Startertutorials Blog
Tutorials and articles related to programming, computer science, technology and others.
Subscribe to Startertutorials.com's YouTube channel for different tutorial and lecture videos.

Categories: Unix Programming. No Comments on File Permissions in Unix with Examples
0
(0)

In this article we will look at file permissions in Unix with examples and commands associated with managing file permissions in Unix.

 

Introduction

Every file has a set of permissions associated with it, which determines who can do what with the file. If your directory contains files with sensitive information, we can change their permissions such that they are not accessible to other users. Care should be taken that on every Unix system, there is a special user called super user who can read or modify any file on the system.

 

The special login name root carries super user privileges which is used by system administrators. There is command called su that grants the super user status if you know the root password.

 

For more privacy, we can change the data in the file by using the crypt command which makes the file non-readable. Although crypt command is fairly secure, it not a bullet proof solution. In real life, most security breaches are due to weak passwords.


Subscribe to our monthly newsletter. Get notified about latest articles, offers and contests.


 

Whenever an user is created, the system assigns a login identification (login-id), an user-id or uid (a number) and a group-id (a number). The file system determines what you can do by the permissions granted to your uid and group-id.

 

The file /etc/passwd is the Unix password file, which contains the login information of all users of that system. The general format of a line from this file is as given below:

 

login-id:encrypted-password:uid:group-id:user-full-name:login-directory:shell

 

The content of /etc/passwd file is as shown below:

 

etc passwd file Unix

 

The character x in the password field says that the password is encrypted and is stored in a separate file /etc/shadow. The content of this file is shown below:

 

etc shadow file unix

 

File Permissions in Unix

Let’s observe the permissions for the file /etc/passwd. We can see the permissions by using the command ls -l as shown below:

 

File Permissions in Unix with Examples

 

There are three kinds of permissions for each file: read, write, and execute. Also we can have different permissions for different people. In the figure above we can see that the file permissions are displayed as rw-r–r–.

 

The first three permissions belongs to the owner of the file. The second three permissions belongs to the people in the group to which the owner belongs to and the third set of three permissions belongs to the people outside the group which contains the owner. We can say that the owner (root) has read and write permissions on the file. The people in the group (root) has read permission and everyone else has read permission.

 

For a directory, read permission means we can use ls command to list the contents of the directory or use other commands to access the files in the directory. The write permission allows us to delete or create files in that directory. The execute permission means whether we can search for a file in that directory or not.

 

The chmod (change mode) command changes the file permissions. The permissions can be specified as octal numbers or by symbolic description. While using numbers, 4 is for read, 2 is for write, and 1 is for execution permission. The maximum value for a permission is 7 (read+write+execute) and minimum value is 1 (execute). We can use chmod commad as shown below:

 

chmod with numbers Unix

 

For symbolic codes we can use + sign for turning on a certain permission and – for turning off a certain permission for all users. Changing file permissions using symbolic codes is shown below:

 

chmod with symbols

 

Changing the permissions on a directory will not change its modification date. The modification date reflects the changes to files in the directory, not to the changes in permissions of the directory. The permissions and dates are not stored in the directory/file itself. They are stored in a system structure called index node (inode).

 

The chmod Command

This command is used to change the permissions of a file after it is created. Only the owner of the file or the super user can change file permissions. The general usage of this command is given below:

 

$chmod expression filename

 

The expression can contain the following information:

  • The information about the category of users (user – u, group – g, others – o, all – a).
  • The information about granting, or removing the permission (+, -, =).
  • The information about the type of permission (read – r, write – w, execute – x).

 

The + operator is used to grant permissions and the – operator is used to remove the permissions. The = operator is used to assign absolute permission i.e., when we give a permission using = operator, already existing permissions will be removed.

 

To assign execute permission for the owner (user) we can write chmod u+x filename. To remove write permission for group we can write chmod g-w filename. To assign read permission for all users we can either write chmod a+r filename or we can write chmod +r filename.

 

We can also use octal numbers for assigning permissions to a file. For read we will give 4, for write we will give 2, and for execute we will give 1. While using octal numbers we will specify a three digit number, where each digit can be a maximum of 7. For example, to assign read-write-execute to owner, read-write to group, and read to others, we can write chmod 761 filename.

 

The chown Command

When a file is created by a user, he/she becomes the owner of that file. Sometimes, it is required to change or transfer the ownership of a file from one user to another user. We can do so in two ways. One way is to copy the file from the current user directory to the new user’s directory. Second way is to use the chown command.

 

For example, to change the owner of the file myfile to the user John, we can write chown John myfile. We can also use -R option to change the ownership of all files recursively in the current directory.

 

The chgrp Command

We can change the group of an existing file by using the chgrp command. Only the owner of the file can change the group membership of a file. We may have to change the group when new groups are created or when files are copied to a new system.

 

For example, to change the group of a file myfile to the group name newgroup, we can write chgrp newgroup myfile. We can also use -R option to change the group membership of all files recursively in the current directory.

 

For additional information, you can visit the following links:

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Suryateja Pericherla

Suryateja Pericherla, at present is a Research Scholar (full-time Ph.D.) in the Dept. of Computer Science & Systems Engineering at Andhra University, Visakhapatnam. Previously worked as an Associate Professor in the Dept. of CSE at Vishnu Institute of Technology, India.

He has 11+ years of teaching experience and is an individual researcher whose research interests are Cloud Computing, Internet of Things, Computer Security, Network Security and Blockchain.

He is a member of professional societies like IEEE, ACM, CSI and ISCA. He published several research papers which are indexed by SCIE, WoS, Scopus, Springer and others.

Leave a Reply

Your email address will not be published. Required fields are marked *