Wednesday, May 26, 2010

File permissions notation in Linux

Every file or folder in Linux has access permissions. There are three types of permissions (what allowed to do with a file):

  • read access
  • write access
  • execute access

Permissions are defined for three types of users:

  • owner of the file
  • group that the owner belongs to
  • other users

Numeric (octal) representation

Octal digitText equivalentBinary valueMeaning
0---000All types of access are denied
1--x001Execute access is allowed only
2-w-010Write access is allowed only
3-wx011Write and execute access are allowed
4r--100 Read access is allowed only
5r-x101Read and execute access are allowed
6rw-110Read and write access are allowed
7rwx111Everything is allowed

Difference in access permissions for files and folders

Access typeFileFolder
Readcan readcan listing
Writecan write to filecan create, rename, delete files in direcory
Executecan be executedcan pass through or into

Special bit

setuid
Execute file with owner permission (example: program su)
-rws------
bit:4000
setgid
If file execute this with group permission.
If folder save every file into folder with folder group permission. All file in folder have been the same group.
-rwxrws---
bit:2000
sticky
If file already is not supported
If folder has sticky bit can delete files into folder only owner of file or superuser.
-rwxrwxrwt
bit:1000

File types

Regular file
-
Directory
d
Link
l
Special files
c
Socket
s
Named pipe
p
Block device
b

Examples

  • chmod 644 myFile.txt
  • chmod 4700 /bin/ls (setuid)
  • chmod 2770 /bin/ls (setgid)
  • chmod 1777 myFolder (sticky)
  • chown tomas myFile.txt
  • chgrp user myFile.txt
  • chown tomas.user myFile.txt