File permissions are core to the security model used by Linux systems. They determine who can read, write and execute files.
How to view Linux file permissions?
To view file permissions, use the ls -ltr
command.
ls -ltr
Here’s what each part represents:
File type (-
for regular file, d
for directory, l
for symlink, etc.)
rw: Permission for owner (read, write)
r: Permission for the group (read)
r: Permission for others (read)
User owner: Muzammil
Group owner: root
rw-r--r--
This string is actually an expression of three different sets of permissions:
rw-
r--
r--
The first set of permissions applies to the owner of the file. The second set of permissions applies to the user group that owns the file. The third set of permissions is generally referred to as "others."
How to modify Linux file permissions?
In symbolic mode 'u'
stands for user owner, 'g'
for group owner, and 'o'
for others. For permissions, 'r'
stands for read, 'w'
for write, and 'x'
for execute.
To change user permissions of a file:
chmod permission filename
-
u
+x: Adds execute permission for the owner (user). g+w
: Adds write permission for the group.o-r
: Removes read permission for others.
To change the owner permission of a file:
chown owner filename
To change the group ownership of a file:
chgrp group filename
Access Control List
ACLs allow you to grant specific permissions to individual users or groups for a file or directory. It is useful in environments with complex permission requirements and offering more flexibility.
To view the ACLs of a file or directory:
getfacl filename
Examples
- Grant permission to a specific user:
setfacl -m u:username:r file.txt
- Grant permission to a specific group:
setfacl -m g:groupname:x file.txt
-
Remove all ACL entries for a specific user:
setfacl -x u:username file.txt
-
To remove all ACL entries from a file or directory:
setfacl -b file.txt