Managing Linux permission can be tricky at times. Although it is possible to manage permission from GUI interface on most of Linux distributions, in this article we will go over basic CLI permission and ownership management of files and directories.
Key commands that can help you manage the permissions and ownership of a file are chmod, chown, and chgrp. We will examine how to use those commands to change permissions along with the user and group that owns a specific file, or even a series of files.
One tip that can help you change the permissions on a series of files is the -R switch. It is the recursive switch for all three of these commands. In other words, if you specify the -R switch with any of the noted commands on a directory, it applies the changes recursively. The changes are applied to all files in that directory, including all subdirectories. Recursion means that the changes are also applied to files in each subdirectory, and so on.
The chmod Command
The chmod command uses the numeric value of permissions associated with the owner, group, and others. In Linux, permissions are assigned the following numeric values:
r = 4, w = 2, and x = 1
For example, if we want to give read, write, and execute permissions on test1 to all users, you could run the chmod 777 test1 command. The chown and chgrp commands adjust the user and group owners associated with the cited file. The chmod command is flexible. You don’t always have to use numbers. For example, the following command sets execute permissions for the user owner of the test1 file:
# chmod u+x test1
Note how the u and the x follow the ugo/rwx format specified in the associated
To interpret, this command adds (with the plus sign) for the user owner of the file (with the u) execute permissions (with the x). These symbols can be combined. For example, the following command disables write permissions for the group owner and all other users on the local file named special:
# chmod go-w test1
While you can use all three user types in the chmod command, it’s not necessary. The following command makes the noted file executable by all users:
# chmod +x test1
For the SUID, SGID, and sticky bits, some special options are available. If you choose to use numeric bits, those special bits are assigned numeric values as well, where SUID=4, SGID=2, and sticky bit=1. For example, the following command configures the SUID bit. It includes rwx permissions for the user owner, rx permission for the group owner, and r permissions for other users, on the file named test1:
# chmod 4764 test1
If you’d rather use the ugo/rwx format, the following command activates the SGID bit for the local test1 file:
# chmod g+s test1
And the following command turns on the sticky bit for the /test directory:
# chmod o+t /test
While the chmod command described assumes changes are made by the root administrative user, that’s not always required. The user owner of a file is allowed to change the permissions associated with that file.
The chown Command
The chown command can be used to modify the user that owns a file. For example, take a look at the ownership of a file based on the ls -l command:
-rw-r–r–. 1 usr1 gr1 8544502 Oct 2 4:07 test1
The user owner of this file is usr1; the group owner of this file is gr1.
The chown command shown changes the user owner to user urs2:
# chown usr2 test1
You can do more with chown; for example, the following command changes both the user and group owner of the noted file to user usr3 and group gr3, assuming that user and group already exists.
# chown usr3.gr3 test1
The chgrp Command
You can change the group owner of a file with the chgrp command. For example, the following command changes the group owner of the noted dirtest directory to the group named gr2 (assuming it exists):
# chgrp gr2 dirtest