Understanding standard permissions in Linux

Home > Search
  by

Viewing permissions

The ls -l or ll command can be used to view the permission of files and directories. In this example, there is a file named myFile that has -rw-r--r-- permissions.

~]# ls -l
-rwxrw-r-x  1  JohnDoe Sales 123 Sep 18 19:02 myFile

 


Read Write Execute

There are three standard permissions in Linux.

  • Read
  • Write
  • Execute

Read gives you permission to view the contents of a file, using commands such as cat and grep, and view the contents of a directory, using commands such as ls (list).

Write gives you permission to modify the contents of a file, using an editor such as vi or nano.

Execute gives you permission to run an executable file, such as a bash shell script.

 


User Group Other

Permissions are broken into three groups:

  • User
  • Group
  • Other

In the list of permissions, characters 2 through 4 are used for user, characters 5 through 7 are used for group, and characters 8 through 10 are used for other. In the prior example, user has rw- (read write execute), group as rw- (read write), and other has r-x (read execute). 

JohnDoe is the user, meaning that JohnDoe can read, write, and execute myFile.

Sales is the group, meaning that members of the group named Sales can read and write, but not execute myFile. If a persons that is a member of the Sales group attempts to execute myFile, a "permission denied" error will be displayed.

~]# ./myFile
permission denied

 

Anyone who not JohnDoe and not a member of the group named Sales can read and execute, but not write to myFile. If anyone other than JohnDoe who is not a member of the Sales group attempts to write to myFile, a "permission denied" error will be displayed.

~]# echo "Hello World" > myFile
permission denied

 

 


Special permissions

If s or t is displayed, this means special permissions are being used.

~]# ls -l
-rwsrwsr-t  1  root root 123 Sep 18 19:02 example.txt

 


SELinux

When a dot follows the standard permissions, this means that the file or directory is confined by an SELinux context.

~]# ls -l
-rw-r--r--.  1  root root 123 Sep 18 19:02 example.txt

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments