File permissions are an important part of the Linux file system. They determine who can do what to a file
1. View permissions
The way to view permissions is simple, just use the ls -l command to view, the first field of each line contains the description of permissions
> ls -l
#drwxrwxr-x 2 user user 4096 Sep 12 16:05 folder
#-rw-rw-r-- 112 user user 12 Sep 12 16:00 file
Copy the codeIn this example, file is described as -rw-rw-r–, and Folder is described as drwxrwxr-x
But don’t worry about what that long string of things really means. Let’s figure out what each character means step by step
\
The first character indicates the file type, which is not actually part of the permission description. There are seven common file types
Common file (-), Directory (d), Link (L), Block device file (b), Character device file ©, Pipe file §, socket file (s)
Ordinary file, directory, link these three types of file I believe we are very familiar with, here no longer repeat
Block devices such as hard disks, character devices such as mouse and keyboard, pipe files for process communication, and socket files for network communication
\
The last nine characters, which are grouped into groups of three characters, represent the file’s permissions
Each Group represents the owner rights (User, U), owning Group rights (Group, G), and Other User rights (Other, O).
Each group of three characters represents the following permissions: Readable (R), Writable (W), Execute (x)
If the corresponding permission does not exist, it is indicated by –
\
The following uses the permission description of file rw-rw-r– as an example (ls -l the first field omit the first character).
| Character position | Character meaning | The specific character | Specific meaning |
|---|---|---|---|
| 1 ~ 3 | Owner rights | rw- |
Readable, writable, not executable |
| 4 ~ 6 | Owning Group Permission | rw- |
Readable, writable, not executable |
| 7 ~ 9 | Other User rights | r-- |
Readable, not writable, not executable |
Drwxrwxr-x (ls -l the first field leaves out the first character)
| Character position | Character meaning | The specific character | Specific meaning |
|---|---|---|---|
| 1 ~ 3 | Owner rights | rwx |
Readable, writable, and executable |
| 4 ~ 6 | Owning Group Permission | rwx |
Readable, writable, and executable |
| 7 ~ 9 | Other User rights | r-x |
Readable, not writable, executable |
2. Modify permissions
In Linux, you can run the chmod command to modify file permissions as follows:
>Chmod File permission file
Copy the codeThe file permissions written here can be expressed in two ways, one is a numeric representation, one is a literal representation
(1) Numerical representation
The numeric representation uses three octal numbers to represent file permissions. The problem here is how to translate permission descriptions to octal numbers
In fact, the method is very simple, you can use binary as the intermediate transition, the conversion between octal and binary I believe we all understand, here will not elaborate
And the conversion between permission description and binary, it’s just a rule of entitlement 1, entitlement 0, two examples
Rw-rw-r -- binary: 110 110 100 octal: 6 6 4Copy the codePermissions: RWX RWX r-x Binary: 111 111 101 octal: 7 7 5Copy the code(2) Literal representation
Text representation is to use specific identifiers to represent corresponding users and permissions, you can add or delete specific permissions for specific users
Users: the owner is represented by u (User), the Group is represented by G (Group), and Other users are represented by O (Other)
Permissions: Read permissions are r (Readable), write permissions are W (Writable), Execute permissions are X (Execute)
#Owner (u) adds (+) execute permission (x)
> chmod u+x file
#Owning Group (g) Reduce (-) Write permission (W)
> chmod g-w file
#Other user (o) reassigns (=) access
> chmod o=rw file
Copy the code3. Permission mask
The permission mask consists of four octal numbers that, along with the default permission, determine the permission to create new files and directories
The relationship is as follows: Default permission – Permission mask = Permission to create a file or directory
The default permissions are fixed. In Linux, the default permissions are 666 for files and 777 for directories
We can use the umask command to check and modify the permission mask. If no modification is made, the default permission mask is 0022
In this case, the permission to create a file is 666-0022 = 644, and the permission to create a directory is 777-0022 = 755
4. Directory permissions
Finally, notice what read ®, write (W), execute (x) mean for directories
- Can read (
r) : AvailablelsCommand to list the contents of a directory - Can be written (
w) : You can create, delete and modify files in the directory - The executable (
x) : AvailablecdCommand to switch to the directory