The second part of this week’s 2-Bullet Tuesday, let us know if you like the split post format. See the first part here.

Linux Concept of the Week: File Ownership and Permissions

In last week’s discussion of the ls command, you might have seen that ls -l shows a whole lot of information about the file’s ownership and permissions:

root@Omega-8329:~# ls -l
drwxrwxr-x    2 1000     1000             0 Jan 25 19:46 dataLogs
-rw-r-----    1 root     root         11662 Jan 26 20:51 imu.py
-rwxrw-r-x    1 root     root            85 Jan 31 19:01 test.sh

Before we talk about permissions, it’s important to understand that all files and directories in Linux have an owner. The file owner is able to change the file’s permissions and even transfer ownership to a different user. In the output of ls -l, the file’s owner is listed in the third column from the left.

Also important to note is that every user in Linux belongs to at least one user group. User groups are used to easily grant and remove certain administrative privileges to users. The user group is listed in the fourth column. In our case, the root user belongs to a group of the same name.

The file’s permissions are represented by 10 characters in the very first column of the ls -l output:

  • The first character tells us what we’re dealing with:
    • for a file
    • d for directory
    • l for a link.
  • The next nine characters are sets of three (triples) that let us know the permissions for the owner, any users that belong to the owner’s group, and all other users, in that order.
    • Each triple defines the read, write, and execute permissions of the file for the particular party in that order.
    •  means that particular permission is not granted.

 

Going back to our ls -l output:

root@Omega-8329:~# ls -l
drwxrwxr-x    2 1000     1000             0 Jan 25 19:46 dataLogs
-rw-r-----    1 root     root         11662 Jan 26 20:51 imu.py
-rwxrw-r-x    1 root     root            85 Jan 31 19:01 test.sh

Let’s take a look at the first item, dataLogs:

  • d It is a directory
  • rwx The owner, root has read, write, and execute permissions
  • rwx Users in the owner’s group also have read, write, and execute permissions
  • r-x All other users have only read and execute permissions

For directories, the execute permission means that viewing the contents of the directory is allowed. So the owner and user’s in the same group can view and modify the directory, while other users can only view it.

Next, imu.py:

  • It is a file
  • rw- The owner has read and write permissions, so they can view and modify the file
  • r– Users in the owner’s group have only read permissions, just allowed to view the file
  • All other users don’t have any permissions, not allowed to access the file at all

The last item, test.sh has more open permissions:

  • It is a file
  • rwx Full read, write, and execute permissions for the owner
  • rw- Read and write permissions for the owner’s user group
  • r-x Read and execute permissions for other users, so they can view and execute the file, but not modify the contents

 

See our Intro to Linux series for more explanations like this one!

 

Let us know if this edition was a little too long and what kind of stuff you would like to see featured on 2-Bullet Tuesday! Send a tweet to @OnionIoT with your suggestions!

Thanks for reading! Have a great week!

Team Onion