To the new Linux administrator, permissions can be a particularly sticky topic. While documented in various places, I thought it might be best to give a brief overview from the perspective of new users.
I am going to split the discussion about permissions into two factors: the user and group, and the actual permissions. While one might want to keep them separate, the topics work together from the perspective of introductory Linux administration.
Users and Groups
Many people will already be familiar with the concept of the user. When logging into a server, one must choose a user and have an appropriate password. Not all users allow for logins, many are implemented to help particular programs run, or to cordon off permissions during certain operations. Every user is also a part of one or more groups. The group is a collection of one or more users.While a user can be given permissions to a file, a group can also be given permissions. when using the ls -l command to check the files in a directory, the column with the group immediately follows the column of the user. The chown command can be used to change ownership of a file. If both user and group ownership must be changed, the process can be completed in one command, like this: chown user:group file
Now that our file is owned by the right user, lets make sure the permissions are set appropriately for access. Basic permissions can be displayed in two forms, one is a list of read, write, and execute options, the other is a 3 digit octal number. In either case, you can distinguish 3 different permission definitions: those for the user that owns the file, one for the group that owns the file, and one for everyone else. In list form, the following permissions indicate that the owner and owner group can read and write, but everyone else can just read:
If you change the example to allow all users to execute, the permissions would look like the following:
The octal version of these two examples would be 664 and 775 respectively. While the octal format can be intimidating at first, it can also be a very powerful and fast method for controlling permissions. Each digit represents a permission block (user, group, and everyone, in that order). To determine the number required for each digit, you simply add, using the values from the following list:
So to set read and write, we would use 4+2=6. To allow all users to read and write, the following command can be used: chmod 666 /path/to/file