CompTIA Linux+ (XK0-004)
Red Hat Enterprise Linux
Git and Github
Learn Docker and Kubernates
Tips and Tricks

8. Managing Permissions

Basic File Permissions

File Permission

Folder Permission

r => read (open the file)

r => read (list the files in the directory)

w => write (modify a file)

w => write (add files and delete files)

x => execute (execute the binary code or script)

x => execute (open the directory)

u => user, g => group, o => or others, a => all
Octal method for setting up the permission
# They are equivalent permissions:
chmod o+rwx myfile
chmod 007 myfile

Special Permissions

In addition to the basic permissions, there are three other permissions that are used in certain situations.

  • SUID => Set User ID (for user): chmod u+s my_file

  • SGID => Set Group ID (for group): chmod g+s my_file

  • Sticky => for everyone: chmod o+t my_file

SUID => When this is set on a file, script, or executable, it means to run that file or application with the permission of the owner. This is primarily used to elevate the privileges of the current user. Typically, this is run against a root file. It looks like the following:

Sticky => The sticky bit controls the deletion from the directory. When it is set, only the owner of the file will be able to delete that file. This is set on the directory level with a value of 1.

sticky bit

When the lowercase t is set, it shows the execute permission is set. When the uppercase T, that means the execute permission is not set.

How to set a sticky bit:

The two files are different, and serve different purpose.

  • /etc/passwd is user database (fun fact: contrary to its name, it doesn't store passwords - those are stored (possibly in hashed form) in /etc/shadow) - see man 5 passwd (i.e. passwd(5)), man 5 shadow (i.e. shadow(5)).

  • /usr/bin/passwd is utility that is supposed to modify user records stored in /etc/passwd and /etc/shadow. See man 1 passwd (i.e. passwd(1))

Reference

Learn all about permissions and advanced related concepts

Difference between chown and chmod:

In simple term chown is used to change the ownership of a file while chmod is for changing the file mode bits.

  • chown defines who owns the file.

  • chmod defines who can do what.