Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo
* * * * * 2 votes

A simple lesson for beginners about Linux file permissions.


  • Please log in to reply
6 replies to this topic

#1 Naught McNoone

Naught McNoone

  • Members
  • 303 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great White North
  • Local time:05:52 PM

Posted 11 November 2015 - 02:42 PM

A simple lesson for beginners about Linux file permissions.

To make this easier to digest, I have broken up the lesson into multiple posts.
Make sure you follow all four them in the correct order, or you may get lost or confused.

This exercise is done using Linux Mint Cinnamon, and has been tested using Xubuntu.
There may be some variation, when done with other distributions.


1. Introduction and Preparation:

Create a new sub directory in your home directory called "lesson". (Without the quotation marks!)

Create a new file in in the lesson sub directory called "test".

Using which ever text editor is installed on your system, open and edit the test file to look like this:

    # Lesson Test File
    echo Hello! My name is Lesson Test File

Now, open a terminal in the folder lesson.
Your bash prompt should now look something like this:

    user@computer:~/lesson$

The prompt will have the user name, computer name, and the current directory followed by a $ sign.

Now, type the command "ls -l", and press enter. Don't forget the space between ls and -l!

    user@computer:~/lesson$ ls -l

You should see a line on your screen that looks like this:

    -rw-rw-r-- 1 user user 1 Nov 10 15:18 test


The first part is a bunch of dashes and letters, r, w, and sometimes x.
These are the permissions we are going to learn about.
The rest of the information consists of things like owner, group, size, name, etc. More about that in another lesson.


So, what does -rw-rw-r-- mean?

There are ten characters, and they can be either -, d, r, w, or x.

The dash - is a null, or zero and means "permission denied"!
The d, which is found only as the first character, means directory.
The r is for read, w is for write, x is for execute.
We are going to deal with the nine characters that follow the leading - or d.


Now I would like you to enter the command "mkdir files".

    user@computer:~/lesson$ mkdir files

Now use ls -l again.

A second line has been added. Here is what you should see:

    drwxrwxr-x 2 user user 4096 Nov 10 15:56 files
    -rw-rw-r-- 1 user user 1 Nov 10 15:18 test

Notice that the letter d now precedes the permissions, indicating that "files" is a directory.

OK, are you still with me? Or have you gone to sort your sock drawer?

Lets move on the the next bit, on the next post.



BC AdBot (Login to Remove)

 


m

#2 Naught McNoone

Naught McNoone
  • Topic Starter

  • Members
  • 303 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great White North
  • Local time:05:52 PM

Posted 11 November 2015 - 02:49 PM

2. Owner, Group and Other permissions:

Our primary concern is with the characters r, w, and x.
They are always found in the nine spaces following the d or - character.

Here is a sample output from my terminal:

    -rwxrwxrwx 1 grandpa grandpa 59 Nov 10 23:58 test


Lets get rid of the excess and deal only with the permissions.

    -rwxrwxrwx

Now, look at the nine characters after the dash. They repeat themselves.

    rwx rwx rwx

Each group of three represents the permissions of the owner, group, and others.

In the case of your test file, rw-rw-r-- means the following:

First Three        rw-    the owner has the right to read and write to the file
Second Three    rw-    the group has the right to read and write to the file
Third Three        r--    all other users can only read the file, not write to it

Still with me? OK, lets play with the file.

Enter the following command, "chmod 764 test", and then do the "ls -l" thing again.

    user@computer:~/lesson$ chmod 764 test
    user@computer:~/lesson$ ls -l

    -rwxrw-r-- 1 user user 1 Nov 10 15:18 test

Look how our permissions changed. We now have rwxrw-r--

What we did was change the mode of the file. We added an x to the owner's permissions.
This makes the file executable by the owner.

