File Permissions & Ownership
Objective
Manage Unix file permissions using symbolic and numeric notation, set ownership, configure default permissions with umask, and use ACLs for fine-grained control.
Tools & Technologies
chmodchownchgrpumaskgetfaclsetfacl
Key Commands
chmod 750 script.shchown user:group fileumask 022setfacl -m u:bob:rw filegetfacl fileArchitecture Overview
graph TD
subgraph Permission Bits
P[rw-r--r--\n644] --> O[Owner\nrw-\n6]
P --> G[Group\nr--\n4]
P --> W[World\nr--\n4]
end
subgraph Calculation
O2[r=4 w=2 x=1]
G2[7=rwx 6=rw- 5=r-x 4=r--]
end
style P fill:#1a1a2e,stroke:#00d4ff,color:#e0e0e0
Step-by-Step Process
01
Read the Permission String
The ls -l output shows permissions as a 10-character string. Learn to decode it.
ls -l file.txt
# -rw-r--r-- 1 alice staff 1234 Jan 1 file.txt
# │└┬┘└┬┘└┬┘
# │ │ │ └── world: r--
# │ │ └───── group: r--
# │ └──────── owner: rw-
# └────────── type: - file, d dir, l link02
chmod — Numeric Mode
Calculate permissions: r=4, w=2, x=1. Add digits for owner/group/world.
chmod 755 script.sh # rwxr-xr-x
chmod 644 data.txt # rw-r--r--
chmod 600 secret.key # rw-------
chmod 777 public/ # rwxrwxrwx (avoid!)03
chmod — Symbolic Mode
Use symbolic notation for relative changes without knowing the current value.
chmod +x script.sh # add execute for all
chmod u+x,g-w file # owner +x, group -w
chmod o= file # remove all world perms
chmod a=r file # all can only read04
chown & umask
Change file ownership and set the default permission mask for new files.
chown alice file.txt # change owner
chown alice:devs file.txt # owner and group
chgrp devs file.txt # change group only
umask # show current mask
umask 027 # new default: 750 dirs, 640 filesChallenges & Solutions
- chmod -R on / is catastrophic — always double-check recursive commands
- setuid/setgid on shell scripts is ignored by Linux kernel
Key Takeaways
- Default permissions = 666 (files) or 777 (dirs) minus umask
- ACLs override standard permissions for named users/groups