In Linux, unlike other operating systems, largely because it is a multi-user system, we will encounter a unique system for managing the rights to files and folders that derives from the Unix based system.
Users who can access files or folders are divided into three categories:
owner – the owner, who created the file or directory
group – a member of the group to which the owner belongs
other – any other user who does not own the file/directory and is not part of the owner’s group.
File access rights are truncated into three categories:
r – read
w – write
x -execute
Access rights for folders are also divided into three categories, they have the same symbolism but have different meanings.
r – read; means the right to view (list) the contents of the directory similar to the command ls;
w – write; allows adding and deleting files
x – execute; means the right to enter the folder (cd command)
Viewing and interpreting permissions is done using the command:
ls -l
If we want to see the permissions of a file we use:
ls -l filename
If we want to list all the files and directories in another directory, say test, we give the command to that directory.
cd / paths / test ls-1
Change permissions
The command through which permissions are changed is chmod.
chmod – Change access permissions, change mode.
Syntax
chmod [option] … Mode [, Mode] … file …
chmod [option] … Numeric_Mode file …
chmod [option] … -reference = RFile file …
Options
-f, -silent, -quiet suppresses most error messages
-v, -verbose displays a diagnosis for each processed file
-c, -changes as well as verbose, but only reports when changes are made
–Reference = The RFile uses the RFile mode instead of the MODE values
–R, -recursive change files and recursive directories
–Help; displays the help manual
-Version displays version information
chmod changes the permissions for each given file according to mode, where mode describes the permissions to be modified.
A mode can be specified with octal or letter numbers. Using letters is easier to understand for most.
Numerical mode:
Between 1 and 4 octal digits:
Any omitted numbers are supposed to be zero.
The first digit = selects attributes for the user ID (4) and group ID (2) and saves the text image (1) s
Second digit = permissions for users who have files: read (4), write (2), and execute (1)
Third digit = permissions for other users in the file group: read (4), write (2), and execute (1)
The fourth digit = permissions for non-file users: read (4), write (2), and execute (1)
The octal value (0-7) is calculated by adding values for each digit.
User (rwx) = 4 + 2 + 1 = 7
Group (rx) = 4 + 1 = 5
World (rx) = 4 + 1 = 5
chmode mode = 0755
Protecting files with chmod
chmod 400 filename – protects the file for accidental overwrite
chmod 500 directory_name – protects the folder for deleting, renaming or accidentally moving files inside
chmod 600 private file filename; which can only be changed by the user who entered this command (owner)
chmod 644 filename; public file that can be accessed by everyone but can only be changed by the owner
chmod 660 filename; file that can be accessed and altered by users belonging to the groups that the parent belongs to and the others have no right to it
chmod 700 filename; only the owner has full rights over it, the groups and others having no right over it
chmod 755 directory name; for files that need to be read or run by other users, but can only be changed (written) by the owner (the one who created it and entered the command)
chmod 775 filename; standard way to grant permissions to a group
chmod 777 filename; anyone can do anything with this file
Banning all permission to execute:
chmod a-x file
Allow to be read by everyone:
chmod a + r file
We make a file readable and written by the group and others:
chmod go + rw file
We make a shell script to be executable by which user/owner:
chmod u + x myscript.sh
Note
When chmod is applied to directories it is allowed:
read – display files in the directory
write – add new files to the directory
execute – accessing files in the directory
chmod never changes permissions on symbolic links because the chmod system call can not change their permissions. This is not a problem because the permissions of symbolic links are never used. However, for every link listed on the command line, chmod changes the permissions of the file to which it is linked. Instead, chmod ignores symbolic links encountered during recursive directory crossings.