Permissions on Linux can be a little confusing if you are new to Linux. Today my aim is to write a blog post to help with a discussion on viewing permissions and how permissions work.
I personally use the command ls -ahl which should return all the files/folders within a directory (folder), alongside their size and permissions. Why -ahl?
Well, -a shows hidden files/folders, -h makes the output more human readable (e.g. displays the sizes in a format more recognisable to a human) and -l shows the permissions.
The command ls -l would show the permissions but would not show the hidden files/folders and the sizes are a little harder to understand.
Alongside the permissions, sizes, dates and file names are two columns (just after the permission attributes) which give the owner name and group name for the item.
The command ls -ahl can also be used against an individual file if you want to save on the output, or if you are using it in a script. This is done by:
ls -ahl FILE_OR_FOLDER_NAME
For example to just see the permissions on the geektechstuff_permissions_file, the command would be:
ls -ahl geektechstuff_permissions_file
The permissions may seem a little alien at first looking similar to:
The permission attributes are written as 10 characters and can be split into 4 sections:
drwxr-xr-w d rwx r-x r-x - --- --- ---
These represent the File Type, Owner permissions, Group permissions and World permissions.
So for the above example:
- The File type is d
- The owner permissions are rwx
- The group permissions are r-x
- The world permissions are r-w
The letters and hyphen all have different meanings, starting with the file type which can be:
- – a file
- d a directory
- b a special block file
- c a special character file
- l a symbolic link
The remaining 9 attributes can be:
- – no permission for action (e.g. read, write or execute)
- r gives read permissions
- w gives write permissions
- x gives execute permissions
And are written in the order Read (r), Write (w), Execute (e) with the hyphen (-) used if a permission for one of those actions is not given.
Using this knowledge the permissions:
Show that we are looking at the permissions:
- for a directory (d)
- that the owner has read, write and execute (rwx) permissions
- that the group has read and execute (r-x) permissions
- that everyone else has read and execute (r-x) permissions
What About Permissions In Numbers?
Sometimes you will read or hear Linux users discuss permissions as numbers (e.g. 400, 777). These numbers represent the owner, group and world permissions, the same as the remaining 9 attributes in above example.
Would become 755, so instead of writing 9 characters we can write 3 numbers. But how do they work?
- The first number (the hundred value) is for the owner permission
- The second number (the ten value) is for the group permission
- The third number (the unit value) is for the world permission
So 755 is:
- 7 for owner permission
- 5 for group permission
- 5 for world permission
The numbers are very special as each number is an octal that represents three binary digits. Each number also gives a different permission depending on the value, with the values being between 0 and 7.
0 represents --- 1 represents --x 2 represents -w- 3 represents -wx 4 represents r-- 5 represents r-x 6 represents rw- 7 represents rwx
For the 755 example:
- 7 for the owner is permissions rwx
- 5 for the group is permissions r-x
- 5 for the world is permssions r-x
This is why 755 is the same as rwxr-xr-x. To give the owner, group and world rwx (so rwxrwxrwx) permissions it would need to be 777. To give them all read only permissions it would need to be 444, or to give them all read and execute permissions (r-xr-xr-x) it would need to be 555.