File permissions are essential in Linux to ensure security and proper access control. In this tutorial, we’ll cover file permissions, and how to modify them using the chmod, chown, and chgrp commands.
1. Understanding File Permissions in Linux
Each file and directory in Linux has three types of access permissions:
- Read (
r) → Allows reading the file or listing the directory contents. - Write (
w) → Allows modifying the file or adding/removing files from a directory. - Execute (
x) → Allows executing the file as a program/script or accessing a directory.
1.1 File Permission Representation
Each file has three sets of permissions:
| Owner Type | Representation |
|---|---|
| User (Owner) | The person who created the file |
| Group | Users belonging to the file’s group |
| Others | All other users on the system |
Example: Checking File Permissions
ls -l file.txtOutput:
-rw-r--r-- 1 user group 1234 Feb 28 10:00 file.txt1.2 Breaking Down the Output
-rw-r--r-- 1 user group 1234 Feb 28 10:00 file.txt-→ Regular file (dfor directory,lfor symbolic link)rw-→ User (owner) has read (r) and write (w) permissionsr--→ Group has read-only permissionr--→ Others have read-only permission
2. Changing File Permissions with chmod
The chmod command changes file permissions in two ways:
- Symbolic Mode (
u,g,o,awith+,-,=) - Numeric Mode (Octal values:
r=4,w=2,x=1)
2.1 Using Symbolic Mode
chmod u+x file.sh # Give execute permission to the user
chmod g-w file.txt # Remove write permission from the group
chmod o+r file.txt # Give read permission to others
chmod a+x script.sh # Give execute permission to everyone2.2 Using Numeric (Octal) Mode
Each permission is assigned a number:
- Read (r) = 4
- Write (w) = 2
- Execute (x) = 1
- No permission = 0
To calculate permissions, add up the values:
| Permissions | Value |
|---|---|
rwx (read, write, execute) | 7 (4+2+1) |
rw- (read, write) | 6 (4+2+0) |
r-- (read-only) | 4 (4+0+0) |
Example Commands:
chmod 755 file.sh # User (rwx), Group (r-x), Others (r-x)
chmod 644 file.txt # User (rw-), Group (r--), Others (r--)
chmod 700 secret.txt # User (rwx), Group (---), Others (---)3. Changing File Ownership with chown
The chown command changes the owner of a file.
3.1 Changing Owner
chown newuser file.txt # Change owner to 'newuser'3.2 Changing Owner and Group
chown newuser:newgroup file.txt # Change owner to 'newuser' and group to 'newgroup'3.3 Changing Ownership for Multiple Files
chown -R newuser:newgroup /directory # Change ownership recursively4. Changing Group Ownership with chgrp
The chgrp command changes the group ownership of a file.
4.1 Changing Group
chgrp newgroup file.txt # Change group to 'newgroup'4.2 Changing Group for Multiple Files
chgrp -R newgroup /directory # Change group recursively5. Special Permissions (SUID, SGID, Sticky Bit)
5.1 Set User ID (SUID)
- When set, the file runs with the permissions of the owner instead of the user executing it.
- Commonly used for system commands (e.g.,
passwd).
Command:
chmod u+s script.sh # Set SUID
ls -l script.shOutput:
-rwsr-xr-x 1 root users 1234 Feb 28 10:00 script.sh(Notice the s in place of x for the user)
5.2 Set Group ID (SGID)
- When applied to a directory, all new files inherit the group of the directory.
- Used for shared group access.
Command:
chmod g+s directory/Output (ls -ld directory/):
drwxr-sr-x 2 user group 4096 Feb 28 10:00 directory/5.3 Sticky Bit
- Applied to directories to prevent deletion of files by non-owners.
- Commonly used in
/tmp.
Command:
chmod +t /tmp
ls -ld /tmpOutput:
drwxrwxrwt 2 root root 4096 Feb 28 10:00 /tmp(The t at the end indicates the sticky bit)
6. Practical Examples
6.1 Secure a File
Only the owner should have full access:
chmod 700 private.txt6.2 Make a Script Executable
chmod +x script.sh6.3 Allow Group Collaboration on a Directory
chown :developers shared_folder/
chmod 2775 shared_folder/2sets SGID so all new files inherit the group.
6.4 Recursively Change Ownership
chown -R user:group /project_directory/7. Summary of Commands
| Command | Description |
|---|---|
ls -l | List file permissions |
chmod 755 file | Set specific file permissions |
chown user file | Change file owner |
chown user:group file | Change file owner and group |
chgrp group file | Change file group |
Conclusion
Understanding file permissions is crucial for system security and multi-user management. Using chmod, chown, and chgrp, you can efficiently manage access control in Linux.
