Linux Professional Institute LPIC-1 Exam 101
Devices Linux Filesystems Filesystem Hierarchy Standard
Manage File Permissions and Ownership
In this lesson, we’ll explore how to view and modify file permissions and ownership on a Linux system. You’ll learn to inspect permission bits, change owners and groups, and apply both symbolic and numeric modes with chmod
, chown
, and chgrp
.
Inspect Current Ownership and Permissions
Run ls -l
to display the owner, group, and permission bits for files and directories:
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
- Owner:
aaron
- Group:
family
- Permissions:
-rw-r-----
Only the file owner or the superuser (root
) can change these settings.
Viewing and Changing Group Ownership
Use chgrp
to assign a file or directory to a different group you belong to:
# Syntax: chgrp <group_name> <file_or_directory>
$ chgrp wheel family_dog.jpg
$ ls -l
-rw-r----- 1 aaron wheel 49 Oct 27 14:41 family_dog.jpg
Check your group memberships with:
$ groups
aaron wheel family
Note
You can only switch a file’s group to one you’re already a member of.
Changing File Owner with chown
Only root
can change file owners. Prefix with sudo
if necessary:
# Syntax: sudo chown <user>[:<group>] <file_or_directory>
$ sudo chown jane family_dog.jpg
$ ls -l
-rw-r----- 1 jane wheel 49 Oct 27 14:41 family_dog.jpg
# Change both owner and group in one go:
$ sudo chown aaron:family family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Understanding Permission Bits
The permissions string (-rwxrwxrwx
) breaks down as:
- First character: file type
-
= regular filed
= directoryl
= symbolic link
- Next nine: three triplets for owner, group, and others, each with
r
(read),w
(write), andx
(execute).
Permission Effects
- Files
r
: view contentsw
: modify contentsx
: execute (scripts or binaries)
- Directories
r
: list entries (ls
)w
: create/delete entriesx
: enter directory (cd
)
Modifying Permissions with chmod
Use the symbolic syntax:
chmod [ugoa][+-=][rwx] <file_or_directory>
Reference | Meaning |
---|---|
u | owner (user) |
g | group |
o | others |
a | all (u, g, o) |
+ | add permissions |
- | remove permissions |
= | set exact permissions |
Adding Permissions
Allow the owner to write:
$ ls -l
-r--r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod u+w family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Removing Permissions
Remove the read bit for others:
$ chmod o-r family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Setting Exact Permissions
Grant group read-only:
$ chmod g=r family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod g=rw family_dog.jpg
$ ls -l
-rw-rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Combining References
You can comma-separate multiple adjustments:
$ ls -l
-rw-r--r-- 1 appuser appuser 49 Oct 27 14:41 family.jpg
# Owner read/write, group read, others none
$ chmod u=rw,g=r,o= family.jpg
$ ls -l
-rw-r----- 1 appuser appuser 49 Oct 27 14:41 family.jpg
# Mix add/remove in one command
$ chmod u+rw,g-w family_dog.jpg
Numeric (Octal) Notation
To inspect the octal value, use stat
:
$ stat family_dog.jpg
Access: (0640/-rw-r-----) Uid: ( 1000/aaron) Gid: ( 10/family)
Here owner has rw-
(6), group has r--
(4), others have ---
(0) → mode 640
.
Alternatively, assign values: r=4
, w=2
, x=1
:
rwx
= 4+2+1 = 7r-x
= 4+0+1 = 5r--
= 4+0+0 = 4
Setting Numeric Permissions
$ chmod 755 family_dog.jpg # rwxr-xr-x
$ chmod 640 family_dog.jpg # rw-r-----
Further Reading
Watch Video
Watch video content