The following are the types of permissions:
- Read permission: The user can read or check the content of the file
- Write permission: The user can edit or modify the file
- Execute permission: The user can execute the file
Working with permissions
Changing file permissions
The following are the commands for changing file permissions:
To check the file permission, enter the following command:
$ ll file_name
The file permission details are as seen in the following diagram:
In the preceding diagram, as we can see, permissions are grouped in owner-user, group, and other users' permissions. Permissions are of three types–read, write, and execute. As per the requirement, we may need to change the permissions of the various files.
The chmod command
We can change the file or directory permissions in the following two ways:
Technique one – the symbolic method
The following command will add the read/write and execute permissions to the file wherein u is for user, g is for group, and o is for others:
$ chmod ugo+rwx file_name
Alternatively, you can use the following command:
$ chmod +rwx file_name
Technique two – the numeric method
The following command will change the file permissions using the octal technique:
$ chmod 777 file_name
The file permission 777 can be understood as 111 111 111, which corresponds
to the rwx.rwx.rwx permissions.
Setting umask
We will see how Linux decides the default permissions of the newly created file or folder:
$ umask
0002
The meaning of the preceding output is that, if we create a new directory, then, from the permissions of +rwx, the permission 0002 will be subtracted. This means that for a newly created directory, the permissions will be 775, or rwx rwx r-x. For a newly created file, the file permissions will be rw- rw- r--. By default, for any newly created text file, the execute bit will never be set. Therefore, the newly created text file and the directory will have different permissions, even though umask is the same.
Setuid
Another very interesting functionality is the setuid feature. If the setuid bit is set for a script, then the script will always run with the owner's privileges, irrespective of which user is running the script. If the administrator wants to run a script written by him by other users, then he can set this bit.
Consider either of the following situations:
$ chmod u+s file_name
$ chmod 4777 file
The file permissions after any of the preceding two commands will be drwsrwxrwx.
Setgid
Similar to setuid, the setgid functionality gives the user the ability to run scripts with a group owner's privileges, even if it is executed by any other user:
$ chmod g+s filename
Alternatively, you can use the following command:
$ chmod 2777 filename
File permissions after any of the preceding two commands will be drwxrwsrwtx.
Sticky bit
The sticky bit is a very interesting functionality. Let's say, in the administration department, there are 10 users. If one folder has been set with sticky bit, then all other users can copy files to that folder. All users can read the files, but only the owner of the respective file can edit or delete the file. Other users can only read, but not edit or modify, the files if the sticky bit is set:
$ chmod +t filename
Alternatively, you can use the following command:
$ chmod 1777
File permissions after any of the preceding two commands will be drwxrwxrwt.
