. Notice that this is the only command in these examples which may be run without sudo.
The chgrp changes group ownership of a file or files.
chgrp -hR staff foldeNamechanges the owning group of folderName, and all subdirectories, to the group staff.
chgrp staff file.txtchanges the owning group of the file file.txt to the group named staff.
Easy enough right? Let's get deeper:
3. Understanding the meaning of 'rwx' lines if ls -l
If you type on the terminal
ls -lah you'll get to view the long listing of files (-l) + hidden files (-a) + you can show the file size in human readable format (-h), for example 10K, 12M, 2G.
To view the permissions of a specific file/folder, you can also simply type:
ls -ld folderName (Assuming you are in the path where the folder is). The (-d) lists the directory entries instead of content.
(the colors are just to represent my point)
- yellow: file & directory names
- green: time and date of creation.
- purple: file size in bytes
- orange: shows the permissions. Every file in Linux is 'owned' by a particular user...
- cyan: unique file system identifier for the file
- red: containing the '-rwx----w-' characters. These are the actual permissions set for the particular file or directory.
-r--r--r-- :This means that owner, group and everyone else has only read permissions to the file (remember, if there's no 'd' or 'l', then we are talking about a file).
-rw-rw-rw- : This means that the owner, group and everyone else has read and write permissions.
-rwxrwxrwx : Here, the owner, group and everyone else has full permissions, so they can all read, write and execute the file (-).
I hope it's clear enough, if you have questions/suggestions, leave a comment below :)