Assigning Permissions in Linux

Home » » Operating Systems » Assigning Permissions in Linux
Operating Systems No Comments

* User Types in Linux

* Access Permit Types

* How to set permissions for files and directories

Anyone accustomed to using the Windows operating system that starts working in a Linux environment, surely has faced or will face problems such as:

* Unable to save files in some folders.

* Inability to open.

* Files can be opened and read but when you want to modify and save changes, error messages saying there is no sufficient permissions to modify the file.

Problems such as these are typical, and often major headaches for beginners or those who start working in Linux environment. But that should not suggest that Linux is deficient in this respect, quite the opposite, because this is all part of the security offered by a system as robust as it is Linux.

Will be explained in detail each of the steps to be followed for assigning permissions to files and folders on Linux.

The first is to open a console to type in commands. Then you must enter as root user, using the command su, then enter the password. Note that the symbol “$” is changed to “#”, indicating that no longer is working as a single user but as root or superuser.

The command is used to assign permissions in Linux is “chmod”. This instruction can be used with letters or numbers. The most common form is numerically express permission to do so shorter and practice, but it’s a matter of preference. It is common to use “chmod 777” to assign all permissions to a file or folder. It should be mentioned that assign all permissions to a folder does not automatically all files and subfolders that are within the folder that has all permits, will also permissions. If a folder does not have read permission, you can not see the files or subfolders it contains. If you assign all permissions, you may within the folder have files with restrictions, so that even if the folder has all permissions, certain files or subfolders can have some restrictions. Each file folder and each operates under its own permit allocation independently.

User Types in Linux

Linux is designed to be multiuser. This operating system allows three levels of access to files (the types of access permissions that will be explained later), for three different categories of users, namely:

1. Owner (owner): The person that the system recognizes as owner of the folder or file.

2. Group (group): A collection of users with similar permissions.

3. Other (other): Any other person.Access Permit Types

As explained above, assign permissions to a directory (folder) does not mean that the files or subfolders that are in this automatically have the same permissions that were assigned to the folder. Therefore access permissions can be for files or directories.

Permissions for files work this way:

1. Read (reading): Permission to view the file without making changes.

2. Write (write): writable: you can write the file, and therefore change.

3. Execute (execute): The file or directory can be executed.

As for the files to directories, work as follows:

1. Read: Permission to list the files in a directory.

2. Write: Permission to add new files to the directory.

3. Execute: Permission to access files in the directory.

How to Know the permissions of a Directory or File

The first step is to enter the console as root, for which we must use the “su” command and then enter the password respectively. Then you need is located in the directory containing the file or directory you want to know which permissions you have. To move a directory, use the command “cd”. Typing “cd”, you get to “root” or root, which for those who are more familiar with Windows, that would be the equivalent of the “C”. For the current directory, use the command “pwd”.

Assuming you want to know the permissions for the / acpi /, which is located in the / etc /, which is primarily would type “cd” to return to the root or root. Then type “cd / etc” to get to the / etc /. To confirm that it has been successful to the / etc /, type “pwd” and the result should read “/ etc”, revealing that fact has come to the / etc /. Finally type “ls-l” and displays all files and directories found within the / etc /, in alphabetical order. Because in this case are seeking permission for the / acpi /, in the list that appears should look exactly the description for / acpi /. You should see something like what is shown below:

drwxr-xr-x 3 root root 4096 7/21/2007 9:51 acpi

“Drwxr-xr-x” shows the permissions for the / acpi /. Owner has permission to read, write and execute (WXR equals 7). Group has permission to read and execute (equivalent to 5). Other have permission to read and execute well (equal to 5). Later we will explain in detail how this works.

How to set permissions for files and directories

As already mentioned above, the command “chmod” is used to assigning permissions in Linux. For example index.php chmod 777 all permissions assigned to the file index.php. Clearly, it must first go to the directory containing the file index.php (using the “cd” command as explained above), and being already in that directory, type “chmod 777 index.php” in the case of wanting assign all permissions to the file index.php. To understand the meaning of 777 is necessary to know that 4 means read permission, 2 and 1 write permission execute permission. Adding these values one can see that a file can have the following (for each type of user):

4 = read

2 = write

1 = execution

0 = no permission for anything

3 (2 +1) = write and execute

5 (4 +1) = read and execute

6 (4 +2) = read and write

7 (4 +2 +1) = read, write and execute

All this to the three types of users.

Thus, a “chmod 777 index.php” means that owner, group and others have read permission, write and execute. “Chmod 766 index.php” means the owner has permission to read, write and execute, and the group and others only read and write permission. “Chmod 744 index.php” means the owner has read, write and execution {on, while others only group and read permissions.

