Skip to content
Linux Starlight

2.4 Permission Management

In Linux, every file and directory is owned by a User and a Group, and has permissions for User (u), Group (g), and Others (o).

Viewing Permissions

Section titled “Viewing Permissions”

Run ls -l:

-rwxr-xr--  1 alice developers  2048 Jan 01 12:00 script.sh
  • -: File type (- = file, d = directory).
  • rwx: User permissions (Read, Write, Execute).
  • r-x: Group permissions (Read, no Write, Execute).
  • r--: Others permissions (Read only).
  • alice: Owner.
  • developers: Owning Group.

Changing Permissions (chmod)

Section titled “Changing Permissions (chmod)”

Symbolic Mode

Section titled “Symbolic Mode”

Easy to read.

  • chmod u+x script.sh: Add execute for user.
  • chmod g-w file.txt: Remove write for group.
  • chmod o=r file.txt: Set others to read only.

Octal Mode

Section titled “Octal Mode”

Professional shortcut.

  • Read (r) = 4
  • Write (w) = 2
  • Execute (x) = 1

Common patterns:

  • 755 (rwxr-xr-x): Standard for scripts/programs. User full, others read/exec.
  • 644 (rw-r--r--): Standard for data files.
  • 600 (rw-------): Secure (SSH keys). Only owner can read/write.
  • 777: Everyone can do everything. Avoid this!

Changing Ownership (chown)

Section titled “Changing Ownership (chown)”

Only root can change ownership of files.

# Change owner to bob
sudo chown bob file.txt

# Change owner to bob and group to staff
sudo chown bob:staff file.txt

```bash
# Recursive (folder)
sudo chown -R bob:staff /var/www/html

Special Permissions

Section titled “Special Permissions”

Beyond standard read/write/execute, there are three special permissions:

PermissionCodeFunction on FileFunction on Directory
SUID (Set User ID)s (4)Run as the file owner (e.g., passwd).N/A
SGID (Set Group ID)s (2)Run as the group owner.New files inherit the group.
Sticky Bitt (1)N/AOnly owner can delete their own files (e.g., /tmp).

Setting Special Permissions

Section titled “Setting Special Permissions”
  • Symbolic:
    • chmod u+s file (SUID)
    • chmod g+s dir (SGID)
    • chmod +t dir (Sticky)
  • Octal (Fourth digit prefixed):
    • chmod 4755 file (SUID)
    • chmod 2755 dir (SGID)
    • chmod 1777 dir (Sticky)

Default Permissions (umask)

Section titled “Default Permissions (umask)”

When you create a file or directory, it gets default permissions determined by the umask.

  • Standard umask: 0022 (or 022).
  • Calculation:
    • Files start at 666. 666 - 022 = 644 (rw-r--r--).
    • Directories start at 777. 777 - 022 = 755 (rwxr-xr-x).
  • Changing: umask 027 (results in strict permissions).

Contribute on github