Working with permissions

The following are the types of permissions:

• Read permission: The user can read or check the content of the file
• Write permission: The user can edit or modify the file
• Execute permission: The user can execute the file

Changing file permissions

The following are the commands for changing the file permissions:

To check the file permission, give the following command:

$ ll file_name

The details of file permissions are as seen in the following image:

In the preceding diagram, as we can see, permissions are grouped in owner-user and group and other users' permissions. Permissions are of three types such as read, write, and execute permissions. As per the requirement, we may need to change permissions of the various files.

Command chmod

We can change the file or directory permissions by the following two ways:

Technique one – the symbolic method

The following command will add the read/write and execute permissions to the file wherein, u is for user, g is for group, and o is for others:

$ chmod ugo+rwx file_name

Alternatively, you can use the following command:

$ chmod +rwx file_name

Technique two – the numeric method

The following command will change the file permissions using the octal technique:

$ chmod +rwx file_name

The file permission 777 can be understood as 111 111 111, which corresponds to the rwx.rwx.rwx permissions.

Setting umask

We will see how Linux decides the default permissions of the newly created file or folder:

$ umask
0002

The meaning of the preceding output is that, if we create a new directory, then from the permissions of +rwx, the permission 0002 will be subtracted. This means that for a newly created directory, the permissions will be 775 or rwx rwx r-x. For a newly created file, the file permissions will be rw- rw- r--. By default, for any newly created text file, the execute bit will never be set. Therefore, the newly created text file and directory will have different permissions even though the umask is same.

Setuid

Another very interesting functionality is the setuid feature. If the setuid bit is set for a script, then the script will always run with the owner's privileges irrespective of which user is running the script. If the administrator wants to run script written by him by other users, then he can set this bit.

Consider either of the following situations:

$ chmod u+s file_name
$ chmod 4777 file

The file permissions after any of the preceding two commands will be drwsrwxrwx.

Setgid

Similar to setuid, the setgid functionality gives the user the ability to run scripts with group owner's privileges, even if it is executed by any other user.

$ chmod g+s filename

Alternatively, you can use the following command:

$ chmod 2777 filename

File permissions after any of the preceding two commands will be drwxrwsrwtx.

Sticky bit

Sticky bit is a very interesting functionality. Let's say, in the administration department there are 10 users. If one folder has been set with sticky bit, then all other users can copy files to that folder. All users can read the files, but only the owner of the respective file can edit or delete the file. Other user can only read but not edit or modify the files if the sticky bit is set.

$ chmod +t filename

Alternatively, you can use the following command:

$ chmod 1777

File permissions after any of the preceding two commands will be drwxrwxrwt.