From Fedora Project Wiki

Permissions

Introduction

Managing permissions is an important task to be familiar with. There are many tools available such as chown, chgrp, and chmod. There are two methods available for managing permissions using command line tools: symbolic and numeric. The symbolic method uses symbols such as u, +, x, r, and so on, to represent owners, groups, and permissions. The numeric method uses a numbering scheme.

Each file and directory has permissions for the owner (UID), group (GID), and everyone else. The permissions for each group consist of three (binary) bits. There are 10 bits in total: --- --- --- (the 10th bit is the setuid or sticky bit - this will be described later). The first three are the permissions for the owner. The next three are the permissions for the group, and the last three are the permissions for everyone else.

Use the ls -l command to view file and directory permissions:

ls -l file1
-rw-rw-r-- 1 user1 group1 0 Oct 22 17:51 file1

The above example shows the following permissions for the file1 file:

  • user1: read and write
  • group1: read and write
  • everyone else: read

The three main symbols used to represent permissions are r, w, and x. These represent read, write, and execute permissions respectively. File permissions are as follows:

  • read: files can be opened and viewed using commands such as cat and less
  • write: edit, save, and delete files
  • execute: allows you to execute the file (files will not be executable unless you also have read permissions)

Permissions for directories are as follows:

  • read: list the contents using the ls command
  • write: edit, save, and delete files within said directory
  • execute: allows you to change into said directory using the cd command. Execute permissions are required to perform a long listing using the ls -l command. Without execute permissions the ls -l command will return output similar to the following:
ls -l test1/
ls: cannot access test1/file1: Permission denied
ls: cannot access test1/file2: Permission denied
total 0
-????????? ? ? ? ?                ? file1
-????????? ? ? ? ?                ? file2
Directory write Permissions
If a user has write permissions on a directory, that user can remove any file within that directory regardless of file permissions.

Symbolic Method

The following table describes the symbols used to change permissions using the symbolic method. Familiarize yourself with this table before proceeding to the next section:

u the owner of the file or directory
g the group the file or directory belongs to
o everyone else
a everyone (u, g, and o)
add a permission
= assign a permission
r read permissions
w write permissions
x execute permissions
t directory sticky bit
s setuid or setgid

Examples of using the chmod command to change file permissions can be found in the Managing Permissions Using the CLI section.

Numeric Method

The following table describes the numbering scheme used when changing permissions using the numeric method:

Number Permissions ls -l Output
0 no permissions ---
1 execute --x
2 write -w-
3 write and execute -wx
4 read r--
5 read and execute r-x
6 read and write rw-
7 read, write, and execute rwx

Use the chmod command to change permissions regardless of whether you are using the symbolic or numeric method.

Previous Page - TOC Next Page: Managing Permissions Using the CLI