Try it and see. Enter the command "./test" and see what happens.
The ./ in front of the file name tells bash it is in the current directory.

    user@computer:~/lesson$ ./test
    Hello! My name is Lesson Test File

Lets change the mode back to where it was.
Enter the command "chmod 664 test" and do the "ls -l" thing again.

    user@computer:~/lesson$ chmod 664 test
    user@computer:~/lesson$ ls -l

    -rw-rw-r-- 1 user user 1 Nov 10 15:18 test

Now try to run the file again, and see what happens.

    user@computer:~/lesson$ ./test
    bash: ./test: Permission denied
    
Because the file is no longer executable, bash can no longer run it!

Something else you may notice is that the colour of the file name has changed in the terminal. Executable files are by default green. Non executable files are the system white on black.

We can make the file readable, writeable, or executable for just ourself, or any group member, or any user.

Still with me? Or have you gone to watch some paint dry?

Lets move on and play with the file permissions.



#3 Naught McNoone

Naught McNoone
  • Topic Starter

  • Members
  • 303 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great White North
  • Local time:05:52 PM

Posted 11 November 2015 - 02:54 PM

3. Setting File Permissions using the chmod command:

So we know we can change the permissions on a file using the chmod command.

We also know that it involves using a 3 digit number.

By using the numbers 0, 1, 2, & 4 you can make any combination that adds up to seven.

7 is the magic number that grants all permission.
0 in the magic number that denys all permission.


Here are the values of each permission:

Value    Permission
4    read ( r )
2    write (w)
1    execute (x)
0    denied (-)

Look at the chmod command: "chmod 764 test"

The three numbers after the chmod are the total permission values for the owner, group, and other users, in that order.

To make a file readable, we give a value of 4.
To make a file readable and writeable, we give it a value of 4 + 2, which equals 6.
To make a file readable, writeable, and executable, we give it a value of 4 + 2 + 1, which equals 7.

So, chmod 764 would give the owner read, write, and execute.
The group would have read and write privileges, but could not execute the file.
All other users can read the file, but cannot write to it or execute it.

Try entering "chmod 710 test" and see what happens.

    user@computer:~/lesson$ chmod 710 test
    user@computer:~/lesson$ ls -l

    -rwx--x--- 1 user user 1 Nov 10 15:18 test

By assigning a value of 1 to the groups permissions, we have made the file executable to any one in the user group.
However, they do not have the ability to view or modify the file. They can see the result, but no the actual script.
All other users in the system are denied read, write, or execute permission on the file.

Try the chmod command with 751.

    user@computer:~/lesson$ chmod 751 test
    user@computer:~/lesson$ ls -l

    -rwxr-x--x 1 user user 1 Nov 10 15:18 test

Our group members can now read the file, and both our group and all other system users can execute it.

Clear as mud? If your still with me, then you are on your way to becoming a real Linux Geek! Lets move on.



#4 Naught McNoone

Naught McNoone
  • Topic Starter

  • Members
  • 303 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great White North
  • Local time:05:52 PM

Posted 11 November 2015 - 02:58 PM

4. Practice and Summary:


WARNING!
DO NOT ATTEMPT TO CHANGE PERMISSIONS ON ANY OF YOUR SYSTEM FILES! THIS WILL BREAK YOUR SYSTEM!

 

 

Go ahead and play with the permissions on our test file.

You can make it do crazy things.

Here is a stupid idea. Change the permissions to 000.

    user@computer:~/lesson$ chmod 000 test
    user@computer:~/lesson$ ls -l

    ---------- 1 user user 59 Nov 10 23:58 test

Now, go back to your desktop, and look at the file in your file manager.
Did the icon change?
Try clicking on it to open it.
Oops!

    Unknown file type
    The file "test" has no known programs associated with it. If you trust the
    source of this file, and have sufficient permissions, you can mark it
    executable and launch it. Or, you can use the Open With dialog to pick a
    program to associate it with.

    Mark executable and run        Choose a program        Cancel

Cancel the warning your get.

Try other combinations to see what happens.

The default for a newly created file is 664.
Script files that you create are usually 755.
Shared files for all users can be 666 or higher.

System files, like those located in the /bin directory look like this

    user@computer:~/lesson$ ls -l /bin/chmod
    -rwxr-xr-x 1 root root 56032 Jan 13 2015 chmod

They are executable by any user, but only root has full permissions on them.

