Home » Unix command and scripts » file permissions in Unix

file permissions in Unix

What is Unix Users?

A UNIX system serves many users. Users are an abstraction that denotes a logical entity for assignment of ownership and operation privileges over the system. UNIX identifies each user by a User ID (UID) and the username (or login) such as ‘oracle’ and ‘applmgr’ is just an alias to the UID that makes humans more comfortable.

What is Unix Groups?

Users can be organized in groups. A user may belong to one or more groups of users. The concept of groups serves the purpose of assigning sets of privileges for a given resource and sharing them among many users that need to have them. For example in Oracle apps env, we have dba group whose members are oracle and applmgr

Unix file permissions decoded

Each file and directory on your Unix system is assigned access rights for the owner of the file, the members of a group of related users, and everybody else. Rights can be assigned to read a file, to write a file, and to execute a file (i.e., run the file as a program).

We can use ls -l command to list the file permission

Lets take an example to explain it

$ls -l x1
-rwxrw-r-- 1 oracle dba 10 Jan 10 12:41 x1
x1Filename
oracleis a user of the Unix system and owner of the  file
dbais a group and group assigned to the file
rIt stand for read permission
wIt stands for write permission
xIt stands for execute permission
First three letter( rwx)determine the file permission for the owner. So owner can read,write and execute the file
Second three letter (rw-)determine the file permission for the group.So any user in that group has read and write permission on the file
The last three letter(r–)determine the file permission for everybody else. So anybody who is not the owner nor in file group can read the file only

We can write file permission in another form also.It is Called Octal Number
(1) read means 4,write means 2 and execute means 1
(2) so rwx for owner means 7
(3) so rw- for groups means 6
(4) so r– for everybody else means 4
(5) We can say 764 as the file permission in short

See also  How to insert line after match using sed

How these permission are defined for the file

You can use the umask command to set default access permissions. This will ensure that any files and directories you create have consistent permissions.

Without the mask the system would set permissions of 666 for files and 777 for directories when first created. The values in the mask are subtracted from these values to give a default value for access permissions for the files and directories created by you.

For example:
777 (system value for directories)
-077 (value of the umask)

700 (default access permission of rwx——)
To change your default access permissions you use the command:
umask nnn
Each “n” is a number from 0 to 7

Octal number Access permissions given
——————————————————————————–
0 rwx read, write and execute
1 rw- read and write
2 r-x read and execute
3 r– read only
4 -wx write and execute
5 -w- write only
6 –x execute only
7 — no permissions

How to change file permissions using chmod and chown

We can use chmod and chown to manipulate the file permission

chmod

chmod options mode filename filename1…
chmod options mode directory_name

The “mode” consists of three parts: who the permissions apply to, how the permissions are set and which permissions to set.

who is specified as one of:

u (user) the owner of the file
g (group) the group to which the owner belongs
o (other) everyone else
a (all) u, g and o (the world)

how is given as one of:

+ add the specified permission
– subtract the specified permission
= assign the specified permission, ignoring
whatever may have been set before.

which are specified by one or more from:

r read
w write
x execute
Options:
-R Recursively descend through directory arguments, setting the mode for each file as described above. When symbolic links are encountered, the mode of the target file is changed, but no recursion takes place.

See also  What is shell and Shell Scripts

chmod u+x file1 : It means giving execute permission to file owner
chmod g-x file1 : It means revoking execute permission from file group

We can also use Octal numbers for chmod
chmod 700 file1 : It means giving read/write/execute permission to file owner but revoke every permission from group and everybody else

Examples of chmod command /chmod recursive

chmod -r 755It means giving 755 permission to the all the files in recursive manner
chmod -r 777It means giving 777 permission to the all the files in recursive manner
chmod -r a+wIt means giving all  (user+group+world) write permission to the all the files in recursive manner
chmod -r g+wIt means giving group  write permission to the all the files in recursive manner
chmod -r-xr-xr-xIt means giving read and execute to owner,group and world
chmod -rw-r—–It means giving read ,write  to owner and read to group
chmod -rw-rw—-It means giving read ,write  to owner and group
chmod -rw-rw-rw-It means giving read ,write  to owner , group,world
chmod 755It means giving read ,write,execute  to owner  and read ,execute to group and wold
chmod 777It means giving read ,write,execute  to owner  ,group and world

chown

chown options username:group name filename
chown options username:group name filename

username: To assign the file to a particular user
groupname:To assign the file to a particular group

This is generally execute with root command to avoid any privilege issue
Options:
-R Recursively descend through directory arguments, setting the mode for each file as described above.

See also  How to check physical RAM ,swap space on Unix

chown oracle:dba file1 : It means assigning user oracle and group dba to the file1

Must Read articles on Unix
sed command
awk command
split ,tr and tee
basic unix commands pdf

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top