Menu Close

Managing Linux Ubuntu User Permissions

This article talks about managing Ubuntu user system’s permissions and its basic commands.

For more on this subject, please refer to the SOC Table of Contents.

 

There are typically three permissions for a file: read (r), write (w), and execute (x). Using the command “ls -l” allows us to see the permission information for all files under a specific directory.

We will be using test.txt as an example.

The “-rw-rw-r–” at the start represents the file permissions as well as the relation between the user and the user group. As mentioned in the previous section, the first character represents the file type. The other 9 characters is viewed as groups of 3 characters. It represents the file owner’s permissions, the file owner’s group’s permissions, and the permissions of other users respectively. The “ubuntu ubuntu” after that represents the file owner (user) and the group that the user is in. Thus, the file test.txt has the following permissions:

  1. The file’s owner is the user ubuntu. It has the permission of “rw-” regarding test.txt. This means that it has the permissions to read and write on the file
  2. The group that ubuntu is in also has the name of ubuntu. The user group also has the permission of “rw-” regarding the file, which means it has the permissions to read and write on the file.
  3. Other users have the permission of “r–” regarding the file, meaning that they can only read it.

Note that being able to read the file means that they can only open it and view its contents, being able to write to the file means they are able to make changes to the file itself and being able to execute the file means they are able to run the file if it is a software application. Regarding folders, one needs to have permissions to read before they can use the ls command to view its content and needs to have permissions to execute before they can access the folder.

 

If a user tries to access a file that they don’t have permissions to, they will not be able to access it. For example, only the root user can modify files under the root directory “/”. If normal users try to modify it, it will prompt the user saying that they don’t have the permissions to do so. As a demonstration, we will be trying to create a file named permission_test under the root directory “/”, by using the touch command like so:

If we still wish to create that file in the root directory “/”, we will have to switch over to the root user by using the sudo command to complete that task.

We can keep in mind that whenever we run into a situation where we don’t have enough permissions to do something, we can simply use the sudocommand to temporarily let us be root.

 

We previously talked about the three permissions a file can have: read (r), write (w), and execute (x). Besides using r w and x, we can also directly use three binary numbers; using 1 on a spot to show it has the permission, and using 0 on a spot to show it doesn’t have the permission:

 

Letter                Binary               Base-8

r                      100                   4

w                      010                   2

x                 001                   1

 

With that in mind, we can now convert all of the permissions into binary and base 8.

 

Permission         Binary               Base-8

                           000                      0

-x                          001                       1

-w-                         010                       2

-wx                        011                        3

r–                          100                        4

r-x                         101                         5

rw-                        110                         6

rwx                        111                         7

 

 

We can also start using a, u, g, and o to show the relationships between files.

 

Letter                Meaning

r                         Reading permissions

w                       Writing permissions

a                        All users

u                        Default user

g                        Default user group

o                        All other users

=                       Permissions

+                       Add permission

                        Remove permission

 

 

As an example, suppose we have a file called test.c. If we want to give the default user the permission to run the file, we can use the command u+x.

Posted in Textbook and Training Project

Related Articles

Leave a Reply

Your email address will not be published.

Leave the field below empty!