As you can see, there are three digits, from left to right, which permits the designated owner, group and others. The following letter has its equivalent (which used a total of nine digits instead of three):

0 = — = no access

1 = – x = execution

2 = – w – = writing

3 = – w x = write and execute

4 = r – = read

5 = r – x = read and execute

W 6 = r – = read and write

7 = r w x = read, write and execute

For example, rw – r – r – means the owner has read and write permissions (rw -), the only group read permission (r -) and other read permission (r -). The numerical equivalent would be 644.

It should also be known that although “chmod 644 index.php” is not equivalent to “chmod rw – r – r – index.php”. If you want to use “chmod” with text, you must respect the following syntax:

chmod [ugo] [+ -] [rwx] [filename]

Where [u = user or owner, g = group I = other], [+ / – enables or disables the following attributes] [r = read, w = write, x = execute]

For example, “chmod go + r index.php” means that are assigned read permissions for group and other in the index.php file. “Index.php chmod go-r” means to remove read permissions for group and other in the index.php file. With “chmod ugo + rx index.php” are assigned read and execute permissions for user / owner, group and other in the index.php file. “Index.php chmod uo-w” means write permissions are removed for user / owner and other. Note that when using + / – to toggle permissions, change only the attributes that are specified, but do not change other permissions that may be assigned above. For example with “chmod go + r index.php” is not changed prior to the assignment of a group execute permission, among other permissions are unchanged. If you wish to change also all other permits not mentioned, instead of + / – should be used the “=”, eg “chmod go = r index.php” assigned to group and other read permission on index.php and simultaneously removes any permission for both, and as user / owner is not mentioned, the permissions are left as they were having. If you write “chmod ugo = wr index.php” means that a user / owner, group and others are given permission to read and write and were removed execute permission. No need to write in order “rwx” to “read, write, execute”. The order does not matter in this case, so that “xw” equals “wx”, ie to write and execute permissions.

You can not also refer to a specific file, but all files within the directory that are of a special type. For example, if you want to assign all permissions for all files with a. Php in the current directory, instead of typing “chmod 777 index.php”, you must write “chmod 777 * php”. That not only index.php file permissions will have full read, write and execute for all users, but also any other file with. Php enjoy the same permissions. This is useful for example in the case that within a directory with many files. Php. It would be monotonous and tedious repeating the procedure for each file, while it is very easy to do with a simple instruction using “chmod 777 * php”. In the case of wanting to do that for. Html file instead. Php, just type “chmod 777 * html” and so for any other type of file you want.

In case you want to set permissions for directories, the process is the same as for files, except that we must not forget to write the corresponding pipe (“/”) after the number, which is not done in the case of permits for files. For example, “chmod 777 index.php” is an example of assigning permissions to a file, while “chmod 777 / var” is an example of assigning permissions to a directory. If you write simply “chmod 777 var” would appear an error message like this:

chmod: can not access ‘var’: No such file or directory

A practical example is that you want to assign all permissions to the directory var. The first would be to log in as root / superuser with the command “su” and entering the password. Then type the command “pwd” and the result should be “/ root”, indicating that the current directory is / root. Should not be in the / root directory, type the command “cd” to get set / root as the current directory. Then type “chmod 777 / var”, which are assigned all permissions for all users, both read as well as write and execute.

That will be possible to save files or create new directories in / var. A real case where this is applicable for example to download a compressed file format. Tar.gz. Suppose that the download is done automatically to / home / username / Desktop / Downloads, but to decompress the. Tar.gz, move the file to the / var. Initially wanting to cut or copy and then paste into the / var, you may see an error message saying that it is not possible to write to the / var.

It then follows the steps to assign permissions to the directory / var, so it is possible to locate the compressed file with a. Tar.gz in / var so we can then unzip from there.

Assuming the full name of the file that is located in the / var is “OOo_2.2.1_LinuxIntel_install_wJRE_en-US.tar.gz”, then there may well decompress from moving first to the / var with the command “cd” , and then typing “tar-xvzf OOo_2.2.1_LinuxIntel_install_wJRE_en US.tar.gz” to unzip the file. Practical applications as just described are possible when you know well how to properly assign permissions to both files as directories.

Assigning permissions for directories and files is something elemental for users of Linux, so it will be of great benefit to have this knowledge “to avoid drowning in a glass of water,” little things like not knowing assign permissions can make a trapped person can move forward without the use of Linux. This is part of the basic knowledge and fundamental that every Linux user should have.

 

Jaime Montoya

Santa Ana, September 15, 2007

El Salvador