4.2.6 I have file permission problems. How do file ownership and permissions work?
Linux (the same as any UNIX) is a secure, multiuser operating system, and this creates a level a complexity with "files permissions". Trouble with file permissions can lead to unexpected and nasty problems. Understanding file permissions is of uttermost importance to be able to administer any multiuser operating system (be it UNIX, WinNT, or Linux). My advice would be: learn the system of Linux (or any UNIX) file permission conventions; you will not regret it.
File owners. Each file (or directory) belongs to an owner (normally a login name) and to a group. The owner is typically the person who created (or copied) the file. The group often consists of one person--the owner, and has a name identical to that of the owner, but it does not need to be so. A file can be removed (erased) only by the owner of the file, or a member of the group that owns the file, or the root. Other users, however, may be able to modify or erase the contents of the file if they are given permission to do so--read on. The owner and group that owns the file will be shown in the output from the ls -l command (="list in the long format"). For example, the command:
ls -l junk
produced this output on my screen:
-rwx------ 1 yogin inca 27 Apr 24 14:12 junk
This shows the file "junk", belonging to the owner "yogin" and to the group "inca".
The ownership of a file can be changed using the commands chown (change owner) and chgrp (change group), which are normally executed by root:
chown peter junk
chgrp peter junk
ls -l junk
After executing the above 3 lines, the command ls-l junk produces this output on my screen:
-rwx------ 1 peter peter 27 Apr 25 20:27 junk
Changing file ownership comes handy if you move/copy files around as root for use by other users. At the end of your housekeeping you typically want to hand the file ownership over to the proper user.
File permissions. Now, an owner of a file can make the file accessible in three modes: read (r), write (w) and execute (x) to three classes of users: owner (u), members of a group (g), others on the system (o). You can check the current access permissions using:
ls -l filename
If the file is accessible to all users (owner, group, others) in all three modes (read, write, execute) it will show:
-rwxrwxrwx
Skip the first "-" (it shows the type of file, and is "-" for normal files, "d" for directories, "l" for links, "c" for character devices, "b" for block devices, "p" for named pipes i.e. FIFO files, "f" for stacks i.e. LIFO files). After the initial "-" character, the first triplet shows the file permission for the owner of the file, the second triplet shows the permissions for the group that owns the file, the third triplet shows the permissions for other users. A "no" permission is shown as "-". Here is an output from the ls -l command on a file that is owned by root, for which the owner (root) has all permissions, but the group and others can only read and execute:
drwxr-xr-x 2 root root 21504 Apr 24 19:27 dev
The first letter "d" shows that the file is actually a directory.
You can change the permissions on a file which you own using the command chmod (="change mode"). For example, this command will add the permission to read the file "junk" to all (=user+group+others):
chmod a+r junk
In the command above, instead of "a" (="all"), I could have used "u", "g" or "o" (="user", "group" or "others"). Instead of "+" (="add the permission"), I could have used "-" or "=" ("remove the permission" or "set the permission"). Instead of "r" (="read permission"), I could have used "w" or "x" ("write permission" or "execute permission").
Second example. This command will remove the permission to execute the file "junk" from others:
chmod o-x junk
Instead of letters, one can also use numbers to specify the permissions. To understand how it works, look at
* License
