Linux is a file-based multi-user Operating System. Not just regular files, but Linux considers everything as a file, including drives, printers, sound devices, USB devices, etc. Even directories are actually special types of files, but its contents are controlled by the system, and the contents are listings of other files and directories (sub-directories).
The actions you are able to perform on a file, in a Linux system depends on the file's ownership and permissions. Before jumping into the usage of chmod and chown, it's wise to understand a few things about file ownerships and permissions.
THE BASIC PERMISSIONS
As Linux users, we need to be aware of the three basic file permissions, they are read, write, and execute. The words itself give us an idea of what they represent. Depending on whether its a file or a directory we are working with, what these permissions offer us can differ a little.
Read: If you have read permission to a file, it means you can read the contents of the file. For example, you'll be able to use the
cat command on the file.
Write: If you have write permission to a file, it means you can modify the contents of a file.
Execute: If you have execute permission to a file, it means you can execute it. This permission is relevant only for executable files, like binary files or script files like BASH scripts, Python scripts, etc.
Read: Allows you to see the contents of a directory.
Write: Allows you to create or delete files and sub-directories in the directory, provided that you also have execute permission.
Execute: Without execute permission the only thing you can do with a directory is to list the names of its contents.
Permissions are managed in three distinct scopes. These scopes are known as user, group, and others.
User: The user that the file belongs to. By default, this would be the person who created the file. This can be changed later.
Group: The group that the file belongs to. By default, when a file is created, it will belong to the group of the user who created the file. This can be changed later.
Others: A person who neither owns the file, nor belongs to the group which owns the file. Meaning, everybody else
Note: Permissions from different scopes won't stack up. For example, if you belong to the group scope of a file and does not belong to the file's user scope, you will get the group permissions of that file, permissions of the others scope and user scope do not apply to you.
Note: If you belong to both the user scope and group scope of a file, you will have the group scope permissions of that file. The user scope permissions will be ignored.
READING A FILE'S PERMISSIONS
We can use the
ls command with the
-l switch to see file permissions of files, for example,
ls -l fish.sh -rwxrwxr-x 1 penguin penguin 1 Dec 8 04:32 fish.sh
-rwxrwxr-x part of the output from
ls -l is what we need to be looking at. Aside from the first character, which tells you what type of file it is, the rest of the nine characters represent the file's permissions. The first 3 of the nine characters shows the user scope permissions, the next 3 characters shows the group scope permissions. And finally, the last 3 characters tells us what permissions others have.
user: can read, write and execute the file.
group: can read, write and execute the file.
others: can read and execute the file. but can't write to the file.
The second way to represent the same permissions is by using octal numbers.
ls command does not offer us a way to see the permissions in octal format. Instead we can do,
stat -c "%a" fish.sh 775
We can see that the file's permissions is
775 in octal format. The first digit represents permissions of the user, the second digit represents permissions of the group and the last digit represents permissions for others.
How does Linux represent read, write and execute for a single role in a single digit? Its just a simple matter of addition. Each permission has a certain octal value behind it. And if you want to add more than one permission into a role, you add up those permission values.
7 = 4 + 2 + 1 (read + write + execute) user permissions
7 = 4 + 2 + 1 (read + write + execute) group permissions
5 = 4 + 1 (read + execute) others permissions
775 is the same as
777 is the same as
755 is the same as
666 is the same as
744 is the same as
So, now that you have an understanding of permissions. using chmod would not be that difficult. What can we do with chmod? It is used to modify the permissions of files. You can use either the symbolic way of representing permissions or the numeric way when using chmod, its your choice. Personally, I think numbers are easier.
As an example, to set 600 as the permissions for a file named
names.txt in our current directory, the command would be,
chmod 600 names.txt
What does 600 mean for the file? 6 as the first digit means that it's a combination of read and write without execute as permissions for users. 0 for both group and others means that no permissons are not set for those scopes.
chown helps with changing the user and group of files. The command to change the user of the file
names.txt to "neo" would be,
chown neo names.txt
To change the user and group,
chown neo:matrix names.txt
To change only the group, you need to use the
chgrp matrix names.txt