black remote control on red table
Mon Oct 17

Understanding Linux Permission

Linux is a popular operating system that can handle multiple users at the same time. This means that different users can log in and modify the system according to their needs and preferences. However, this also poses a security risk if unauthorized users gain access to the system and try to damage or compromise it. To prevent this, Linux has a system of permissions and privileges that limits what each user can do within the system.

The root account

By default, Linux has a special user account called root that has full control over the system. The root account can create, delete, modify and execute any file or directory in the system, as well as change the settings and configurations of the system. The root account is also known as the superuser or administrator account.

However, using the root account for everyday tasks is not recommended, as it can be very dangerous. If you make a mistake or run a malicious program as root, you can cause serious damage to your system or expose it to hackers. That’s why it is advisable to use another user account for your regular work and only use the root account when you need to perform administrative tasks.

User permissions and privileges

Every user in Linux has a username and a password that they use to log in to the system. Each user also belongs to one or more groups that share some common characteristics or purposes. For example, there may be a group for students, a group for teachers, a group for developers, etc.

Every file and directory in Linux also has an owner and a group associated with it. The owner is usually the user who created the file or directory, and the group is usually the primary group of the owner. However, these can be changed using some commands that I will explain later.

In addition to the owner and the group, every file and directory in Linux has three sets of permissions that determine who can read, write or execute it. These permissions are:

  • Read (r): The ability to view the contents of a file or directory.
  • Write (w): The ability to modify or delete a file or directory.
  • Execute (x): The ability to run a file as a program or enter a directory.

The three sets of permissions apply to:

  • The owner of the file or directory.
  • The group of the file or directory.
  • The other users who are not the owner or in the group.

You can view the permissions of any file or directory using the command:

ls -la

This command will list all the files and directories in the current location along with some information about them. One of the columns will show something like this:

drwxr-xr-x

This is how Linux represents the permissions of a file or directory. You can divide it into four parts:

  • The first character indicates whether it is a file (-) or a directory (d).
  • The next three characters indicate the permissions for the owner (rwx).
  • The next three characters indicate the permissions for the group (r-x).
  • The last three characters indicate the permissions for the other users (r-x).

In this example, we can see that:

  • It is a directory (d).
  • The owner can read (r), write (w) and execute (x) it.
  • The group can read (r) and execute (x) it, but not write (w) it.
  • The other users can read (r) and execute (x) it, but not write (w) it.

Changing permissions and privileges

Sometimes, you may want to change the permissions or privileges of a file or directory. For example, you may want to make a file executable so that you can run it as a program, or you may want to restrict access to a private folder so that only you can see its contents.

To change the permissions of a file or directory, you can use the command:

chmod

The argument can be specified in two ways: using octal numbers or using symbolic notation.

Using octal numbers

Octal numbers are base 8 numbers that use digits from 0 to 7. Each digit represents one set of permissions for one category of users (owner, group or other). Each digit is calculated by adding up the values of each permission: read = 4, write = 2 and execute = 1. For example:

  • 7 = 4 + 2 + 1 = rwx
  • 6 = 4 + 2 = rw-
  • 5 = 4 + 1 = r-x
  • 4 = 4 = r—
  • 3 = 2 + 1 = -wx
  • 2 = 2 = -w-
  • 1 = 1 = —x
  • 0 = 0 = ---

To use octal numbers, you need to specify three digits, one for each category of users. For example:

  • chmod 755 will give the owner rwx, the group r-x and the other users r-x permissions.
  • chmod 644 will give the owner rw-, the group r-- and the other users r-- permissions.
  • chmod 777 will give everyone rwx permissions (not recommended).

Using symbolic notation

Symbolic notation is a more intuitive way of specifying permissions using letters and symbols. To use symbolic notation, you need to follow this format:

chmod [who][operator][permissions]

The [who] argument can be one or more of the following:

  • u: The owner of the file or directory.
  • g: The group of the file or directory.
  • o: The other users who are not the owner or in the group.
  • a: All users (equivalent to ugo).

The [operator] argument can be one of the following:

  • +: Add the specified permissions to the existing permissions.
  • -: Remove the specified permissions from the existing permissions.
  • =: Set the specified permissions and remove any other permissions.

The [permissions] argument can be one or more of the following:

  • r: Read permission.
  • w: Write permission.
  • x: Execute permission.

For example:

  • chmod u+x will add execute permission to the owner.
  • chmod g-w will remove write permission from the group.
  • chmod o=r will set read permission and remove any other permission from the other users.
  • chmod a=rwx will set read, write and execute permissions for all users (not recommended).

You can also combine multiple arguments using commas. For example:

  • chmod u=rw,g=r,o= will set read and write permissions for the owner, read permission for the group and no permission for the other users.

Changing ownership and group

Sometimes, you may want to change the owner or the group of a file or directory. For example, you may want to transfer a file to another user or assign a file to a different group.

To change the owner of a file or directory, you can use the command:

chown

To change both the owner and the group of a file or directory, you can use the command:

chown :

To change only the group of a file or directory, you can use the command:

chgrp

Note that changing the ownership or group of a file or directory requires superuser privilege. You can use sudo before any of these commands to run them as root.

For example:

  • sudo chown alice myfile.txt will change the owner of myfile.txt to alice.
  • sudo chown bob:dev myprogram.py will change both the owner and the group of myprogram.py to bob and dev respectively.
  • sudo chgrp students myfolder will change the group of myfolder to students.

Conclusion

Linux is a powerful and flexible operating system that gives users a lot of control over their files and directories. And now, we have learned how to use commands like chmod, chown, and ‘chgrp’ to set attributes as we want to. Hopefully, by understanding and applying these concepts and commands, we can make our Linux system more secure and efficient.

You might like

Meilisearch vs Elasticsearch: Which One Should You Choose?

Trying to decide between Meilisearch vs Elasticsearch? This comprehensive comparison will help you choose the best search engine for your website or application. Learn about the features, performance, ease of use, and more of Meilisearch and Elasticsearch. Make an informed decision and boost your search results today.
The OSI Model Layers Explained

Learn about the OSI model layers, a framework that explains how data flows in a network. Discover how protocols work together on different layers to enable communication. Read more and get started with networking.