File permissions, also known as access modes, determine who can access and
modify files. On the command line you can list files along with their
ls -l, and you can change file permissions using the
In a directory listing, permissions appear by default as a sequence of ten
characters, something like
-rw-rw-r--, for instance.
Here's an example directory listing -- the first column shows the file permissions:
$ ls -l drwxrwxr-x 4 bart bart 4096 Oct 27 21:41 ./ drwxr-xr-x 23 bart bart 4096 Oct 27 21:30 ../ -rw-rw-r-- 1 bart friends 0 Oct 15 22:01 foo drwxrwxr-x 2 bart bart 4096 Oct 27 21:41 public/ drwx------ 2 bart bart 4096 Oct 27 21:40 secrets/ -rw-rw---- 1 bart friends 7 Oct 15 22:01 wibble
The very first character shows whether or not the file is a directory. (That first character has other uses too, but we won't cover that here.) The next nine characters represent the actual file permissions. If you split those nine characters into three 3-character sequences, you get the permissions for 1) the file owner, 2) group members, and 3) everyone else.
g o u r t s o h e u e r p r rwx rwx rwx <-- read, write, execute (or directory access) 421 421 421 these equate to the octal bits 4, 2, and 1 respectively
x represent read access, write access, and permission to execute the file as a program (or to grant directory access if the file is a directory).
In the example directory listing above:
foois a file that can be read by anyone, but only written to by
bartor members of the
publicis a directory that anyone can access, but only
secretsis a directory that only
wibbleis a file that
friendsgroup member can acess and modify, but nobody else can access at all.
To view the octal values:
$ stat -c "%a %n" -- * 664 foo 775 public 700 secrets 660 wibble
(Be aware that system administrators can access files regardless of file permissions. Permissions can help manage files, but aren't about absolute privacy.)
chmod to modify file permissions
chmod command understands two equivalent access mode formats:
chmod u=rw,g=,o= FILENAME(s) chmod u=rwx,g=,o= FILENAME(s) chmod 600 FILENAME(s) chmod 700 FILENAME(s) chmod u=rw,g=r,o= FILENAME(s) chmod u=rwx,g=rx,o=rx FILENAME(s) chmod 640 FILENAME(s) chmod 755 FILENAME(s) chmod r=rw,g=rw,o=r FILENAME(s) chmod 664 FILENAME(s)
Those octal values can be derived by adding the relevant octal bits. Some common examples:
rw- --- --- rw- r-- --- rw- rw- r-- rwx --- --- rwx r-x r-x 42- --- --- 42- 4-- --- 42- 42- 4-- 421 --- --- 421 4-1 4-1 6 0 0 6 4 0 6 6 4 7 0 0 7 5 5
chmod manual page (
man chmod) for more information. The related
chgrp commands can be used to manage file ownership.
last compiled: 2021-06-04 12:34:03.178788