Skip to content
Find me on GitHub Find on Twitter

Linux Fundamentals: File Permissions and Ownership

In my last article Explaining the ls command and beyond, I broke down the ls command, how to interpret the output, and introduced some command line concepts. It was quite the jargon, and to some of you, it was unfamiliar.

As such, I’ll dedicate some articles (like this one) to explain that very jargon, or at least make it a bit less unfamiliar to you.


Linux is a multi-user system, and it does not mean what you think it does (or at least what I did).

A multi-user system is not just a system that allows having multiple users, but one that can also be used by many users at the same time. The keyword here is at the same time.

You might ask yourself, how can a computer be used at the same time by different people? Well, a computer does not require you to sit in front of it to use it. You can remotely access it for example using the program Remote Desktop Connection if you’re using Windows. Or using SSH to access the system via the command line. That way, multiple users can work on the same machine, using the same resources.

Try to picture that scenario of multiple user accessing a computer, it’s a mess. What’s stopping user B from playing around with user A’s work? As a person that likes to troll, I would say, nothing. The options are endless, and it stops being fun when you’re user A.

It seems that this trolling concern existed in the 70’s too. Unix was built with the design of a multi-user architecture; it introduced file ownership and permissions. And Linux naturally inherited this design as well.

Unix multi-user system design

Ownership

Every file in the system belongs to a user and to a group. This is called ownership, and it enables the system to make the distinction between these 3 cases:

Permissions

Permissions are who gets to do what with a file. The who part is determined by ownership, it is one of the 3 cases I mentioned above.

Now to the fun part, do what. What can be done to a file? The answer is found in the first column in the output of ls -l:

These 3 permissions hold different meanings for files and directories. It’s one of the things that I found troubling to understand when I was first learning Linux.

Permissions of a file

Permissions of a directory

So what’s up with directories graphically? Well, nothing. Just think about it for a second.

What happens exactly when you double click on a directory? Sounds like a stupid question right? I’ll let you be the judge of that.

A window pops up, showing the content of that directory. But another thing happens as well, we enter that directory.

Ultimately, opening a directory graphically makes use of two permissions:

Don’t take my word for it though, I might be saying nonsense after all. Open your terminal, and play around with files/directories with different permissions.

Chmoding playground

What better way is there to understand than seeing what you’re learning in action, right?

In order to see the effect of the different permissions, you’ll need to be able to change them. That’s where the chmod command comes into the picture. I’ll briefly introduce it, refer to man for more details.

The chmod command supports two syntaxes:

Remember how a user can be either an owning user, a user that belongs to the owning group or neither? Well each of those gets a permission.

Octal

The syntax is straightforward:

chmod <XXX> file

Where XXX is a 3 digit number. Reading from left to write:

Each permission is “represented” by a number:

To describe a permission as a digit, add the numbers of the permissions you wish to include. For example, the permission of a file that is readable and writable would be described with the number 6. Which is 4 (read permission) + 2 (write permission).

Repeat the same process for the each digit to represent the file’s permission for every kind of user.

Say you want your file to be readable and writable for you (the owner), and only readable for anyone else:

chmod 600 someFile.txt

The first digit representing your permission. The second and third digits representing respectively the owner group and others’ permissions, which is 0, none.

You change your mind, you open your heart and want to share the file with others, but without having to worry about trolls (like myself). Instead of giving no permission to the group owner and others’, you give them read access instead.

chmod 644 someFile.txt

You get the idea.

Symbolic

This one is a bit tricky. You use these symbols to represent permissions:

Let’s start simple.

chmod +x someFile.txt

This adds the execute permission for everyone. The user owner, the group owner, and others.

chmod -x someFile.txt

Removes the execute permission for everyone.

chmod +rw someFile.txt

Adds the read and write permissions for everyone. So far so good, I hope.

Now it gets, compositional let’s say.

chmod u=rwx someFile.txt

Assigns read, write and execute permissions to the user owner.

chmod go=r someFile.txt

Assigns the read permission to the group owner as well as to others.

Etc.


I hope you learned something :)

Keep the trolls away.