Linux is multiuser system and everything in here is a file.
File ownership and permissions provides security at the file system level.
- Person creating file/directory becomes owner of it.
- A user belongs to a default group, and can also be a member of any of the other groups on a server.
Types of Users in Linux:
- system users: Are used to run non-interactive or background processes on a system.
- regular users: Are used for logging in and running processes interactively.
- superuser: i.e. root user, that has the ability to override any file ownership and permission restrictions, has access to anything on its own server.
- to view all of the users on a system run
Groups: collection of users..zero or more.
A group can have multiple-Users, set permissions to group and users under it will inherit those permissions.
- to view all the groups and their members
Every file/directory has a owner.
user: Owner of a file, by default one who creates.
group: Users added to the group.
other: User who donot belog
Who donot belong to the group nor created any file/directory, but wants
to access file/directory.
2. Ownership's Permissions
Linux can have multiple Users and access to the system at the same time.
to avoid chaos and maintain strict privacy Permissions are definned.
Three permissions for each owners defined.
File: allows to open and read a file.
Directory: allows to lists its content.
File: allows to modify/delete the file.
Directory:allows to delete the directory, add, remove and rename files
stored in the directory.
File: allows to run the file and execute a program or script.
Directory:allows to access/traverse (cd) into a different directory
and make it your current working directory also able to access its
3. View Permissions
View file permissions:
ls -al directory/file
drwxrwxr-x 3 ashwini ashwini 4096 Aug 6 14:03 . drwxr-xr-x 15 ashwini ashwini 4096 Aug 6 14:03 .. -rw-rw-r-- 1 ashwini ashwini 424 Jul 18 06:55 addfiles.yml -rw-rw-r-- 1 ashwini ashwini 54 Aug 6 13:17 client.my.cnf.j2
drwxrwxr-x are permissions.
d: stands for directory. if nothing
- then its a file.
first notation denotes either file or directory.
- first notation denotes either file or directory.
- remaining 9 notations divided in three set.
first set represents
second set represents
third set represents
ashwini ashwini: which user belonging to which group
4096: size of file or directory.
Aug 6 14:03: time it got created.
.: current directory
addfiles.yml: filename and its type.
4. Change permissions of file using chmod
0 No Permission --- 1 Execute --x 2 Write -w- 3 Execute + Write -wx 4 Read r-- 5 Read + Execute r-x 6 Read +Write rw- 7 Read + Write +Execute rwx
create a file:
$ ls -l testing -rw-rw-r-- 1 ashwini ashwini 0 Aug 7 06:33 testing
testing is a file with
write permisiions for both user and group, and
read permissions for
changing the file permissions based on table
$ chmod 740 testing $ ls -l testing -rwxr----- 1 ashwini ashwini 0 Aug 7 06:33 testing
File has all permissions for user only, read permission for group and no
permission for other
5.Change ownership of a file/directory using chown
- created the group
- changed ownership to different group:
chown user:group file
$ ls -l testing -rwxr----- 1 ashwini ashwini 0 Aug 7 06:33 testing $ sudo groupadd grouptesting $ sudo chown ashwini:grouptesting testing $ ls -l testing -rwxr----- 1 ashwini grouptesting 0 Aug 7 06:33 testing