linux_wiki:list_set_and_change_standard_ugo_rwx_permissions

List Set And Change Standard Ugo Rwx Permissions

General Information

Ownership and permissions.


Permissions Overview

Permissions tools

  • chmod ⇒ Change permissions for user, group, other, or all
  • chown ⇒ Change user/group ownership

Chmod Modes

  • symbolic ⇒ represent permissions via u,g,o,a
  • octal ⇒ represent permissions with numbers

Change file1 ownership to rjones and group to student

chown rjones:student file1
  • You can leave off either the username or group name if only changing one of them, but the colon (:) must remain if only changing the group owner.

ls -l
-rw-r--r--. 2 root root          0 Jun 20 15:11 file1
-rw-r--r--. 2 root root          0 Jun 20 15:11 file2
drwxr-xr-x. 3 root root         17 Jun 20 14:50 newdir
  • First column ⇒ - (file), d (directory, l (symlink)
  • Columns 2-4 ⇒ User owner permissions (rwx)
  • Columns 5-7 ⇒ Group permissions (rwx)
  • Columns 8-10 ⇒ Other permissions (rwx)

  • u ⇒ user owner
  • g ⇒ group
  • o ⇒ other users
  • a ⇒ all users

Add write permissions to a file for the group

chmod g+w file1

Take away read permissions for others, for all of dir1 directory and its contents

chmod -R o-r dir1
  • -R ⇒ recursively

Add execute permissions to directories only in a tree

chmod -R ug+X dir1
  • For user owner and group ⇒ Adds execute to dir1 and all sub directories, not files.

  • 4 ⇒ read
  • 2 ⇒ write
  • 1 ⇒ execute
  • Add together to get permissions

Set file1 permissions using octal notation

chmod 740 file1
  • user owner ⇒ read(4),write(2),execute(1) permissions (4+2+1=7)
  • group ⇒ read(4) permissions
  • others ⇒ no(0) permissions

  • Setuid ⇒ execute file with owner's permissions
  • Setgid ⇒ execute file with group's permissions (most often set on directories to keep files created in that dir owned by the group)
  • Sticky bit ⇒ when set on a directory, prevents file deletion unless the user is the owner. (even if they have write permissions)

Add setuid to script1

chmod u+s script1


Same scenario, octal mode

chmod 4740 script1

When there are four numbers in chmod, the first is for setuid/gid/stickybit:

  • 4 ⇒ setuid
  • 2 ⇒ setgid
  • 1 ⇒ sticky bit

  • umask permissions are “masking” the permissions that we don't want to have.
  • New files will not be created with execute permissions by default.
  • New directories will be created with execute permissions by default.

View current defaults

umask
0022
  • Defaults show above are in octal
  • Owner ⇒ 0 (don't mask any)
  • Group ⇒ 2 (mask write permissions)
  • Others ⇒ 2 (mask write permissions)


The above yields a file with the following permissions by default:

-rw-r--r--   1 user user    0 Jun 22 14:01 file1


Temporarily change the default for this session only

umask 266
 
touch testfile
ls -l
dr-x--x--x   2 user user 4096 Jun 22 14:09 testdir
-r--------   1 user user    0 Jun 22 14:08 testfile


Permanent umask changes (system wide)

vim /etc/bashrc
vim /etc/profile
 
if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
       umask 002
    else
       umask 022
fi
  • User accounts with a user id greater than 199 and the group name is the same as their username ⇒ umask of 002.
  • All other users ⇒ umask of 022
  • Note: Need to make this change in /etc/bashrc and /etc/profile

  • linux_wiki/list_set_and_change_standard_ugo_rwx_permissions.txt
  • Last modified: 2019/05/25 23:50
  • (external edit)