Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Rich Brey - Lesson Contribution - Ownership and Permissions in Linux #841
Ownership and Permissions in Linux - quick overview
Files and directories in Linux have an owner and a set of permissions that determine how users can interact with them.
There are 3 classes to which permissions are applied
Each class may have 3 different permission levels
Example of viewing file permissions:
In this example, user1 is the account that owns testfile, and user1 is also the group assigned to the file. The -rw-rw-r-- at the left indicates the permissions. The first character, "-", indicates that testfile is a file, not a directory. The rw- shows the permissions for the user, or owner, of the file, user1. The r indicates read permission; the w, write permission; and the -, indicating the file can't currently be executed. The next three characters, rw-, show permissions for the group class, which is also user1 in this example. Finally, the last three characters, r--, display permissions for the other class - any account that is not user1 and is not in the user1 group.
The chmod command is used to change file and directory permissions in linux. The format of the chmod command is chmod [permission] [file/directory name].
-bash-4.2$ chmod +x testfile
in this case, perhaps testfile is a shell script that we want to execute. The +x flag tells chmod to add the execute permission to the file, for all classes. chmod can also be used to set permissions for specific classes:
-bash-4.2$ chmod o-rx testfile
This removed read and execute permissions for Other - now only user1 and members of the user1 group have permissions to the file.
The chgrp command is used to change the group assigned to a file or directory. It's used similarly to chmod: chgrp [group name] [file/directory name]
-bash-4.2$ chgrp testgroup testfile
in this example, the group assigned to the file testfile was changed from user1 to testgroup. Now all members of the group testgroup will have read, write, and execute permissions to this file. Group can be changed by the file/directory owner as well as system adiministrators.
Assuming user1 wants group members to be able read and execute this file, but not change it, the group write permission would need to be removed with:
-bash-4.2$ chmod g-w testfile
Now members cannot edit the file.
Linux file system permissions can be complex, for additional information see:
Submitted by Richar Brey
My thoughts would be that this is out of the scope of a novice lesson, and is covered in the shell-extras lesson: http://swcarpentry.github.io/shell-extras/04-permissions/
If the concern is to avoid overloading the novice lesson I very much understand that. However, I also think there is a case for a quick introduction of