Unix file permissions and access
Unix file permission
In Unix-like operating systems, file permissions are used to control access to files and directories. File permissions specify which users and groups are allowed to perform certain actions on a file, such as reading, writing, or executing the file.
There are three types of file permissions in Unix:
| Permission | Description |
|---|---|
| Read (r) | Allows user to read the contents of the file |
| Write (w) | Allows user to modify the contents of the file |
| Execute (x) | Allows user to execute the file as a program |
File permissions are specified for three categories of users:
| User Category | Description |
|---|---|
| Owner | The user who owns the file |
| Group | The group that the file belongs to |
| Others | All other users who are not the owner or a member of the group |
File permissions are represented using a three-digit octal number, with each digit representing the permissions for one of the categories of users. The digits are arranged in the following order: owner, group, others. For example, the octal number 644 represents permissions that allow the owner to read and write the file, the group to read the file, and others to read the file.
To view the permissions of a file or directory, you can use the ls -l command. The permissions of the file will be displayed as the first column in the output. For example:
$ ls -l file.txt
-rw-r--r-- 1 john users 0 Dec 18 22:23 file.txt
In this example, the file file.txt has permissions –rw-r–r–, which means that the owner has read and write permissions, the group has read permissions,
To modify file permissions in Unix-like operating systems, you can use the chmod command. The chmod command allows you to change the permissions of a file or directory by specifying the permissions that you want to set.
The basic syntax of the chmod command is as follows:
chmod mode file
Where mode is the permissions that you want to set, and file is the name of the file or directory whose permissions you want to modify.
There are two ways to specify the mode argument:
Using octal notation: The octal notation uses a three-digit octal number to represent the permissions for the owner, group, and others. The digits are arranged in the following order: owner, group, others. For example, to set read and write permissions for the owner and read-only permissions for the group and others, you can use the octal notation 644.
Using symbolic notation: The symbolic notation allows you to specify the permissions using letters and special characters. The letters u, g, and o represent the owner, group, and others, respectively. The + and – signs are used to add or remove permissions, and the = sign is used to set permissions. For example, to set read and write permissions for the owner and read-only permissions for the group and others, you can use the symbolic notation u=rw,g=r,o=r.
Here are some examples of how to use the chmod command:
To set read and write permissions for the owner and read-only permissions for the group and others:
chmod 644 file.txt
To set read, write, and execute permissions for the owner and read-only permissions for the group and others:
chmod 755 file.txt
This will set the permissions of the file file.txt to rwxr–xr-x, which means that the owner has read, write, and execute permissions, the group has read and execute permissions, and others have read and execute permissions.
Alternatively, you can use the symbolic notation to set the 755 permissions. The symbolic notation allows you to specify the permissions using letters and special characters. To set the 755 permissions using the symbolic notation, you can use the following command:
chmod u=rwx,g=rx,o=rx file.txt
This will set the same permissions as the octal notation, but using the symbolic notation.
It is important to be careful when setting file permissions, as incorrect permissions can prevent users from accessing or using important files and directories. Only users with appropriate privileges can modify file permissions
chmod 700 file.txt
To add write permission for the group and others:
chmod g+w,o+w file.txt
To remove execute permission for the group and others:
chmod g-x,o-x file.txt
It is important to be careful when modifying file permissions, as incorrect permissions can prevent users from accessing or using important files and directories. Only users with appropriate privileges can modify file permissions.
umask command to set the default permissions for new files
The umask command is used in Unix-like operating systems to set the default permissions for newly created files and directories. The umask command specifies the permissions that should be removed from the default permissions when a new file or directory is created.
The default permissions for newly created files and directories are specified by the umask value, which is a four-digit octal number. The first three digits represent the permissions for the owner, group, and others, respectively. The fourth digit is reserved for special permissions, such as the setuid and setgid bits.
To set the umask value, you can use the umask command followed by the octal value that you want to set. For example, to set the umask value to 022, you can use the following command:
umask 022
This will set the default permissions for newly created files and directories to rw-r–r– (read and write for the owner, read for the group and others).
To view the current umask value, you can use the umask command without any arguments:
umask
The umask value can be set permanently in the system by adding it to the bashrc or bash_profile file in the user’s home directory.