Everything in Linux is a file. Access to the files is controlled by assigning permissions on the basis of file owner, a group of users, or all users. Three types of permissions can be assigned to a file - read (r), write (w) and execute (x).To view the permissions for all files in a directory, type the following in terminal:root@kali:~# ls -l
You can see multiple rows of data, with each row having 9 columns. The filename is displayed on the right most column.To view the permissions of one particular file, type the following in terminal:root@kali:~# ls -l <filename>
One row of data, having 9 columns is displayed.Now let us try to understand these columns.In the first column, we have something like -rw-r--r-- or drwxr-xr-x. This is the "permission string" having 10 characters.-> The first character denotes the file type.d: denotes a directoryl: denotes that the file is linked to another file (Symbolic Link - read google)-: denotes a normal data file, could be a text file, audio/video file or graphics image.-> The next three characters(2,3,4) denote the permissions for owner of the file.-> The next three characters(5,6,7) denote the permissions for group users.-> The next three characters(8,9,10) denote the permissions for all users.Characters 2,5,8 are used to denote READ permission (r) and have a numerical value of 4.Characters 3,6,9 are used to denote WRITE permission (w) and have a numerical value of 2.Characters 4,7,10 are used to denote EXECUTE permission (x) and have a numerical value of 1.Below is a chart to understand the permission string better:Permission string in segments: _ | _ _ _ | _ _ _ | _ _ _
Character Position in the string: 1 | 2 3 4 | 5 6 7 | 8 9 10 |Permission assigned: | r w x | r w x | r w xNumerical value of permission: 4 2 1 4 2 1 4 2 1For example:
- -rw-r--r-- permission on a file denotes that it is a normal data file; has read permissions for owner, group users and all users; and has write permission only for the owner.
- drwxr-xr-x permission on a file denotes that it is a directory; has read and execute permission for owner, group users and all users; and has write permission only for the owner.
The second column indicates the number of links for the file. 'Links' is an advanced concept in Linux, where more than one filename can be used to refer to one file.The third column gives the name of the owner of the file.The fourth column gives the name of the group this file belongs to.The fifth column gives the file size in bytes. If we run this command, root@kali:~# ls -hl ,
the file size is displayed in a readable form, i.e. in kilobytes and megabytes.The sixth, seventh and eighth columns display the creation time for the file. The ninth column represents the filename. Can we modify the permissions for a file?Yes, it is possible, but only the root user can do it. The 'chmod' command is used to modify the permissions of a file. The basic syntax for 'chmod' is as follows:root@kali:~# chmod <permissions> <file>
Here the <permissions> parameter is a 3 digit number, where each digit represents the numerical sum of the permissions assigned for owner, group users and all users respectively.Consider the value 777. The first 7 on the left denotes that read(4), write(2) and execute(1) permissions have been assigned to the owner [4+2+1=7]. Similarly we calculate for group users (second digit) and all users (third digit on the right).Consider the value 764. The first 7 denotes that read(4), write(2) and execute(1) permissions have been assigned to the owner [4+2+1=7]. The second 6 denotes that read (4) and write (2) permissions have been assigned to group users [4+2=6]. The third 4 denotes that only read (4) permissions have been assigned to all users.Hope you get how it works!Now let us try to modify the permissions for a file.We have a file "data.txt" which returned the following output with "ls -l".-rw-r--r-- 1 root root 0 Oct 8 12:03 data.txt
Let us give executable permissions for the owner alone.root@kali:~# chmod 744 data.txt
Now the following output is returned with "ls -l".-rwxr--r-- 1 root root 0 Oct 8 12:03 data.txt
Here the owner already has read(4) and write(2) permissions [4+2=6]. We just update the value to have execute (1) permission also, by giving first value as 7 after chmod. Group users and all users already have read(4) permission only, since we do not want to modify it, we just specify 44 in chmod command.