the file and directory permissions they are an essential part of the GNU / Linux world, and are one of the parts that have been inherited from what had been present in Unix for years. For a significant number of users who have had to deal with the fact of reaching this platform at some point or another it is one of those issues that blocks and imposes respect, but how everything in this life is simple to understand if we are given the right help.
In this post we will try to clarify some doubts, and be as clear, basic and essential as possible so that everyone can begin to understand how file and directory permissions work in GNU / Linux. It is by no means an advanced guide so those who already have experience in this subject can go a long way, because we will try to be clear and detailed for those who are just starting out in this operating system, or those who have been using it. this platform for some time still have not learned this well.
The first thing to understand is that permits are divided into three groups: owner, group, and others, Which represent the access permissions who will have the owner of the file or directory, those who will have a user who belongs to the group that owns that file or directory, and those who will have the rest of the system users. To view these permissions we can go to any directory and run the following:
We will see similar to what we have in the image above of this post, where we have information represented in several rows and columns. The latter show us something like -RW-rr- 1 root root 164 November 11, 2014 xinitrc, And what we see right on the left is what we’re going to be most interested in to begin to understand how we can manage permissions. This first column shows us 10 spaces, each with a different meaning depending on whether it is occupied by:
- b: block device
- c: character device (e.g. / Dev / tty1)
- d: directors
- l: symbolic link (e.g. / Usr / bin / java -> / home / programs / java / jre / bin / java)
- p: named pipe (e.g. / Proc / 1 / maps)
- – Unassigned permission
- r: reading
- w: writing
- x: execution
The d will only be present in the first space starting from the left, and means that the element in question is a directory, So if we have this space occupied with a hyphen “-” we will be in front of a file. after, the following nine spaces are divided into three groups of three, and the order is always as follows: rwx, which represents the write, read, and execute permissions for the owner, group, and others (others) respectively.
What follows is a number that shows us the number of links to this file or directory, a figure that is often 1, sometimes it can be 2 and a few, at least, have another number. This doesn’t matter for now, or at least it’s not significant for our purpose of mastering file permissions on Linux, so let’s move on to the next field as this does interest us as this ‘root’ we see there means that he owns this file, and the ‘root’ we see in the fourth column implies that the file also belongs to the ‘root’ group. The following fields then represent the inode size, date, and file or directory name.
With this information in mind we will be able to begin to understand what follows, which is the numeral nomenclature for permits, Something very typical of GNU / Linux, BSD and other nix systems. In addition, this nomenclature will help us to change file permissions quickly using the chmod command, and is what we will see in another post but for now we can focus on the following: read permission means we can see the contents of this file or directory, writing means we have permission to modify the file or directory and execution permission means we can run the file or, if we are in front of a directory, which we can search in the (That is, make «ls»). This explains why key files on the system, such as / usr /, / usr / bin or / usr / lib have execution permission enabled but not write permission except for the owner, as all users we can execute all commands but not modify or delete anything until we are offered these permissions or we become ‘root’ using the ‘his’ command.