8. Managing Permissions

Basic File Permissions

File Permission

Folder Permission

r => read (open the file)

r => read (list the files in the directory)

w => write (modify a file)

w => write (add files and delete files)

x => execute (execute the binary code or script)

x => execute (open the directory)

u => user, g => group, o => or others, a => all
Octal method for setting up the permission
# They are equivalent permissions:
chmod o+rwx myfile
chmod 007 myfile

Special Permissions

In addition to the basic permissions, there are three other permissions that are used in certain situations.

  • SUID => Set User ID (for user): chmod u+s my_file

  • SGID => Set Group ID (for group): chmod g+s my_file

  • Sticky => for everyone: chmod o+t my_file

SUID => When this is set on a file, script or executable, it means run that file or application with the permission of the user owner. Typically, this is run against a root file. It looks like the following:

Sticky => When it is set, only that user owner will be able to delete that file.

The two files are different, and serve different purpose.

  • /etc/passwd is user database (fun fact: contrary to its name, it doesn't store passwords - those are stored (possibly in hashed form) in /etc/shadow) - see man 5 passwd (i.e. passwd(5)), man 5 shadow (i.e. shadow(5)).

  • /usr/bin/passwd is utility that is supposed to modify user records stored in /etc/passwd and /etc/shadow. See man 1 passwd (i.e. passwd(1))

Reference

Learn all about permissions and advanced related concepts

Difference between chown and chmod:

In simple term chown is used to change the ownership of a file while chmod is for changing the file mode bits.

  • chown defines who owns the file.

  • chmod defines who can do what.