Over the next few posts I’ll be covering three basic elements of files in Linux:

Every file in Linux has three primary permissions settings (read, write, execute) that apply to three elements (owner, group, others).

File permissions can be viewed on the command line using the ls command.

[luke@testserver stuff]$ ls -l
total 0
-rwxrw-r-x 1 luke admins 0 Jun 21 19:44 file1

Looking at the output from ls -l , from left to right we can break the output into several groups as shown below. Each group separated by parenthesis.

[ (-) (rwxrw-r-x) (1)  (luke admins)  (0) (Jun 21 19:44)  (file1) ]

Let’s look at each block separately.

- The leading dash tells us that this is a normal file. You may also see d (directory), l (link), or b (block device) and a few others. but - ,d , and l will cover 90+ % of the files you will come into contact with.

Continuing down the line we have rwxrw-r-x this should be viewed as three sets of permissions (r) read , (w) write , and (x) execute . Each of the 3 permissions are applied to the owner, group, and others (others is everyone else on the system).

In this example, the permissions read as follows

Owner: rwx (read, write, execute)

Group: rw- (read, and write). The - indicates that the group does not have execute permissions.

Other: r-x (read, and execute) In this case others can read and execute but not write to the file, as indicated by the - in the “w” place.

1 Continuing to the right we see the number 1 .

This number represents the link count for a file. This file has 1 link which is to itself, if we created a link (shortcut) to this file from another location then the link count would be 2 and would increase by one for each additional link.

The next two entries luke admins represent the file owner (luke) and the group that has permission to the file (admins).

0 The number after the group listing is the file size in bytes. In this case, it’s 0. To see the file size in human readable form use ls -lh  .

Jun 21 19:44 This section shows the date and time that the file was last modified.

file1 Last we see the file name.

Files in Unix-like operating systems belong to a single user (the owner) and a group. Only the root user can change the ownership of a file or directory.

To change ownership of a file use the chown  command like this:

chown <user>:<group> file

Here are a few examples:

Change user and group of a file:

sudo chown superman:justiceleague goodguy.file

**Change only the user: **

sudo chown superman goodguy.file

Change only the group:

sudo chown :justiceleague goodguy.file

File permissions are changed with the chmod command. Permissions can be modified using two different formats, numerical and symbolic.

File permissions in Linux are coded symbolically (as letters)

  • r - read
  • w - write
  • x - execute

And Numerically:

  • 4 - read
  • 2 - write
  • 1 - execute

Each applies to the user(owner), group, and other.

For example, if a file has the following permissions

ls -lh myawesomefile.txt
-rw-r--r-- 1 luke users 9.3M Jan 21 21:43 myawesomefile.txt

  • User - read, write
  • Group - read
  • Others -read

If we wanted to change this so that users can execute this file we can make this change in one of two ways.


chmod u+x myawesomefile.txt

In this example u = user and x = execute.

You can remove the execute permission by changing the + to a - .

chmod u-x myawesomefile.txt

Changing permissions symbolically uses (ugoa) user, group, other, all

Give group write permission on myawesomefile.txt .

chmod g+x myawesomefile.txt

Give all users execute permission.

chmod a+x myawesomefile.txt

**Numerically **

Changing permissions numerically is intimidating for new Linux users but it shouldn’t be. If you can add up to seven then you should be fine.

Let’s make a new file called USMC.OORAH and then display the permissions.

-rw-r--r-- 1 luke users 0 Jan 25 19:50 USMC.OORAH

We can see permissions are rw-r--r-- (User read/write, Group read only, Others read only)

These permissions can be expressed numerically as 644 which is admittedly much higher than seven. However, this number is not six hundred forty-four.

It is six, four, four.

Numerically file permissions are always Read + Write + Execute = numerical permission

  1. Read is equal to the number 4.
  2. Write is equal to the number 2.
  3. Execute is equal to the number 1.

Our file has numerical permissions of six, four, four - and here is how that breaks down:

  • User = 6 (read/write because read (4) + write (2) + execute (0) = 6)
  • Group = 4 (read only because read (4) + write (0) + execute (0) = 4)
  • Others = 4 (read only because read (4) + write (0) + execute (0) = 4)
  • Remember read = 4, write =2, and execute = 1 and each applies to users groups and others.
    • user permissions add up to 6.
    • group permissions add up to 4.
    • others permissions add up to 4.
    • Which is generally expressed as just 644.

Lets change permissions on our file to allow the group to write to the file, while keeping everything else the same. We need to add 2 only to the group portion of our permissions.

chmod 664 USMC.OORAH
-rw-rw-r-- 1 luke users    0 Jan 25 19:50 USMC.OORAH

What if we wanted to allow others to execute this file? Currently, others can only read which is represented by the number 4 execute is represented by the number 1. 4+1=5 so we will want to change permissions to 665.

chmod 665 USMC.OORAH
-rw-rw-r-x 1 luke users 0 Jan 25 19:50 USMC.OORAH

Full permission, read write and execute, is represented by the number 7 because 4+2+1 is 7. So to give the user read write and execute on our file:

chmod 765 USMC.OORAH
-rwxrw-r-x 1 luke users 0 Jan 25 19:50 USMC.OORAH

Of course, you can take permissions away by subtracting. To change the file back to its original permissions of rw-r--r--

chmod 644 USMC.OORAH
-rw-r--r-- 1 luke users 0 Jan 25 19:50 USMC.OORAH

My next post will take this one step further and add ACL’s or access control lists to the permissions scheme which allows our permissions be become much more fine-grained and can include multiple users and groups.

Related Posts

School District finds cost savings and flexibility with Linux

Being a big proponent of Linux on the desktop I was excited to have the opportunity to talk with Aaron Prisk of the West Branch Area School District, who has recently helped migrate 80% of the school district’s infrastructure to Linux. When I first heard about the district’s move to Linux I wanted to find out as much as I could about his experiences during and after the migration. This is a great story about how Linux can be used by people of all ages and technical skill while still providing a low cost and secure platform for everyday operations. Read more

Backup a MySQL Database

If you have a MySQL database working behind the scenes on your web site or app then creating and storing backup’s of that database can be vitally important to the operation of your business operations. A MySQL or MariaDB database uses the mysqldump command to create backups. The mysqldump command outputs a file that contains SQL statements that can be used to rebuild your database, with all of its data. Which could come in handy in the event of an unrecoverable crash or even to just move the database to a new server. Read more

Find services that require a restart

Ubuntu offers a live patching utility that allows kernel patches to be installed without requiring a system restart to be applied. Read more about online patching in this post about patching. That said, in many cases other services or processes on your system may need to be restarted after an upgrade. Finding services that need to be restarted in Ubuntu Install debian-goodies sudo apt update sudo apt install debian-goodies Now just run Read more


If you’d like to get in touch, contact with me via email.