Linux Unleashed, Third Edition:File and Directory Permissions





-->















Previous
Table of Contents
Next




Chapter 9File and Directory Permissions

by Tim Parker

In This Chapter
•   File and directory ownership
•   UMASK settings
•   Changing file permissions
•   Changing directory permissions

If there’s one subject that tends to confuse newcomers to UNIX and Linux, it’s working with file permissions. This subject is confusing because it has rarely been properly explained. After you understand what is going on and what the file permission commands do, you’ll readily understand this subject. Take your time working through this material and you should find it fairly clear and easy to grasp.

You already saw that when you perform a long directory listing with the ls -l command, there’s a lot of information displayed other than the filename. For example, look at this long directory listing:


-rwxr-xr-x 2 tparker group 4512 May 9 09:20 book1
-rwxr-xr-x 2 tparker group 5727 May 9 09:20 book


There are seven fields of data in this directory listing. From left to right they are:


•  A set of permissions (which we’ll explain shortly)
•  The number of links (we’ll worry about that in another chapter)
•  The user ID that owns the files (in this case, tparker)
•  The group that owns the files (in this case, group)
•  The size of the file in bytes
•  The date and time the file was created
•  The name of the file

In this chapter we’re going to concentrate on the permissions, owner, and group of the file.

Every Linux file and directory has an owner and group, as well as a set of permissions. You can change the permissions and ownership of your files and directories to provide greater or lesser access. File permissions also determine whether a file can be executed as a command or not.
File and Directory Ownership
When you create a file, you are that file’s owner by default, and your login appears in the third column of the directory listing. Whatever group you are in when the file is created is placed in the fourth column. (We haven’t talked about groups yet, but they are simply a number of user IDs that have a similar group name for common access to files and directories.) Being the file’s owner gives you the privilege of changing the file’s permissions or ownership. Of course, once you change the ownership to another user, you will probably not be able to change the ownership or permissions anymore.

Users and Ownership
File owners are set up by the system during installation. Linux system files are owned by IDs such as root, uucp, and bin. Do not change the ownership of these files, even if you are logged in as root. That’s because the permissions are set correctly when Linux installs the software, and if you change them, you may prevent the system from accessing the file properly.

Tip:  Although it’s sometimes tempting to change ownerships of system files, this can cause real problems for utilities that don’t run as root and need to read those files. In most cases if you change the ownership or the permissions of a system file, the utilities that use that file will lock up or terminate. Change ownership of files only when you know they are user files!

You can use the chown (change ownership) command to change the ownership of a file. The syntax of the chown command is


chown <owner> <filename>.


owner indicates where to insert the user ID that will own the file, and filename indicates the name of the file that you are setting ownership for. You can use wildcards with the chown command to indicate a number of files at once.
In the following example, you change the ownership of the file myfile to the login bill:


darkstar:~$ ls -l myfile
-rw-r--r-- 1 fido users 114 Dec 7 14:31 myfile
darkstar:~$ chown bill myfile
darkstar:~$ ls -l myfile
-rw-r--r-- 1 bill users 114 Dec 7 14:31 myfile


Before you can change the login of the file owner, Linux checks to confirm that it exists. After you have changed the ownership of the file, you may not be able to do anything else with the file, so be careful. To make any further changes to the file myfile or to chown it back to fido, you must use either su or log in as bill and use the chown command to set you back to the owner.

Note:  Although Linux shows you the login name that owns the files and directories, it really keeps track of this information through the user ID number (such as 101). Linux prefers numbers to characters because they are easier to manipulate.


Note:  It is possible to have files owned by a user who doesn’t exist. This usually occurs when the system administrator deletes a user. All the files that user ID owns are still tagged with that ownership because Linux doesn’t scan the filesystem and change these names when a user is deleted. In the case of a file owner that doesn’t exist, root is usually the only login that can change the ownership.





Previous
Table of Contents
Next