Linux file permissions explained: What you need to understand

Introduction

In this article, I explain how Linux file permissions work. I use the Linux distribution Ubuntu. I’m an experienced Windows administrator and coming to Linux file permission is quite a change.

With Linux, each file or directory has both a user and group that take ownership of it. This is in contrast to platforms such as Windows, which can have multiple groups assigned to one resource. With Linux, just one user or group can be assigned to each file or directory.

How Linux file permissions work

The way Linux handles permissions for files is fundamentally different than Windows; instead of assigning ownership to individual users, every file has three sets of reading/write/execute permissions: Owner (the user who created the file), Group (anyone else who belongs to a particular group) and Other (everyone else).

What are the three types of access permissions for a file or directory in Linux?

– Read permission allows you to view the contents of that particular file or directory but no writing is allowed, this means if you want to edit the file you will need to change it back manually.

– Write permission allows you to make changes on the content of that particular file or directory, this includes saving changes made by other people as well as adding new files.

– Execute permission allows you to execute the file or directory that it is on. This means if you run a program from that particular file or directory it will start.

Files
r	The file can be read
w	The file can be written to
x	The file can be executed as a program

Directories
r	The contents of the directories can be viewed
w	Contents of the directory can be modified
x	The user or group can use cd to navigate inside the directory.

check file permissions in Linux

For example, navigate to your home folder and enter

ls -la

pwd

The command ‘pwd’ shows where you are in the file system. I’m at /home/edywerder. My personal home folder. ‘ls -la’ lists all the files in the folder.

create a new file

Let’s create a new file and explore the Linux file permissions the system assigns.

touch example.txt

The permissions are assigned by using the groupings “rwx” and “r-x”.

We see the owner is the user ‘edywerder’ and the group owner is ‘edywerder’. Permissions for the user and group is ‘read’, ‘write’, and no rights for any other user. Btw the ‘d’ means a folder. For example here ‘.cache’ or ‘.local’ is a folder.

As you know from my article about ‘manage User and Groups‘, when you create a new user, a group with the same name is created too. Here you see the group will be assigned automatically as the group owner.

Setting permissions on files and folders – chmod

Use the command chmod to change the permissions on files or folders. In this example, I didn’t specify the folder where the files are located. Because I’m already in the folder. You would need to specify the exact location in case you are not in the current folder.

chmod 777 example.txt

I set the permission to 777 which means everyone has the full right on the file. I recommend using the chmod calculator. It’s a super tool to set easily the permissions. The chmod commands also have options like ‘-r’ for recursive. Use it to change permissions for a folder and every file underneath the folder.

I was using the octat values which I think is the most common way to change the permission. Again super easy with the chmod calculator.

Permissions	bit
Read	4
Write	2
Execute	1
no permission	0

If we add all three we get 7, so 777 is the highest permission level for all

Changing the ownership – chown

Chown is the Linux command to change the ownership for a file or folder

chown root:root example_ownership.txt

In this example, I change the ownership for the user and group in one go to the user ‘root’

sudo chown :edy example_ownership.txt

Would set the group to ‘edy’

sudo chown edy example_ownership.txt

In this example, I change the ownership of the user only. User ‘edy’

You can also use the option ‘-R’ to change recursively ownership of any files in the folder

sudo chown -R :edy folder

This example would change ownership of the group to ‘edy’ for the folder named ‘folder’ and for all files inside the folder

Another command worth knowing is the chgrp command, which allows you to directly change the group ownership of a file. To use it, you can execute the chgrp command along with the group you’d like to own the file, followed by the username.

A command worth knowing is chgrp, which allows you to change a file’s group ownership directly. The chgrp command can be executed along with the group you wish to own the file.

sudo chgrp edywerder example1.txt

It is very important for you to set the permissions on your files and directories so that your server is secure. If you are not familiar with Linux file permissions, it will take some time to learn. The best way to learn about Linux file permissions is by doing it yourself. Create some files and directories (as well as users) and set their permissions, then try removing a user’s access to the resource. Try to access that resource as that user anyways and see what errors you get. Fix those errors, then go through more examples before you do this again. With practice, you should be able to get familiar with this system really quickly.”

Conclusion

Linux file permissions are one of the most important aspects of security on a system. To set up your own, you’ll need to understand how they work and what each type means. The two commands for changing them are chmod and chown, which can be used together or separately depending on your needs.

Check out my article Managing Users And Groups if you want in-depth information about user management, including assigning groups to users so that they have access to certain files when logged into the system with their account credentials.

Keep in mind that there are some key differences between Windows and Linux systems – including their default user groups– so be sure you have a firm grasp on what those differences mean for your system before making changes.