Understand File Permissions Settings
file type indicators
Letter Indicated File Type
d Directory
b Block-type special file
c Character-type special file
l Symbolic link
p Pipe
s Socket
- Regular file
read-only permission
read-write permission
write-only permission: log files
it’s perfectly feasible to have a program with read and execute permission, but no write permission.
Copying requires the ability to read the file.
Though actual programs with execute-only permission work fine, a special
class of programs called shell scripts fail. Shell scripts act like a UNIX
command-line macro facility, which enables you to save easily a series of
commands in a file and then run them as a single program. To work,
however, the shell must be able to read the file and execute it, too, so
shell scripts always require both read and execute permissions.
The most common file permissions.
Permission Meaning
--- No access is allowed
r-- Read-only access
r-x Read and execute access, for programs and shell scripts
rw- Read and write access, for files
rwx All access allowed, for programs
Directory Permissions Settings
The most common directory permissions.
Permission Meaning
--- No access allowed to directory
r-x Read-only access, no modification allowed
rwx All access allowed
Modify File and Directory Permissions with chmod
symbolic mode
$ chmod [u|g|o|a][+|-|=][rwx] file
numeric mode
--- 0
r-- 4
r-x 5
rw- 6
rwx 7
Common permissions and their numeric equivalents
Permission Numeric Used With
--------- 000 All types
r-------- 400 Files
r--r--r-- 444 Files
rw------- 600 Files
rw-r--r-- 644 Files
rw-rw-r-- 664 Files
rw-rw-rw- 666 Files
rwx------ 700 Programs and directories
rwxr-x--- 750 Programs and directories
rwxr-xr-x 755 Programs and directories
Establish Default File and Directory Permissions with the umask Command
The controlling variable behind the default permissions is called the file creation mask, or umask for short.
The umask command is a filter through which permissions are pushed to ascertain what remains.
$ umask
$ umask 277
Identify Owner and Group for Any File or Directory
$ ls -g
$ ls -o
$ ls -og
Change the Owner of a File or Directory
$ chown root file
once you’ve changed the ownership of a file, you cannot restore it to yourself. Only the owner of a file can give away its ownership, so don’t use the chown command unless you’re absolutely positive you want to!
Change the Group of a File or Directory
$ chgrp root file