You may find some files that look like this

    -rwx------ 1 root root 56032 Jan 13 2015 scriptfile

This example would be a script file that only root is allowed to run.


Hopefully I have given you two things. A better understanding of Linux file permissions and how they are used, and an introduction to using the command line terminal to do things.

I will try and follow up on other beginner lessons, if this one is well received.

Cheers!

Naught McNoone



#5 JR999

JR999

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:52 PM

Posted 13 November 2015 - 10:03 PM

Hello Naught,

 

I'm new to Linux and you were helping me two wks ago on a Memtest 86 & no video problem. I'm still working on it. Currently, I'm studying partitioning and installing the OS. I've been too busy learning and haven't had time to turn on the Live DVD. = no terminal time.  Also, I'm letting the thread cool off a bit.

 

I read this through twice and I didn't get it - for beginners?

3rd time thru, and hours apart, I could follow about half way. After that my mind ran out of memory (ha).

 

Is this lesson on "permissions" the Linux way - for a business person to make directories and files, for themselves and employees or would I need "the permissions" for much more... than what I currently don't know?

 

I'm more apt to point & click than to remember commands. On my thread, I was looking for the Terminal partition / format Commands - as opposed to the Diskpart Commands. Is there a short list of Terminal Commands, similar to Diskpart? I'm just asking... (yes or no). For me, it looks like GPart is the way to go.

 

A simple lesson for beginners about Linux file permissions.

Are you saying that I may need "permissions" to set such commands? Basically, What would I use this for?

 

Well done and I appreciate your effort. At least I know this is here, if I ever need it.


Edited by JR999, 13 November 2015 - 10:10 PM.


#6 Naught McNoone

Naught McNoone
  • Topic Starter

  • Members
  • 303 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great White North
  • Local time:05:52 PM

Posted 14 November 2015 - 04:54 PM

. . .I read this through twice and I didn't get it . . .Is this lesson . . . the . . . way - for a . . . person to make directories and files . . . would I need "the permissions" for much more.

 

 . . . Terminal partition / format Commands . . .  opposed to the Diskpart Commands. . . .

 

 . . . Are you saying that I may need "permissions" to set such commands . . .

 

JR,

 

First of all, this is a hands on, do it as you go, tutorial.  You need to actually do the instructions in a working Linux environment in order to benefit from it.

 

Reading through the whole thing before you begin is a good idea, but it is a practical lesson, not a theoretical one.  It should work using a live DVD/USB distro, though.

 

It is intended to give you an understanding of what permissions are.  Permission levels are one of the things that help keep Linux a secure operating system.  An ordinary user can not perform tasks that only Root is allowed to do, because of the permission level of Root only commands.

 

Permissions are automatically assigned by the system at a time a file is created.  System files that are created during the install process are automatically the property of Root, so you do not have to change any of these.

 

Command line partition tools, like cfdisk, are for Root's use only.  Ordinary users do not have access to them.  That being said, cfdisk is not a tool for beginners.

 

The best tool for beginners is gparted.  Again, to run gparted in a working Linux environment, you need Root privileges. It is not something to be toyed with lightly.  You can cripple or erase your entire system.

 

If you wish to use gparted to modify a hard drive, you can download a live cd version of the program, and create a bootable disk that will let you run gparted without starting Windows or Linux.  And yes, you can create Windows partitions using gparted.

 

If your computer is still having hardware issues, you must fix them first before you continue. 

 

After that, test drive one or all of the Linux distros that have been suggested to you, and decide which one to install.

 

When the time comes to make the permanent install, let the install program guide you through the process.  It will use gparted to set up your hard drive for you.

 

Then come back and go through the list of tutorials, and practice what you see.

 

Cheers!

 

Naught.


Edited by Naught McNoone, 14 November 2015 - 04:55 PM.


#7 lacey16

lacey16

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:11:52 PM

Posted 28 April 2016 - 05:07 AM

This is brilliant.  The best I have seen.    Thanks






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users