Linux File Basic Attributes

The Linux system is a typical multi-user system where different users are in different positions and have different permissions.

To protect system security, Linux systems have different rules for different users accessing the same file (including directory files).

In Linux, we typically use the following two commands to modify the owner and permissions of a file or directory:

• chown (change owner): Modifies the owner and group.
• chmod (change mode): Modifies user permissions.

In the diagram below, chown is used to authorize users, and chmod is used to set permissions for users to open doors.

In Linux, we can use the ll or ls -l command to display the attributes of a file, as well as the user and group it belongs to, for example:

[root@www /]# ls -l
total 64
dr-xr-xr-x   2 root root 4096 Dec 14  2012 bin
dr-xr-xr-x   4 root root 4096 Apr 19  2012 boot
……

In the example, the first attribute of the bin file is indicated by d. d in Linux represents that the file is a directory file.

In Linux, the first character indicates whether the file is a directory, file, link file, etc.

• If it is d, it is a directory.
• If it is -, it is a file.
• If it is l, it is a link document (link file).
• If it is b, it represents a storage interface device (random access device) within a device file.
• If it is c, it represents a serial port device within a device file, such as a keyboard or mouse (one-time read device).

The following characters, grouped in threes, are combinations of the rwx parameters. Here, r stands for readable, w for writable, and x for executable. It is important to note that the positions of these three permissions do not change; if there is no permission, a hyphen - appears instead.

Each file's attributes are determined by the first 10 characters on the left (as shown in the diagram).

These characters are represented from left to right by the numbers 0-9.

The 0th character determines the file type, and the 1-3rd characters determine the owner's permissions.

Among them, the 1st, 4th, and 7th characters represent read permissions; if represented by the r character, there is read permission; if represented by the - character, there is no read permission.

The 2nd, 5th, and 8th characters represent write permissions; if represented by the w character, there is write permission; if represented by the - character, there is no write permission. The 3rd, 6th, and 9th characters represent executable permissions; if represented by the x character, there is executable permission; if represented by the - character, there is no executable permission.

Linux File Owner and Group

[root@www /]# ls -l
total 64
drwxr-xr-x 2 root  root  4096 Feb 15 14:46 cron
drwxr-xr-x 3 mysql mysql 4096 Apr 21  2014 mysql
……

For files, they all have a specific owner, that is, the user who has ownership of the file.

Also, in the Linux system, users are classified into groups, and a user can belong to one or more groups.

Users other than the file owner can be divided into users in the same group as the file owner and other users.

Therefore, the Linux system specifies different file access permissions for the file owner, users in the same group as the file owner, and other users.

In the above example, the mysql file is a directory file with the owner and group both being mysql. The owner has read, write, and execute permissions; users in the same group as the owner have read and execute permissions; other users also have read and execute permissions.

For the root user, under normal circumstances, file permissions do not affect them.

Changing File Attributes

1. chgrp: Change File Group

Syntax:

chgrp [-R] groupname filename

Parameter Options:

• -R: Recursively change the file group, meaning that when changing the group of a directory file, if the -R parameter is added, the group of all files under that directory will be changed.

2. chown: Change File Owner, and can also change File Group

Syntax:

chown [–R] ownername filename
chown [-R] ownername:groupname filename

Enter the /root directory (~) and change the owner of install.log to the bin account:

[root@www ~] cd ~
[root@www ~]# chown bin install.log
[root@www ~]# ls -l
-rw-r--r--  1 bin  users 68495 Jun 25 08:53 install.log

Change the owner and group of install.log back to root:

[root@www ~]# chown root:root install.log
[root@www ~]# ls -l
-rw-r--r--  1 root root 68495 Jun 25 08:53 install.log

3. chmod: Change File Permissions

Linux file permissions can be set using two methods: numeric and symbolic.

Linux files have nine basic permissions, divided into three groups: owner/group/others (user/group/other), each with their own read/write/execute permissions.

Let's review the data mentioned earlier: The permission string for a file is -rwxrwxrwx, and these nine permissions are grouped in threes. We can use numbers to represent each permission, with the following score table:

• r: 4
• w: 2
• x: 1

Each identity (owner/group/others) accumulates the scores of its three permissions (r/w/x). For example, if the permissions are -rwxrwx---, the scores are:

• owner = rwx = 4+2+1 = 7
• group = rwx = 4+2+1 = 7
• others = --- = 0+0+0 = 0

So when we change the permissions, the numeric value for the file permissions becomes 770. The syntax for the chmod command to change permissions is:

chmod [-R] xyz file or directory

Options and arguments:

• xyz: The numeric permission attributes, which are the sums of the rwx attribute values.
• -R: Recursively changes permissions for all subdirectories and files.

For example, to enable all permissions for the .bashrc file, the command would be:

[root@www ~]# ls -al .bashrc
-rw-r--r--  1 root root 395 Jul  4 11:45 .bashrc
[root@www ~]# chmod 777 .bashrc
[root@www ~]# ls -al .bashrc
-rwxrwxrwx  1 root root 395 Jul  4 11:45 .bashrc

If you want to change the permissions to -rwxr-xr--, the permission scores would be [4+2+1][4+0+1][4+0+0] = 754.

Symbolic Method to Change File Permissions

Another method to change permissions is using symbols. From the previous introduction, we know there are nine basic permissions:

• user: u
• group: g
• others: o

Additionally, a represents all, meaning all identities. The read, write, and execute permissions can be represented as r, w, x. The table below shows how to use these symbols:

| chmod | u <br>g <br>o <br>a | +(add) <br>-(remove) <br>=(set) | r <br>w <br>x | file or directory |

To set file permissions to -rwxr-xr--, you can use chmod u=rwx,g=rx,o=r filename:

# touch test1    // Create test1 file
# ls -al test1    // View default permissions for test1
-rw-r--r-- 1 root root 0 Nov 15 10:32 test1
# chmod u=rwx,g=rx,o=r test1    // Modify permissions for test1
# ls -al test1
-rwxr-xr-- 1 root root 0 Nov 15 10:32 test1

If you want to remove permissions without changing existing ones, for example, removing execute permission for everyone, you can do:

# chmod a-x test1
# ls -al test1
-rw-r--r-- 1 root root 0 Nov 15 10:32 test1

More Reference Content

• Linux chgrp Command
• Linux chown Command
• Linux chmod Command