5.3 Managing File Permissions and Ownership (Weight: 2)
📘Linux Essentials (LPI 010-160)
1. Linux Permission Model
Every file and directory in Linux has permissions that define what actions users can perform.
Linux permissions are based on three categories:
| Category | Description |
|---|---|
| User (u) | The owner of the file |
| Group (g) | Members of the file’s group |
| Others (o) | All other users on the system |
This means Linux controls access using three permission sets.
Example structure:
User Group Others
Each set has its own permissions.
2. Types of Permissions
Linux permissions consist of three basic types.
| Permission | Symbol | Meaning |
|---|---|---|
| Read | r | View file contents |
| Write | w | Modify or change file |
| Execute | x | Run file as a program or script |
These permissions can apply to files and directories, but they behave slightly differently.
3. Viewing Permissions
Permissions are displayed using the ls -l command.
Example:
ls -l
Example output:
-rwxr-xr-- 1 user staff 2048 Mar 10 10:00 script.sh
Breakdown:
-rwxr-xr--
This string represents the file type and permissions.
4. File Type Indicator
The first character indicates the file type.
| Symbol | Meaning |
|---|---|
| – | Regular file |
| d | Directory |
| l | Symbolic link |
Example:
drwxr-xr-x
This indicates a directory.
5. Permission Structure
The remaining characters are grouped in three sets of three.
Example:
-rwxr-xr--
Breakdown:
Owner Group Others
rwx r-x r--
Meaning:
| Category | Permissions | Meaning |
|---|---|---|
| Owner | rwx | Can read, write, execute |
| Group | r-x | Can read and execute |
| Others | r– | Can only read |
6. Permission Meaning for Files
For files, permissions work like this:
Read (r)
Allows a user to view the contents of a file.
Example IT usage:
- Reading configuration files
- Viewing log files
- Opening documents
Example:
cat config.conf
Write (w)
Allows a user to modify or overwrite a file.
Example IT usage:
- Updating configuration files
- Editing application scripts
- Writing log entries
Example:
nano config.conf
Execute (x)
Allows a file to run as a program or script.
Example IT usage:
- Running shell scripts
- Executing compiled programs
- Starting system tools
Example:
./backup.sh
Without execute permission, the file cannot run as a program.
7. Permission Meaning for Directories
Permissions work differently for directories.
| Permission | Meaning for Directory |
|---|---|
| r | View file names inside directory |
| w | Create, delete, or rename files |
| x | Enter or access directory |
Read Permission on Directory
Allows listing files inside the directory.
Example:
ls /project
Without read permission, users cannot see the directory contents.
Write Permission on Directory
Allows:
- Creating files
- Deleting files
- Renaming files
Example:
touch newfile.txt
rm oldfile.txt
Execute Permission on Directory
Allows users to enter the directory.
Example:
cd /project
Without execute permission, users cannot access files inside the directory even if they know the filename.
8. Permission Examples in IT Environments
Example 1: Application script
-rwxr-xr-x deploy.sh
Meaning:
- Owner can edit and run script
- Others can run script but not modify it
Example 2: Configuration file
-rw-r----- database.conf
Meaning:
- Owner can edit
- Group can read
- Others cannot access
Used to protect sensitive configuration settings.
Example 3: Shared project directory
drwxrwxr-x project/
Meaning:
- Owner and group can modify files
- Others can only read
This is common in development teams.
9. Numeric (Octal) Permissions
Permissions can also be represented using numbers.
Each permission has a numeric value.
| Permission | Value |
|---|---|
| Read | 4 |
| Write | 2 |
| Execute | 1 |
Permissions are added together.
Example:
| Permission | Calculation | Value |
|---|---|---|
| rwx | 4 + 2 + 1 | 7 |
| rw- | 4 + 2 | 6 |
| r-x | 4 + 1 | 5 |
| r– | 4 | 4 |
Example Numeric Permission
755
Breakdown:
| Category | Value | Meaning |
|---|---|---|
| Owner | 7 | rwx |
| Group | 5 | r-x |
| Others | 5 | r-x |
Equivalent to:
rwxr-xr-x
Another example:
644
Breakdown:
| Category | Value | Meaning |
|---|---|---|
| Owner | 6 | rw- |
| Group | 4 | r– |
| Others | 4 | r– |
Equivalent to:
rw-r--r--
10. Changing Permissions (chmod)
Permissions are changed using the chmod command.
Syntax:
chmod permissions file
Using Numeric Mode
Example:
chmod 755 script.sh
Meaning:
rwxr-xr-x
Example:
chmod 644 config.txt
Meaning:
rw-r--r--
Using Symbolic Mode
Permissions can also be modified using symbols.
Symbols used:
| Symbol | Meaning |
|---|---|
| u | user (owner) |
| g | group |
| o | others |
| a | all users |
Operators:
| Operator | Meaning |
|---|---|
| + | Add permission |
| – | Remove permission |
| = | Set exact permission |
Examples
Add execute permission:
chmod +x script.sh
Remove write permission from group:
chmod g-w file.txt
Add read permission for others:
chmod o+r file.txt
Set permission exactly:
chmod u=rwx,g=rx,o=r file.sh
11. Recursive Permission Changes
Permissions can be applied to directories and their contents using the -R option.
Example:
chmod -R 755 project/
This modifies permissions for:
- Directory
- All files inside
- All subdirectories
This is commonly used in web server directories and application deployments.
12. Default Permissions and umask (Basic Concept)
When new files are created, they receive default permissions.
The umask value removes certain permissions.
Typical defaults:
| Item | Default Permission |
|---|---|
| Files | 666 |
| Directories | 777 |
The umask subtracts permissions from these defaults.
Example:
umask 022
Results in:
Files:
644
Directories:
755
13. Important Commands for the Exam
| Command | Purpose |
|---|---|
| ls -l | View permissions |
| chmod | Change permissions |
| umask | View or set default permissions |
Examples:
ls -l file.txt
chmod 755 script.sh
chmod +x program.sh
umask
14. Security Importance of Permissions
Permissions help protect systems by:
- Preventing unauthorized file access
- Protecting configuration files
- Limiting execution of programs
- Controlling access to application directories
In IT environments, correct permission configuration is essential for:
- Web servers
- Databases
- System scripts
- Log files
- Shared project directories
15. Key Exam Points to Remember
For the Linux Essentials exam, remember:
- Linux permissions use user, group, and others
- Permission types are read (r), write (w), execute (x)
- Permissions appear in ls -l output
- First character shows file type
- Numeric permissions use 4, 2, 1 values
- chmod changes permissions
- Symbolic and numeric modes both exist
- Directory permissions behave differently from file permissions
- Recursive permissions use
-R
