In the previous articles I made a short introduction to the Unix world and in the following article I have dealt with the basic commands for the file system management. Today we are going to talk about permissions. We are going to take Ubuntu as an example, but in the other distros the working mechanism is similar.
Since Linux is a multi-user operating system, knowing the permissions mechanism can be very useful.
If we try to type ls -al
in an Ubuntu console, we will get the list of the files inside the current directory, including the hidden ones. The output will be like the following:
In the image the permissions column, the owner and the group have been highlighted.
Permissions column
The first character indicates the type of element and it can have three values, which are:
- d, which means that the element is a directory;
- l, which means that the element is a symbolic link;
- - which means that the element is a file;
The following 9 characters represent permissions. They are divided into three groups that are the owner, the group and the other users.
Three different characters can represent different permissions and they are:
- r which represents the read permission;
- w that stands for the write permission;
- x that means that the file can be executed;
The owner and group columns indicate the owner of the file and the group they belong to, respectively.
Ubuntu offers different ways to manage permissions. Let's see better.
chmod
chmod
is the command that allows us to modify permissions. It can be used in two different ways.
Symbolic syntax
Consente di assegnare permessi diversi a proprietario, gruppo ed altri utenti. La sintassi è la seguente.
It allows us to assign different permissions to the owner, to the group and to the other users. The syntax is the following:
chmod a=rwx file
The character on the left of the equal symbol can take different values. Let's have a look.
- a all;
- u owner user;
- g group;
- o other users;
The correct way of reading this command is: "I am assigning permissions on the right of the equal to the users indicated on the left of the equal".
Octal syntax
With this syntax we assign the three level of permissions simultaneously. Three numbers are used in order to represent permissions. Let's see how.
chmod 777 file
In this example we have given every possible permission to everyone.
Let's see what the numbers mean:
- 7 means rwx;
- 6 means rw;
- 5 means rx;
- 4 means r;
- 3 means wx;
- 2 means w;
- 1 means x;
- 0 means no permissions;
In the command there are three digits that represent respectively the current user, the group and the other users.
Sometimes Ubuntu could complain about some chmod
commands. In this case the thing to do in order to solve the problem is modify the command and type a command like the following:
sudo chmod 777 file
This means that we are executing the command as superuser that, for windows users, is equivalent to the "run as administrator". The system will ask the system password in order to continue. Don't de worried if you do not see any characters on the termina, it is normal!
chown and chgrp
If we have understood how to manage permissions, let's open the chapter about the management of users and groups.
chown
The chown
command is used to change the owner and/or the group to which a folder or file belongs. The syntax is the following.
chown owner:group file
Ne esiste anche una versione per il solo proprietario, che è la seguente.
A version that deals only with the owner also exists.
chown owner file
For example, if we imagine that we want to assign the Main.java file to the developer user and the devs group, the command will be:
chown developer:devs Main.java
As I told in the article about the file system management, the name of the file can be replaced with the correct path to it.
chgrp
chgrp
is similar to chmod
. It allows us to modify only the information about the group of a file or a folder. It doesn't give the possibility to modify the owner. The syntax is the following.
chgrp group file
chmod, chown e chgrp with recursive mode
Tutti e tre i comandi supportano la modalità ricorsiva. Può capitare ad esempio di voler modificare proprietario e/o gruppo di una cartella e di tutto il suo contenuto. Scriveremo allora:
All of this command support the recursive mode. It can happen that we want to modify the owner or the group of a folder and of all its content. The commands will be:
chmod -R 777 folder
chown -R owner:group folder
chgrp group folder
In this way, we will modify the information about the folder and recursively of all its content.
Examples
Let's have a look to some examples.
chmod 755 file
set complete permissions to the owner of the file, rx permissions for the group and the other users;chmod u=rwx file
gives complete permissions to the user, leaving the others as they are;chmod ugo=rwx file
set the complete set of permissions to everyone;chmod ugo-x file
This is a valid alternative way to use when we want to remove permissions. In this example, we are removing the execution permission to everyone;chmod ugo+x file
compared to the previous example, here we are giving the execution permission to everyone;chown -R name:group my_folder
makes the directory called my_folder with all its contents owned by name and group;sudo chown -R root:root mia_cartella
makes the directory called my_folder with all its contents ownned by root and the root group;
Conclusions and advices
The most important advice that I can give you is that, when you have some doubts, you must check on the manual. In this case, if we have some doubts about the operation of chmod we should type man chmod
. This is a general advice, good for every kind of situation.
Although it may seem trivial, the topic of the permissions is a touchy subject. In order to gain confidence we can follow two different approaches: the first consists of creating a folder and try to execute commands only in this folder. The alternative is creating a virtual machine and run some tests. Personally, I would create a local directory if you have already installed Ubuntu: If you haven't, you can try to create a virtual machine. It is quite the same, depending on the software that you use.
So, test people, test!