DEV Community

Cover image for Shell Permissions
Haile Melaku
Haile Melaku

Posted on • Edited on

Shell Permissions

So Linux operating system are not only multitasking but also multi-user(different users).

multi-user means that more than one person can be operating the computer at the same time.

Now let's see how to read and set file permissions in different format.


File Permissions

Linux system has permission for different files and directory's assigned access rights for the owner or user(u) of the file, the members of a group(g) of related users, and everybody(o) else.

Linux system divides the authorization in to two

  • Ownership

  • Permission

Linux File or Dir Ownership

There are 3 types of owner

User By default, the person who created a file becomes its owner
Group contains multiple user and all users in a group have the same permission.
Other everybody else, anybody has permission

Linux File or Dir Permissions

There are 3 types of permission

Read gives permission to open and read files and the ability to lists its content on directory.
Write gives permission to modify a file and on a directory to add, remove and rename files stored in the directory.
Execute gives permission to execute or run a file.

To view the permission of a file or Dir use the command:
ls -l

Image description

r = read permission
w = write permission
x = execute permission
– = no permission

The first ‘–‘ implies that we have selected a file.

Image description

We use the command chmod to set permission

chmod <permission> <file and dir>

There are two ways of setting a permission

  • Absolute mode

  • Symbolic mode


Absolute(Numeric) Mode in Linux

The absolute(numeric) mode uses numeric format to specify ownership and permission.

To really learn how find the number we need to learn how to turn binary's into numbers, don't worry if you don't get it you can just memorize the numbers but turning binary into numbers is a really easy way to do it.

Binary to numbers

It is really easy to turn binary to number just multiply each bit with 2^n then add all the number to get the decimal.

Image description
Example

110 = 2^2 * 1 + 2^1 * 1 + 2^0 *0 = 4*1+2*1+1*0 = 4+2+0 = 6
100 = 2^2 * 1 + 2^1 * 0 + 2^0 *0 = 4*1+2*0+1*0 = 4+0+0 = 4

Here is how absolute(numeric) mode works

rwx rwx rwx = 111 111 111 = 777
rw- rw- rw- = 110 110 110 = 666
rwx --- --- = 111 000 000 = 700

So basically we consider - as 0 bit and r,w or x as 1 bit

rwx = 111 = 2^2*1 + 2^1*1 + 2^0*1 = 7
rw- = 110 = 2^2*1 + 2^1*1 + 2^0*0 = 6
r-x = 101 = 2^2*1 + 2^1*0 + 2^0*1 = 5
r-- = 100 = 2^2*1 + 2^1*0 + 2^0*0 = 4
--- = 000 = 2^2*0 + 2^1*0 + 2^0*0 = 0

Now that we understand how the mode works we need to use it

To give permission of -rwx--xr-x = 715 use the command

chmod 715 <file_name or dir name>

Image description


Symbolic Mode in Linux

The Symbolic mode uses Symbols to modify permissions of a specific owner and use of mathematical symbols to modify the Unix file permissions.

+ Adds a permission to a file or directory
– Removes the permission
= Sets and overrides the permissions set earlier.

Owners are represented as

u user/owner
g group
o other
a all

How to use this

Adding permission
to add execute permission to the user use the + operator
chmod u+x <file or dir>

Image description

Remove permission
to remove read permission to the group use the - operator
chmod g-r <file or dir>

Image description

setting permission
to set a read and write permission to all use the operator =
chmod a=rw <file or dir>

Image description

Image description

Now that we seen how permission work, we will see some commands and how to use them.


chmod

The first command we will see is chmod which is used to change the permissions of a file or directory.

To use the command:

chmod <PERMISSION_MOD> <FILE_OR_DIR>

Image description

Usually implemented options include:

  • -R Recursive, i.e. include objects in subdirectories.

  • -v verbose, show objects changed (unchanged objects are not shown).

Use --reference=REF_FILE to set the permission of the new file relative to the ref_file.

chown --reference=REF_FILE FILE

Image description

Tip: for more info checkout chmod or use man chmod


su

su is a program that can give you temporary access to the superuser's privileges.

To exit the superuser session, type exit and we will return to your previous session.

su
su <USER_NAME>

Image description

To exit a shell use exit command
exit

Image description


sudo

sudo command is used to execute a command as the superuser, the desired command is simply preceded with the sudo command.

sudo <SOME_COMMAND>

Image description


chown

We use the chown command to change the ownership of a file, like changing the owner of file1 form me to you.

chown [OPTIONS] USER[:GROUP] FILE(s)

chown <CHANGED_OWNER> <FILE>

Image description

you can also change the owner and the group at the same time

chown USER:GROUP FILE

Image description

To recursively operate on all files and directories under the given directory, use the -R (--recursive) option.

chown -R USER:GROUP DIRECTORY

The --reference=ref_file option allows you to change the user and group ownership of given files to be same as those of the specified reference file (ref_file).

chown --reference=REF_FILE FILE


chgrp

We use the chgrp command to change the group ownership of a file or directory.

chgrp <NEW_GROUP> <FILE>

Image description

Tip: for more info use the man page


id

We use the id command to print the user and group name and ID of the current user or any other user in the server.

id [OPTION]… [USER]

Image description

use the man page for more info on options


groups

We use the groups command to prints the names of the primary and any supplementary groups for each given username and manage users with the same security and access privileges.

groups [username]...

Image description

use the man page for more info


whoami

we use the whoami to displays user, group and privileges information for the user who is currently logged on to the local system.

whoami

Image description

use the man page for more info


adduser

we use the adduser to add a new user to your current Linux machine.

But you need to install adduser using the command
sudo apt-get install adduser

adduser <username>

Image description

for more info read adduser


useradd

we use the useradd to add user accounts to your system.

useradd [options] name_of_the_user

Image description

for more info read useradd


addgroup

we use the addgroup to add a new group to your current Linux machine.

sudo addgroup <groupname>

Image description

for more info read addgroup


Top comments (0)