Thursday, November 17, 2011

File permissions in UNIX Linux with Example >> Unix Tutorial

Whenever we execute ls command in UNIX you might have observed that it list file name with lot of details e.g.
stock_options:~/test ls -lrt
total 8.0K
-rw-r--r-- 1 stock_options Domain Users 1.1K Jul 15 11:05 sample

If you focus on first column you will see the file permissions as "-rw-r--r--" this is made of three parts user, group and others. User part is permission relate to user logged in, group is for all the members of group and others is for all others. also each part is made of three permissions read, write and execute so "rw-" means only "read and write" permission and "r--" means read only permission. So if you look permission of example file it has read and writes access for user, read only access for groups and others. Now by using chmod command in UNIX we can change the permissions or any file or directory in UNIX or Linux. Another important point to remember is that we need execute permission in a directory to go inside a directory; you can not go into directory which has just read and write permission.

Understanding File permissions in UNIX Linux with Example


what is file permission in unix and linux with exampleFile permission in Numeric format

File permission can also be expressed in numeric format usually octal number system is used to express file permissions

   0 – no permissions
   1 – execute only
   2 – write only
   3 – write and execute
   4 – read only
   5 – read and execute
   6 – read and write
   7 – read, write and execute


Symbolic format of file permissions in UNIX

Symbolic format is another format of denoting UNIX file permissions. In symbolic format we have special notations for user, group and others as well as to denote read, write and execute permissions as shown below and by using these symbols you can set any permissions on file in Linux.

Reference       Class   Description
u       user    the owner of the file
g       group   users who are members of the file's group
o       others  users who are not the owner of the file or members of the group
a       all     all three of the above, is the same as ugo
r       read    read a file or list a directory's contents
w       write   write to a file or directory
x       execute execute a file or recurse a directory tree



Default permissions on files and directory in UNIX

Whenevera process creates a file it uses default permission 666 for file and 777 for directory. You can use "umask" command to further restrict the permissions of file or directory at creation time. umask value is used to eliminate the permissions specified by umask. for example a common umask values is "022" which makes file read and write permission for owner or group but read only for group members and other and in case of directory it makes directory searchable with execute permissions for all user, group and others because you can not go inside a directory in UNIX or Linux if you don't have execute permissions on that. Let’s see an example how we arrived to this file permissions:

Default permission of file -- 666
usmak                      -- 022
----------------------------------
Final permissions on file -- 644 (which is 110 100 100 i.e. rw- r-- r--) read and write for user and read only for group and others

Default permission of directory -- 777
umask                            -- 022
----------------------------------------
Final permission of file         -- 755 (which is 111 101 101 i.e. rwx r-x r-x) read, write and execute for user (owner) and read+execute for group members and others.


How to change file and directory permission in UNIX

You can use chmod command to change permissions of any file or directory in UNIX or Linux. Chmod command stands for change mode for example from read only mode to writable. Let’s see and example of creating a read only file and then granting it full access in UNIX or Linux.

stock_options:~/test touch stock_trading_systems

stock_options:~/test ls -lrt
total 8.0K
-rw-r--r--  1 stock_options Domain Users    0 Nov 15 11:42 stock_trading_systems

stock_options:~/test chmod 400 stock_trading_systems

stock_options:~/test ls -lrt
total 8.0K
-r--------  1 stock_options Domain Users    0 Nov 15 11:42 stock_trading_systems

stock_options:~/test vim stock_trading_systems

stock_options:~/test chmod 777 stock_trading_systems

stock_options:~/test ls -lrt
total 8.0K
-rwxrwxrwx  1 stock_options Domain Users    0 Nov 15 11:42 stock_trading_systems*


You can see file permission changed to rwxrwxrwx , if you have noticed there is also a * mark at the end of file name “stock_trading_systems*” that shows that this is an executable file. To enable this option you can setup an alias “ls=ls –F” , -F displays that option.


That’s all on File permission on UNIX and Linux OS for now. Please add any important point related to file permissions which are not discussed here. In Summary having good understanding of file and directory permissions in UNIX and how to change file permissions is key for working productively in Linux.

Other UNIX Command Tutorials and Examples

4 comments :

Anonymous said...

I'm missing the setuid flag.

Anonymous said...

What about sticky bit? Otherwise nice explanation

Heeran said...

hi, how to check file permissions for a particular file or folder in Unix for which you don't have read permission? do you think its possible that ls will display permissions of a file or directory in that case ?

RaT said...

Nice article.. very good one to start with.

I found a contradicting statement in your article. It is in the below para.

"for example a common umask values is "022" which makes file read and write permission for owner or group but read only for group members and other"


I think the correct one should be

"for example a common umask values is "022" which makes file read and write permission for owner but read only for group members and other"

Thanks

Post a Comment